|
ACL |
Access Control List |
|
Active Directory |
A Microsoft technology, part of
Active Platform, that enables applications to find, use and manage
directory resources (such as user names, network printers and
permissions) in a distributed computing environment. Active
Directory is a component of Microsoft Windows Open Services
Architecture (WOSA). |
|
AS/1 |
Applicability Statement 1 (AS1)
is Electronic Data Interchange over the Internet (EDIINT)
specification that uses a well-known standard using SMTP to
transport data. |
|
AS/2 |
Applicability Statement 2 (AS2)
is Electronic Data Interchange over the Internet (EDIINT)
specification that uses a well-known standard using HTTP to
transport data. |
|
AS/3 |
Applicability Statement 3 (AS3)
is Electronic Data Interchange over the Internet (EDI-INT)
specification that uses a well-known standard using FTP to
transport data. |
|
Authentication |
Generally follows identification.
The process of establishing that the user is indeed that user and
has a right to use the system. The user supplies or generates
authentication information that corroborates the binding between
the person and the identifier. |
|
Authorisation |
Determining a users access to a
resource |
|
BAM |
Business Activity Monitoring |
|
Basel II |
aka Basel 2, The New Basel
Capital Accord , Basel Committee on Banking Supervision, Basel
Capital Accord, New Basel Capital Accord. Original agreement
concluded among country representatives in 1988 in Switzerland to
develop standardized risk-based Capital requirements for banks
across countries. Being updated for implementation in 2006. |
|
BI |
Business Intelligence |
|
BMS |
Basic Mapping Support. |
|
BPEL |
Business Process Execution
Language. OASIS specification |
|
BPM |
Business Performance Management |
|
BPO |
Business Processing Outsourcing |
|
BPEL |
Business Process Execution
Language. OASIS specification |
|
CDI |
Customer Data Integration is a
shared software & services layer across enterprise business
systems. |
|
CICS |
Customer Information Control
System - An IBM licensed program that provides online transaction
processing services and management for critical business
applications. CICS runs on mainframes, RS/6000 (AIX), AS/400 and
non-IBM platforms such as Windows, Unix & Linux. The CICS
application programming interface (API) enables programmers to
port applications among the hardware and software platforms on
which CICS is available. It controls the interaction between
applications and users and lets programmers develop screen
displays without detailed knowledge of the terminals being used. |
|
COBOL |
Common Business Oriented
Language. Originally developed in the 1950s and 60s by the US
Department of Defense and computer manufacturers, COBOL is a
computer language for business data processing - often on mini
& mainframes. It remains a widely used programming language. |
|
Compliance |
Enterprises must comply with a
raft of regulations that include: see
compliance |
|
CRM |
Customer Relationship Management
or Customer Retention Management or Customer Resource Management |
|
CTG |
CICS Transaction Gateway |
|
CWS |
CICS Web Support |
|
DBMS |
Data Base Management System |
|
Digital Signature |
Electronic signature to guarantee
data integrity. Often linked to the identity of the signer with a
security token such as X.509 digital certificate to ensure
non-repudiation. |
|
EAI |
Enterprise Application
Integration |
|
EAM |
Enterprise Access Management.
Provides a single, unified framework that enables an organization
to manage external users’ access. |
|
EASI |
Enterprise Application Security
Integration |
|
Eclipse |
Eclipse is defined as an
"open universal platform for tools integration." |
|
EDI |
Electronic Data Interchange |
|
EDIINT |
Electronic Data Interchange over
the Internet |
|
EFT |
Enhanced File Transfer - often
used to refer to the added features and value provided in Secure
and Managed File Transfer solutions such as CyberFusion and SIFT. |
|
EII |
Enterprise Information
Integration |
|
EJB |
Enterprise JavaBeans (EJBs) is a
Java API from Sun Microsystems that defines a component
architecture for multi-tier client/server systems. EJB systems are
written in Java and are therefore platform independent. Being
object oriented, they can be implemented into existing systems
with little or no recompiling and configuring. |
|
Encryption |
Prevents any non-authorized party
from reading or changing data. The level of protection provided by
encryption is determined by an encryption algorithm. Recognised
algorithms include DES, Triple-DES, AES (Rijndael), Blowfish and
Blowfish Long. |
|
ERP |
Enterprise Resource Planning |
|
ESS |
Employee Self Service |
|
ETL |
Extract Transform Load |
|
ETML |
Extract Transform Move Load |
|
EUA |
Enterprise User Administration -
abbreviation. Another term for aspects of Identity Management. |
|
FTP |
File Transfer Protocol is a
common way to move files between computers over the Internet.
