Browse Definitions :

Authentication, access control

Terms related to authentication, including security definitions about passwords and words and phrases about proving identity.

1PA - MOD

  • 1Password - 1Password is a password management application that stores sensitive information, including user passwords and software licenses, in an encrypted chain.
  • access governance (AG) - Access governance (AG) is an aspect of information technology (IT) security management that seeks to reduce the risks associated with excessive access rights, inactive users and orphan accounts.
  • Active Directory Federation Services (AD FS) - Active Directory Federation Services (AD FS) is a feature of the Windows Server operating system (OS) that extends end users' single sign-on (SSO) access to applications and systems outside the corporate firewall.
  • Active Directory functional levels - Active Directory functional levels are controls that specify which advanced Active Directory domain features can be used in an enterprise domain.
  • active man-in-the-middle attack (MitM) - Active man-in-the-middle (MitM) is an attack method that allows an intruder to access sensitive information by intercepting and altering communications between the user of a public network and a requested website.
  • authentication - Authentication is the process of determining whether someone or something is, in fact, who or what it declares itself to be.
  • authentication factor - An authentication factor is a category of credential used for identity verification.
  • authentication server - An authentication server is an application that facilitates authentication of an entity that attempts to access a network.
  • authentication ticket or ticket-granting ticket (TGT) - An authentication ticket, also known as a ticket-granting ticket (TGT), is a small amount of encrypted data that is issued by a server in the Kerberos authentication model to begin the authentication process.
  • authentication, authorization, and accounting (AAA) - Authentication, authorization, and accounting (AAA) is a framework for intelligently controlling access to computer resources, enforcing policies, auditing usage, and providing the information necessary to bill for services.
  • Automatic Identification and Data Capture (AIDC) - Automatic Identification and Data Capture (AIDC) is a broad set of technologies used to collect information from an object, image or sound without manual data entry.
  • behavioral biometrics - Behavioral biometrics are based on human activity such as typing patterns.
  • bimodal IAM (bimodal identity access management) - Bimodal identity and access management (IAM) uses two forms of credentials, internal and external, as a method of authentication.
  • biometric authentication - Biometric authentication is a security process that relies on the unique biological characteristics of an individual to verify that he is who is says he is.
  • biometric verification - Biometric verification is any means by which a person can be uniquely identified by evaluating one or more distinguishing biological traits.
  • Bring Your Own Authentication (BYOA) - Bring Your Own Authentication (BYOA) is a computing concept in which employee-owned devices are used as authentication credentials within the enterprise.
  • BYOI (bring your own identity) - BYOI (bring your own identity) is an approach to digital authentication in which an end user's username and password is managed by a third party such as Facebook, Twitter, LinkedIn, Google+ or Amazon.
  • CA Privileged Access Manager - CA Privileged Access Manager is a product, available as a rack-mounted hardware appliance or a virtual appliance, that tracks and secures the usage of logins involving access to administrative control or sensitive information.
  • capacitive scanner - A capacitive scanner is a fingerscanning device that uses an array of capacitive proximity sensors, along with a microcomputer and associated electronic signal processing circuits, to create and store a digital image of a human fingerprint.
  • card dipping (EMV card dipping) - Dipping can be contrasted with swiping.
  • channel partner portal - A channel partner portal is a web-based application that provides a vendor's established partners (usually distributors, resellers, service providers or other strategic partners) with access to deal registration, marketing resources, pricing and sales information for products and services, as well as technical details and support that are unavailable to other end users.
  • claims-based identity - Claims-based identity is a means of authenticating an end user, application or device to another system in a way that abstracts the entity's specific information while providing data that authorizes it for appropriate and relevant interactions.
  • CloudAV - CloudAV is a program that combines multiple antivirus applications and scans user files over a network of servers.
  • common access card (CAC) - A common access card (CAC) is a Unites States Department of Defense (DoD) smart card for multifactor authentication.
  • connection broker - In desktop virtualization, a connection broker is a software program that allows the end-user to connect to an available desktop.
