Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

Op basis van het verzoek tijdens de 2FA-Requirement meeting van 23-09-2019 een eerste opzet (concept, work-in-progress) van een glossary voor SURFresearch Access Management.

Abbreviation

Full Term

Explanation

2FA

Two-Factor Authentication

A type or subset of multi-factor authentication. It is a method of confirming users' claimed identities by using a combination of two different factors; either something they know, something they have, or something they are.

AAI

Authenticatie & Autorisatie Infrastructuur

Warranting access to an environment only by people that have the right to use it can be achieved by implementing two distinct processes: authentication of users, and enforcement of authorization rules for users.

AARC

Authentication and Authorisation for Research Collaborations

An European initiative launched to address the increased need for federated access and for authentication and authorisation mechanisms by research and e-infrastructures.

ARP

Attribute Release Policy

The release policy decides how attributes are to be released for a given service. Each policy has the ability to apply an optional filter.

ASP

Application Specific Passwords

A unique password that is valid for only one service or application.

AUP

Acceptable Use Policy

An acceptable use policy is a document stating rules, constraints, and practices that a user must agree upon before being allowed to access a service.

BPA

BluePrint Architecture

A (global) definition of an architecture, containing all important concepts, elements, (physical) components, their attributes and their interrelationships, which serves as a framework or industry standard.

CO

Collaborative Organization

Overarching structure or group in which researchers can be enlisted, to receive access to required services.

CoCo

Code of Conduct

See AUP - Acceptable Use Policy

DPA

Data Processing Agreement

A legally binding document to be agreed upon between the data controller and the data processor in writing or in electronic form. It regulates the particularities of data processing – such as its scope and purpose – as well as the relationship between the controller and the processor.

eIDAS

Electronic IDentification Authentication and trust Services

eIDAS is an EU-defined set of standards for electronic identification and trust services for electronic transactions in the European Single Market.

EOSC

European Open Science Cloud

Vision of the European Commission for a large infrastructure to support and develop open science and open innovation in Europe and beyond.

FAIR

Findable, Accessible, Interoperable & Reusable

The FAIR data principles are a set of guiding principles in order to make data findable, accessible, interoperable and reusable. These principles provide guidance for scientific data management and stewardship.

FIM

Federative Identity Management

Having a common set of policies, practices and protocols in place to manage the identity and trust into users and devices across organizations.

HORA

Hoger Onderwijs Referentie Architectuur

A collection of tools and practices for planning the organization of-, and information provision within-, Dutch institutions for Higher Education.

iDIN

iDentificeren & INloggen

Service offered by Dutch banks, enabling consumers to use the authentication methods of their own bank for identification, login, or age verification purposes at other organizations.

IdP

Identity Provider

An Identity Provider is a system entity that creates, maintains, and manages identity information while providing authentication services to relying applications or services within a federation or distributed network.

LDAP

Lightweight Directory Access Protocol

A software protocol for enabling anyone to locate organizations, individuals, and other resources such as files and devices in a network environment.

LoA

Level of Assurance

Description of the degree of confidence in the processes leading up to and including an authentication. It provides assurance that the entity claiming a particular identity, is the entity to which that identity was assigned.

MFA

Multi-Factor Authentication

An authentication method in which a user is granted access only after successfully presenting two or more pieces of evidence (factors) to an authentication mechanism: knowledge, possession, and inherence. Also see 2FA - Two-Factor Authentication

OTAP

Ontwikkel – Test – Acceptatie - Productie

Methodology for phasing the software development process and software development environments.

PI

Principal Investigator

One or more persons who are in charge of a specific research project.

PIA

Privacy Impact Assessment

A tool for identifying and assessing privacy risks throughout the development life cycle of a project. Based on the PIA results, mitigating measures can be taken to prevent or reduce effects for involved stakeholders.

PII

Personally Identifiable Information

Any data that could potentially identify a specific individual. All information that can be used to distinguish one person from another, and can be used for de-anonymizing anonymous data, can be considered PII.

R&S

Research & Scholarship

Entity category for Service Providers that are operated for the purpose of supporting research and scholarship interaction, collaboration or management, at least in part.

RBAC

Role-Based Access Control

A policy-neutral access-control mechanism defined around the concept of roles and privileges. The components of RBAC such as role-permissions, user-role and role-role relationships facilitate user assignments.

RI

Research Infrastructure

Facilities that provide the required resources and services for research communities to conduct research and foster innovation.

SLA

Service Level Agreement

A Service Level Agreement sets out in detail what a Service Provider is required to provide as part of the agreement and the standard that the services they provide must achieve.

SLS

Service Level Specification

A Service Level Specification is part of a Service Level Agreement (SLA), in which the standards required of a service provider are set out. The SLS quantifies the minimum acceptable (technical) standards of service that are required.

SP

Service Provider

A Service Provider is a vendor that provides IT solutions and/or services to end users and organizations.

WAYF

Where Are You From

Type of request which establishes from which Identity Provider (IdP) a user is originating.