Anonymous FTP gives users access (without an ID and password) to
areas on a remote system that contain public files. |
|
FTP/S (FTPS) |
Secure File Transfer Protocol.
File transfer Protocol secured with SSL |
|
GCOS |
General Comprehensive Operating
System - used by Bull and originally developed by General
Electric. |
|
GLBA |
Gramm-Leach-Bliley Act - also
known as the Financial Services Modernization Act of 1999. Signed
into US law in 1999, GLBA provides limited privacy protections
against the sale of private financial information. |
|
HIPAA |
Health Insurance Portability and
Accountability Act (1996) - Wide-reaching US law designed to
protect the privacy of health information. It governs the
acquisition, storage, use, and disclosure of health records. |
|
HTML |
Hyper Text Markup Language. The
language of the internet. |
|
HTTP |
(HyperText Transfer Protocol) -
The protocol for moving hypertext files across the Internet |
|
HTTP/S (HTTPS) |
Hyper-Text Transfer Protocol with
SSL Encryption |
|
IdM |
Identity Management -
abbreviation |
|
IAM |
Identity & Access Management
- abbreviation |
|
Identification |
The user claims an identity,
usually by supplying a user ID or user name to the security
system. |
|
Identity Grid |
A coordinated network of services
for accessing, transporting, sharing and managing identity data
across and between organizations and applications. |
|
Identity Management |
is a general term and encompasses
technologies including password management (synchronisation and
self reset), user provisioning and access management. Enables and
maintains user access to network resources. This includes the
creation of the user entity (functionality typically found in a
human resource applications), authorization and permissions (SSO
and password management functionality), and a single point of
administration for de/provisioning accounts (as in provisioning). |
|
IMS |
Information Management System.
IMS was developed in 1969 by IBM to manage data for NASA and later
made commercially available as a DBMS. IMS supports the
hierarchical data model and is a joint hierarchical database and
information management system. IMS Connect runs on IBM mainframes
and through which IMS Connector for Java communicates with IMS.
IMS Connect uses OTMA to communicate with IMS. |
|
ISO 27001 |
aka ISO 27001 previously ISO17799 ISO 17799, BS7799, BS 7799. A
comprehensive set of controls comprising best practices in
information security. It is an internationally recognized
information security standard comprised of ten prime sections: 1)
Business Continuity Management (BCM), 2) System Access Control, 3)
System Development and Maintenance, 4) Physical and Environmental
Security, 5) Compliance, 6) Personnel Security, 7) Security
Organization, 8) Computer & Operations Management, 9) Asset
Classification and Control, 10) Security Policy. BS7799-1 covers
best practice and guidelines for managing security and sets the
basis for ISO17799. BS7799-2 is the standard against which
organisations are tested for compliance. A new category 27000 will
replace these. 27001 will be based on BS7799-2. 27002 will
incorporate BS7799-1. 27004 will cover metrics & measurement. |
|
ISO10181-3 |
aka ISO 10181-3. Access Control
Framework. The framework defines four roles for components
participating in an access request: Initiators, Targets, Access
Control Enforcement Functions (AEFs), Access Control Decision
Functions (ADFs) |
|
J2EE |
Java 2 Enterprise Edition |
|
J2ME |
Java 2 Micro Edition |
|
J2SE |
Java 2 Standard Edition |
|
Jboss |
is an open source Java based
application server. |
|
Kerberos |
Kerberos is a network
authentication protocol which utilizes symmetric cryptography to
provide authentication for client-server applications. |
|
LDAP |
Lightweight Directory Access
Protocol |
|
LDIF |
LDAP Directory Interchange Format |
|
Liberty Alliance |
Consortium working towards
federated XML-based identity infrastructure |
|
MFT |
Managed File Transfer provides
much more than file transfer such as scheduling, checkpoint
restart, audit, security and post processing. |
|
MetaDirectory |
A centralized service that stores
and integrates identity information from multiple directories in
an organization providing a unified view. A metadirectory solves
important business issues that result from having information
stored in multiple, disparate data repositories throughout an
organization. |
| MiFID |
MFID, Markets in Financial
Instruments Directive, |
|
MFS |
Message Format Service is a
method of organizing files on a volume in a "flat" or
non-hierarchical structure |
|
MS Passport |
Microsoft single sign-on
initiative |
|
MTAs |
Message Transfer Agents in the
NHS/NHSnet Messaging Service |
|
NDM |
Network Data Mover, Network
DataMover now known as CONNECT:Direct |
|
OASIS |
Organization for the Advancement