  • continuous authentication - Continuous authentication is a method of verification aimed at providing identity confirmation and cybersecurity protection on an ongoing basis.
  • credential stuffing - Credential stuffing is the practice of using stolen login information from one account to gain access to accounts on a number of sites through automated login.
  • credential theft - Credential theft is a type of cybercrime that involves stealing the proof of identity of the victim, which can be either an individual or a business.
  • cryptogram - A cryptogram is a word puzzle featuring encrypted text that the user decrypts to reveal a message of some sort.
  • Data Security Council of India (DSCI) - The Data Security Council of India (DSCI) is a not-for-profit organization created to promote the country as a secure destination for information technology (IT) outsourcing.
  • deprovisioning - Deprovisioning is the process of removing access to a system from an end user who will no longer be utilizing that system.
  • digest authentication - Digest authentication is a method of authentication in which a request from a potential user is received by a network server and then sent to a domain controller.
  • digital identity - A digital identity is the body of information about an individual, organization or electronic device that exists online.
  • disposable email - What is a disposable email?Disposable email is a service that allows a registered user to receive email at a temporary address that expires after a certain time period elapses.
  • Duo Security - Duo Security is a vendor of cloud-based two-factor authentication products.
  • e-signature - An e-signature (electronic signature) is a digital version of a traditional pen and ink signature.
  • EMV card - An EMV card is a credit or debit card with an embedded computer chip and associated technology designed to enable secure payment at compatible point of sale (POS) terminals; EMV stands for Europay, Mastercard and Visa, the three companies responsible for the standard.
  • encryption key management - Encryption key management is the administration of tasks involved with protecting, storing, backing up and organizing encryption keys.
  • endpoint authentication (device authentication) - Endpoint authentication is a security mechanism designed to ensure that only authorized devices can connect to a given network, site or service.
  • endpoint fingerprinting - Endpoint fingerprinting is a feature of enterprise network access control (NAC) products that enables discovery, classification and monitoring of connected devices, including non-traditional network endpoints such as smartcard readers, HVAC systems, medical equipment and IP-enabled door locks.
  • enhanced driver's license (EDL) - An enhanced driver's license (EDL) is a government-issued permit that, in addition to the standard features of a driver's license, includes an RFID tag that allows officials to pull up the owner's biographical and biometric data.
  • Enterprise Identity Mapping (EIM) - Enterprise Identity Mapping (EIM) is an open architecture from IBM for helping an enterprise manage the multiple user registries and identities that enable a computer user to access multiple applications with a single sign-on.
  • EV SSL certificate (Extended Validation SSL certificate) - An EV SSL certificate (Extended Validation SSL certificate) is a digital identity authentication solution used by HTTPS websites to provide the highest level of security by verifying the identity of a website owner or operator.
  • Extensible Authentication Protocol (EAP) - The Extensible Authentication Protocol (EAP) is a protocol for wireless networks that expands on authentication methods used by the Point-to-Point Protocol (PPP), a protocol often used when connecting a computer to the Internet.
  • facial recognition - Facial recognition is a category of biometric software that maps an individual's facial features mathematically and stores the data as a faceprint.
  • federated identity management - Federated identity management (FIM) is an arrangement that can be made between multiple enterprises to let subscribers use the same identification data to obtain access to the networks of all the enterprises in the group.
  • FIDO (Fast Identity Online) - FIDO (Fast ID Online) is a set of technology-agnostic security specifications for strong authentication.
  • finger vein ID - Finger vein ID is a biometric authentication system that matches the vascular pattern in an individual's finger to previously obtained data.
  • Firesheep - Firesheep is a Firefox plug-in that automates session hijacking attacks over unsecured Wi-Fi networks.
  • four-factor authentication (4FA) - Four-factor authentication (4FA) is the use of four types of identity-confirming credentials, typically categorized as knowledge, possession, inherence and location factors.
  • fraud detection - Fraud detection is a set of activities undertaken to prevent money or property from being obtained through false pretenses.
  • full-disk encryption (FDE) - What is full-disk encryption (FDE)?Full-disk encryption (FDE) is encryption at the hardware level.
