Security Management
| Term | Definition |
|---|---|
| AAI | An abbreviation of "authentication and authorisation infrastructure", AAI refers to the technical mechanisms used to verify and manage users' access to computer systems. See also: Access Control; Authentication; Authorisation. |
| Access Control | The technical mechanism for controlling a known (authenticated) user’s access to a system and its underlying assets such as data. Access control is also referred to as authorisation (and shorthanded as “AuthZ” to distinguish it from authentication), as it determines what the user is authorised to do. See also: AAI; Authentication; Authorisation. |
| Authentication | The technical mechanism by which a computer user proves that they are who they say they are. Authentication is often shorthanded as “AuthN” to distinguish it from authorisation. Example: The combination of a username and a password is a method of authentication. See also: AAI; Access Control; Authorisation. |
| Authentication Application | A software system that verifies and validates the identities of users or entities accessing a system through authentication. See also: Authentication. |
| Authentication Token | A piece of data used to authenticate the identity of a user or application to a computer system. Authentication tokens are often generated by authentication applications, and possession of a given token is evidence that the owner has successfully authenticated themselves to the system in question. See also: Authentication; Authentication Application. |
| Compliance Checking | Related to: Compliance 🔗. |
| Controls | In computer security management, measures, safeguards or mechanisms implemented to manage or mitigate risks and ensure the integrity, confidentiality, availability, and reliability of systems, processes, or data. |
| Egress/Ingress Control | The implementation of measures or controls to control and monitor the movement of data into and out of the TRE, to prevent sensitive data from leaving the TRE. Often known as output/input checking, or in the case of egress, disclosure control. See also: Disclosure Control. |
| Firewall | A security device—either hardware, software, or a combination of both—that monitors and controls incoming and outgoing network traffic based on predetermined security rules. Its primary purpose is to establish a barrier between a trusted, secure internal network and untrusted external networks, like the internet, to protect against unauthorized access, cyberattacks, and other potential threats. See also: Firewall 🔗. |
| Identity and Access Management Services | See: Identity Management 🔗. |
| Identity Verification | The process of confirming or authenticating the identity of individuals or entities, often through the verification of personal information, credentials, or biometric data. |
| Malware Scanning Application | A software application or tool that scans and detects malicious software or malware on computer systems or networks, aiming to prevent security breaches or infections. |