of Structured Information Standards |
|
OID |
Oracle Internet Directory |
|
OTMA |
Open Transaction Manager Access |
|
Password Synchronisation |
Password Synchronisation
propagates changes (synchronises) all passwords to the same value
across multiple platforms and applications. |
|
Provisioning |
Is a general term usually meaning
the ability to control users - including adding users, revoking,
resuming and deleting. Access control and definition by roles and
rules together with the ability to use templates and bulk creation
are all part of a good provisioning tool. |
|
RADIUS |
Remote Authentication Dial-in
User Service |
|
RBAC |
Role Based Access Control. Also
Rule Based Access Control |
|
ROI |
Return on Investment |
|
SAML |
Security Assertion Markup
Language - an OASIS standard |
|
Secure FTP |
Secure File Transfer Protocol
based on open standards and SSH. Does not have enhanced
management. aka SFTP or S/FTP. |
|
Secure SSH |
Secure Shell. Secure file
transfer based on open standards. Does not have enhanced
management. |
|
Self-Learning |
First application login when user
first enters user name and password. |
|
Self-Service Password Reset |
Identity verification questions
and answers mechanisms as in challenge-response identity
verification. The management of a single password reduces the
likelihood of discovery thus improving security. |
|
SFTP |
Secure FTP using SSH (secure
Shell) for security |
|
Single Sign-On |
A single action of user
authentication and authorization permits a user to access all
computers and systems where he has access permission, without the
need to enter multiple passwords aka sso, single signon, single
logon. |
|
SOA |
Services Oriented Architecture -
using Web Services |
|
SOE |
Service Orientated Enterprise |
|
SOAP |
Simple Object Access Protocol -
is used to envelop the XML data sent to a Web Service and is a
lightweight protocol for exchange of information in a
decentralized, distributed environment. It is an XML based
protocol that consists of three parts: an envelope that defines a
framework for describing what is in a message and how to process
it, a set of encoding rules for expressing instances of
application-defined datatypes, and a convention for representing
remote procedure calls and responses. |
|
SOX |
Sarbanes-Oxley Act. see
compliance |
|
SSH |
Shell file transfer based on open
standards. Does not have enhanced management. Versions include
SSH1 and SSH2 |
|
SSL |
Secure Sockets Layer. Session
based encryption |
|
Struts |
Jakarta Struts is an open-source
framework for developing J2EE web applications. |
|
TCP/IP (TCPIP) |
Transmission Control
Protocol/Internet Protocol, suite of communications protocols used
to connect hosts on the Internet. |
|
TLS |
Transport Layer Security. Session
based encryption |
|
TN3270 |
3270, TN 3270 - IBM class of
terminals |
|
TN5250 |
5250, TN 5250 - IBM class of
terminals |
|
UDDI |
Universal Description, Discovery
and integration. Defines a way to publish and discover information
about Web Services in a directory. |
|
UTS |
Unicode Technical Standard or
Universal Transport System or Update TimeStamp |
|
VPN |
Virtual Private Network |
|
W3C |
WorldWide Web Consortium |
|
WAS |
|
|
Web Services |
Enable applications to talk to
each other using XML as a common language |
|
WLI |
WebLogic Integration, Web Logic
Integrator |
|
Workflow |
The management of tasks and steps
that may be automated or taken by individuals in business
processes. The workflow specifies what tasks need to be done, in
what order (sometimes linearly and sometimes in parallel), and who
has permission to perform each task. |
|
WOSA |
Windows Open Services
Architecture |
|
WS-Choreography |
Describes messaging and other
interactions for Web Services |
|
WSDL |
Web Services Description Language
is an XML format for describing network services as a set of
endpoints operating on messages containing either
document-oriented or procedure-oriented information. |
|
XACML |
OASIS eXtensible Access Control
Markup Language |
|
XML |
Extensible Markup Language is a
W3C initiative that allows information and services to be encoded
with meaningful structure and semantics that computers and humans
can understand. XML is ideal for information exchange, and can
easily be extended to include user-specified and
industry-specified tags. |
|
XrML |
EXtensible rights Markup Language |
Products
 |
|
Applied
Expert Systems (AES Clever range)
|
Network
Performance/Availability (AES)
CLEVER TCP/IP
helps performance analysts, operations personnel, network system
programmers, and capacity planners effectively monitor
performance, and plan for the future. Its superior performance
monitoring makes it the ultimate choice for large IBM®-hosted
data centres undergoing wide scale SNA-TCP/IP migration over to
EE, TN3270, FTP, WebSphere, and/or other integral TCP-based
Business Services.