  • Google Authenticator - Google Authenticator is a security application used to verify user identities before granting access to websites and services.
  • graphical password or graphical user authentication (GUA) - A graphical password is an authentication system that works by having the user select from images, in a specific order, presented in a graphical user interface (GUI).
  • grid authentication - Grid authentication is a method of ensuring that an end user is who he claims to be by requiring him to enter values from specific cells in a grid whose content should be only accessible to him and the service provider.
  • gummy bear hack - A gummy bear hack is an attempt to fool a biometric fingerprint scanner by using a gelatin-based candy to hold a fingerprint.
  • hackerazzi - Hackerazzi are cybercriminals who hack into the email accounts of celebrities to access and exploit their private information.
  • hardware security module (HSM) - A hardware security module (HSM) is a physical device that provides extra security for sensitive data.
  • Hash-based Message Authentication Code (HMAC) - Hash-based Message Authentication Code (HMAC) is a message authentication code that uses a cryptographic key in conjunction with a hash function.
  • HAVA (Help America Vote Act of 2002) - The Help America Vote Act of 2002 (HAVA)is a federal program that reformed aspects of the United States election system.
  • Honey Encryption - Honey Encryption is a security tool that makes it difficult for an attacker who is carrying out a brute force attack to know if he has correctly guessed a password or encryption key.
  • identity and access management (IAM) - Identity and access management (IAM) is a framework of business processes, policies and technologies that facilitates the management of electronic or digital identities.
  • identity as a Service (IDaaS) - Identity as a Service (IDaaS) is an authentication infrastructure that is built, hosted and managed by a third-party service provider.
  • identity chaos (password chaos) - Identity chaos (sometimes called password chaos) is a situation in which users have multiple identities and passwords across a variety of networks, applications, computers and/or computing devices.
  • identity management (ID management) - Identity management (ID management) is the organizational process for identifying, authenticating and authorizing individuals or groups of people to have access to applications, systems or networks by associating user rights and restrictions with established identities.
  • identity provider - An identity provider is a system component that is able to provide an end user or internet-connected device with a single set of login credentials that will ensure the entity is who or what it says it is across multiple platforms, applications and networks.
  • identity theft - Identity theft, also known as identity fraud, is a crime in which an imposter obtains key pieces of personally identifiable information, such as Social Security or driver's license numbers, in order to impersonate someone else.
  • image replay attack - An image replay attack is the use of a picture to fool an authentication method.
  • inherence factor - The inherence factor, in a security context, is a category of user authentication credentials consisting of elements that are integral to the individual in question, in the form of biometric data.
  • initialization vector (IV) - An initialization vector (IV) is an arbitrary number that can be used along with a secret key for data encryption.
  • integrated access management (IAM) - Integrated access management (IAM) is a combination of business processes, policies and technologies that allows organizations to provide secure access to confidential data.
  • intelligent video - Intelligent video is digital video technology integrated with analytical software.
  • invocation ID - An invocation ID is an ID number that identifies databases within Active Directory and changes as AD is in a restore process.
  • iris recognition - Iris recognition is a method of identifying people based on unique patterns within the ring-shaped region surrounding the pupil of the eye.
  • ISO/IEC 38500 - ISO/IEC 38500 is an international standard created to guide corporate governance of information technology (IT).
  • Java Authentication and Authorization Service (JAAS) - The Java Authentication and Authorization Service (JAAS) is a set of application program interfaces (APIs) that can determine the identity of a user or computer attempting to run Java code, and ensure that the entity has the privilege or permission to execute the functions requested.
  • John the Ripper - John the Ripper is a popular free password cracking tool that combines several different cracking programs and runs in both brute force and dictionary attack modes.
  • Just Enough Administration (JEA) - Just Enough Administration (JEA) is a PowerShell toolkit designed to help an organization reduce risk by restricting IT administrative rights.
  • key-value pair (KVP) - A key-value pair (KVP) is a set of two linked data items: a key, which is a unique identifier for some item of data, and the value, which is either the data that is identified or a pointer to the location of that data.