Network Route
Performance (AES)
CLEVER eRoute expedites
enterprise-wide IP route performance management and Service Level
control, providing a systemic approach to the organization and
analysis of route and segment data. Networks are the very
foundation of your critical business services, and are of
paramount importance to revenue generation. With a multiplicity of
interconnected routers and mid-tier services, the intricacies of
such issues as route discovery, route congestion, re-routing, and
broadcasting challenge the effective management of your
enterprise.
Web Site
Performance (AES)
CLEVER Web helps preserve
your corporate image and protect your revenue stream by minimizing
costly Web site outages, providing real-time performance awareness
data and historical reports for capacity planning. Your Web sites
are investments vital to the backbone of your business processes,
mandating the highest standards of quality and performance. When
your Web sites are unavailable or perform poorly during peak
hours, you lose customers, revenue, and potential repeat business.
Network
Problem Diagnosis (AES)
CLEVER cTrace restores
the value of the IP component trace as an essential diagnostic
tool, making inroads into TCP/IP network problem solving by
accelerating resolution and providing an unsurpassed z/OS-based
utility for network technicians. Your business needs to manage its
TCP/IP networks and other vital IT services in accordance with
your business objectives in order to leverage the full value of
your technology investments. Those investments include your
resources dedicated to resolving network problems quickly. TCP/IP
component traces are notoriously cumbersome, time consuming, and
difficult to read.
|
 |
|
Eurekify
|
Role-Based
User Management from Eurekify
Sage has been developed
to provide automated discovery and management of job roles for
User Administration & Provisioning and significantly reduce
the cost of implementation of an EUA solution from leading
vendors.
|
 |
|
Geneous Software AG
Identity Management and User Provisioning
- Account Geneous
Single
Sign-On Module - Account Geneous-SSO
Password Management modules
- Password Geneous-Sync / Password Geneous-Reset
|
ACCOUNT
GENEOUS : Identity Management from Geneous Software
Account Geneous enables the enterprise to provision and manage
user accounts and id’s with efficiency and enhanced security.
Without the difficult and costly implementation associated with
products from other leading vendors. Includes Single sign-on (SSO),
password management and workflow modules.
|
 |
|
Pro:Atria
|
SFTPPlus
is
provided as a fully supported server and/or client for
enterprises who wish to use the security of SSH with open
standards together with additional audit and automation for
enterprise file transfers. Transfers may be made to/from
internal as well as third party external SFTP servers with NO
requirement for additional software at the server side. SFTPPlus
for servers enables both sides to have the same audit and
control - if preferred.
|
 |
|
Proginet Corporation
|
|
Proginet
™ Security Solutions - Secure Data Transfers software for the
Enterprise
CyberFusion Integration Suite
(CFI)™: for Secure file Transfer is a complete suite of
enhanced file transfer management to help ensure compliance, security,
control and integration. The CFI 'Platform Server'
(multi-platform peer-to-peer file transfer) and 'Internet Server' (e.g.
B2B secure internet file transfer) may be implemented ‘stand alone’ or
together to meet corporate requirements and the optional Command Center
module can provide a central point of control and audit.
CFI Platform Server:Secure
& Managed File Transfer
software in the enterprise across LAN, WAN & the internet
offering encryption & security, reliability & guaranteed
delivery, management & automation, audit & control. Cost
saving migration from competitor products (such as XCOM, NDM,
CONNECT:Direct) is supported.
CFI Internet Server:
Secure Internet File Transfer software
enables data to be securely transferred via the internet with
easily downloadable Java based browser application. Ideal for
secure transfer of data between business partners. Information
security via SSL & HTTPS (HTTP/S) as well as options for
FTP/S, (FTPS, SFTP, Secure FTP), ensures that data is moved
securely through the firewall & the DMZ.
CFI Command Center:
Centralised control of all data
movement module, the Command Center provides a single point of
control to manage all enterprise file transfer, inside and outside
the enterprise, and across platforms. The Command Center's Web-based
interface provides a single view of all file transfer activity,
bringing together features and functions including server
management, user profiles, alerts, status reports, and audit
logs.
Security
Solutions - Password Management software for the Enterprise
SECURPASS:SYNC ®:
Password Synchronisation software across multiple
platforms & applications to enhance security & save
helpdesk costs. The same password is used for access to all
platforms & all applications using best security policies
& password changes are automatically propagated. Users may
also be quickly revoked, resumed & deleted from a single point
thus improving security.
SECURPASS:RESET ®:
Password Reset software - user self-reset of passwords
to enhance security & save help desk calls. Users can reset
their passwords without helpdesk intervention in multi or
single-platform environments. Resets are enabled via a
browser-based self-help utility.
Other Products
Security
Solutions - Identity Management, EUA and provisioning solutions
|
 |
|
SCORT
Linking
legacy to eBusiness - Mainframe Integrator (SCORT)
Create
Web Interfaces - Enterprise Studio (SCORT)
Generate
Java Components - Data Mapper (SCORT)
|
SCORT is a software
company specialised in the integration of the Mainframe (3270, 5250,
VT etc) with new J2EE architectures to create SOA and web services
for the enterprise of today. |
Compliance
Global regulations and standards
include:
International Financial Reporting Standards (IFRS)
ISO27001 (ISO 27001) - previously BS7799-2:2002 (BS 7799) Information
Security Management System. Also global standard ISO17799 (ISO
17799)
ISO10181 (ISO 10181) Authentication
and Access Control.
ISO15489 (ISO 15489) Records
Management
expected: ISO Legal Codes of Practice
for the Management of Fixed Content Data
BIP0008 - Code of Practice for Legal
Admissibility of Information Stored Electronically
UK - regulations and standards
include:
Data Protection Act 1998
Freedom of Information Act 2000
(aka FOI or FOIA)
Financial Services & Markets Act 2000
Electronic Communications Act 2000
ISO27001 (ISO 27001) - previously BS7799-2:2002 (BS 7799) Information
Security Management System. Also global standard ISO17799 (ISO
17799)
BS10181 (BS 10181) Authentication and
Access Control. Also global standard ISO10181 (ISO 10181)
Enterprise Act 2002
EU - regulations and standards include:
The Privacy and Electronic
Communications (EC Directive) Regulations 2003 (e-Privacy
Directive)
Basel II Capital Accord
Human Rights Act 1998
Electronic Signature Directive
EDI Directive
e-Commerce Directive
MoReq - Model Requirements for the
Management of Electronic Records
Markets in Financial Instruments
Directive (MiFID)
US - regulations and standards include:
SB 1386 - (SB1386) California legislation , signed into law
in September 2002, requires all institutions and organizations
that collect certain personal information to protect it against
possible "identity theft." In addition, if an incident occurs
that involves the compromise of personal information, the
individuals whose personal information may have been compromised
must be notified; and, the designated campus authority must
notify the Office of the President. IS-3 subsection IV.D
describes the requirements that must be met in order to be
compliant with law and UC policy. Required protections and
notification procedures are to be in place by July 1, 2003.
HIPAA - Health Insurance Portability
and Accountability Act 1996
HL7 is a standard for the healthcare
industry.
Sarbanes-Oxley Act aka SOX Act.
Officially titled the “Public Company Accounting Reform and
Investor Protection Act of 2002”, signed into law on 30 July 2002
PATRIOT Act aka USAPA is The official
title is "Uniting and Strengthening America by Providing
Appropriate Tools Required to Intercept and Obstruct Terrorism
(USA PATRIOT) Act of 2001."
SEC & NASDAQ regulations - including
SEC 17a-3, the requirement to make records, and SEC 17a-4, the
requirement to keep records are most relevant. Specific rules
surrounding retention, non-rewriteable storage, and ease of
retrieval and viewing are highlighted by 17a-4. NASD 3010 and 3110
refer to and inherit the same requirements of 17a-3 and 17a-4 as
applied to the NASD, demanding the creation of policies and
retention of reviewable customer records and transaction data.
Gramm-Leach-Bliley Act aka GLB.
Officially titled the “Financial Services Modernization Act of
1999” repealed the Glass-Steagall Act opening up competition among
banks, securities companies and insurance companies.
Canada - regulations and standards
include:
Personal Information Protection and Electronic
Documents Act (PIPEDA) 2000 - An Act
to support and promote electronic commerce by protecting
personal information that is collected, used or disclosed in
certain circumstances, by providing for the use of electronic
means to communicate or record information or transactions and
by amending the Canada Evidence Act, the Statutory Instruments
Act and the Statute Revision Act.
|
|
|
|
Completing the
jigsaw
with solutions from:
|
 |
|
|
|
|