  • keystroke dynamics - Keystroke dynamics are the patterns of rhythm and timing created when a person types.
  • keystroke ID (keystroke identification) - The use of an individual's distinctive typing dynamics can be used as a non-intrusive and reliable form of biometric authentication.
  • knowledge factor - The knowledge factor, in a security context, is a category of authentication credentials consisting of information that the user possesses, such as a personal identification number (PIN), a user name, a password or the answer to a secret question.
  • LEAP (Lightweight Extensible Authentication Protocol) - LEAP (Lightweight Extensible Authentication Protocol) is a Cisco-proprietary version of EAP, the authentication protocol used in wireless networks and Point-to-Point connections.
  • machine authentication - Machine authentication is the authorization of an automated human-to-machine or machine-to-machine (M2M) communication through verification of a digital certificate or digital credentials.
  • man-in-the-disk (MITD) attack - Man-in-the-disk (MITD) is an attack vector that allows an intruder to intercept and potentially alter data as it moves between Android external storage and an installed app.
  • managed file transfer (MFT) - Managed file transfer (MFT) is a type of software used to provide secure internal, external and ad-hoc data transfers through a network.
  • mandatory access control (MAC) - Mandatory access control (MAC) is a system-controlled policy restricting access to resource objects (such as data files, devices, systems, etc.
  • Massachusetts data protection law - What is the Massachusetts data protection law?The Massachusetts data protection law is legislation that stipulates security requirements for organizations that handle the private data of residents.
  • message authentication code (MAC) - A message authentication code (MAC) is a cryptographic checksum on data that uses a session key to detect both accidental and intentional modifications of the data.
  • micropayment - A micropayment is an e-commerce transaction involving a very small sum of money in exchange for something made available online, such as an application download, a service or Web-based content.
  • Microsoft Group Policy administrative template - A Microsoft Group Policy administrative template is a file that supports the implementation of Microsoft Windows Group Policy and centralized user and machine management in Active Directory environments.
  • Microsoft Network Access Protection (NAP) - Network access protection (NAP), introduced with Windows Server 2008, is Microsoft’s approach to controlling access to a network based on a determination of each device’s health.
  • Microsoft Network Device Enrollment Service (NDES) - Microsoft Network Device Enrollment Service (NDES) is a security feature in Windows Server 2008 R2 and later Windows Server operating versions.
  • Microsoft Windows Azure Active Directory (Windows Azure AD) - Microsoft Windows Azure Active Directory is a scalable and highly available service that is based in the cloud.
  • Microsoft Windows Hello - Microsoft Windows Hello is a Windows 10 authentication feature that allows users to access compatible hardware devices without a password.
  • mimikatz - Mimikatz is an open source malware program used by hackers and penetration testers to gather credentials on Windows computers.
  • mobile authentication - Mobile authentication is the verification of a user’s identity through the use a mobile device and one or more authentication methods for secure access.

-ADS BY GOOGLE

SearchCompliance

  • risk management

    Risk management is the process of identifying, assessing and controlling threats to an organization's capital and earnings.

  • compliance as a service (CaaS)

    Compliance as a Service (CaaS) is a cloud service service level agreement (SLA) that specified how a managed service provider (...

  • data protection impact assessment (DPIA)

    A data protection impact assessment (DPIA) is a process designed to help organizations determine how data processing systems, ...

SearchSecurity

  • Port Scan

    A port scan is a series of messages sent by someone attempting to break into a computer to learn which computer network services ...

  • DMZ (networking)

    In computer networks, a DMZ (demilitarized zone), also sometimes known as a perimeter network or a screened subnetwork, is a ...

  • quantum supremacy

    Quantum supremacy is the experimental demonstration of a quantum computer's dominance and advantage over classic computers by ...

SearchHealthIT

SearchDisasterRecovery

  • business continuity plan (BCP)

    A business continuity plan (BCP) is a document that consists of the critical information an organization needs to continue ...

  • disaster recovery team

    A disaster recovery team is a group of individuals focused on planning, implementing, maintaining, auditing and testing an ...

  • cloud insurance

    Cloud insurance is any type of financial or data protection obtained by a cloud service provider. 

SearchStorage

Close