Glossary
A3 and AB
Two cryptographic algorithms used in GSM cellular telephony and typically implemented in GSM SIM smart cards.
AA
Active Authentication
AAL
ATM Adaptation Layers. The interface between services, such as voice, and the internal ATM switching protocol.
ABA
American Bankers Association.
ABS - Acrylonitrile Butadiene Styrene
Plastic material used in the production of some card bodies formed through injection moulding.
AC
Access Condition. An attribute in a file header that allows or denies execution of certain commands based on certain security conditions such as authentication of the entity attempting to execute the command.
Access Card
A machine readable card used to achieve physical or logical access.
Access Control
Access to facilities can be controlled by chip cards which can carry a digital certificate to verify cardholder to network authorising user.
ACE
Advanced Card Education
ACH
Automated Clearinghouse (ACH) is an automated system for exchanging electronic funds drawn against one another.
ACL
Access control lists.
Active Attack
An attack which results in an unauthorized state change, such as the manipulation of files, or the adding of unauthorized files.
Active Authentication
Authentication of a terminal or card calculated by algorithm and based on a key (secret or public key ). Active authentication allows mutual identification by cards and terminals.
ADC
Application Delete Certificate. A certificate provided by MULTOS KMA, required to delete an application already loaded on MULTOS card.
ADEPT
Automated Debiting and Electronic Payment for Transport
Administrative Security
The management constraints and supplemental controls established to provide an acceptable level of protection for data.
ADN
Abbreviated Dialling Number.
ADSL
Asymmetric Digital Subscriber Line.
AES
Advanced Encryption Standard. Standard US government's National Institute for Standards and Technology. This cryptosystem was chosen after a lengthy survey conducted by the NIST (National Institute of Standard and Technology) as the new standard to replace the DES (see below). It uses the Rinjdael algorithm, which is well known for its good performance and its ability to withstand hardware and software implementations. It is already used in smart cards as an alternate to the DES.
AFIS
Automated Fingerprint Identification System. A biometric system that compares a single fingerprint with a database of fingerprint images. Commercial application when fingerprint image compared with existing personal data.
AID
Application Identifier. Identifies an application in a smart card. AID consists of two data elements: the RFID (registered identifier) and the PIX (proprietary identifier).
AIMS
Auto Indexing Mass Storage. A specification which is a standard card interface for storing large data.
ALC
Application Load Certificate. A certificate provided by MULTOS KMA, required to load an application on MULTOS card.
Alert
A formatted message describing a circumstance relevant to network security. Alerts are often derived from critical audit events.
Algorithm
A detailed set of processes or rules used for calculation or problem solving.
Algorithmic Encryption
Computational scrambling of security codes to prevent unauthorized access to information.
Alt.technology.smartcards
A Usenet newsgroup devoted to smart cards.
ALU
Application Load Unit. An application formatted to be loaded on MULTOS card
AML
Anti Money Laundering
AMPS
Advanced mobile phone service.
AMS
Amplication management System.
Analogue
A form of electrical transmission in which the signals transmitted are an exact replica of the original. Because analogue signals are prone to distortion, interference and error they are being replaced by digital techniques.
Analogue Circuit
Older type of transmission which has a higher bit error rate than digital circuits.
Anomaly Detection Model
A model where intrusions are detected by looking for activity that is different from the user's or system's normal behavior
ANSI
American National Standards Institute. An American Standards Organisation that develops and publishes worldwide accepted industrial standards in computing and information technology.
Antenna
Copper coil inside a contactless smartcard, the purpose of which is the transmission of electric impulses within a magnetic field.
Anti-collision
Communication protocol used in some contactless smart cards and in most tags for "broadcast" reading by one reader. Actually, they are red in a sequential manner, using that protocol, but in very short time (between 10 and 50 tags or cards a second).
Anticollision
When using a contactless smart card, the data being transmitted from the card to the reader doesn’t collide or interfere with the data being transmitted from the reader to the card.
APACS
Association for Payment Clearing Services. APACS is the industry body, which manages the main networks, which allow UK banks and building societies to exchange payments on behalf of their customers. Every smart card has an APACS registered serial number that uniquely identifies the owner and the card
APDU
Application Protocol Data Unit. Set of smart card basic commands defined in ISO7816.APDU consists of command messages and response messages between smart card and IFD
API
Application Programming Interface. A set of standardized instructions or services to enable the programme developer access to services provided by the operating system. Software layer through which an application can access the resources of an operating system in a standardised manner, without needing to know how it works.
APL
Approved Product List OR
Application Programming Language
Applet
Small size application (a few KB) written in a high level language translated into byte code after being compiled. It is designed to be interpreted by a virtual machine. With smart card applications, another name is cardlet.
Application Developer
Developer of application sauce code
Application Level Gateway (Firewall):
A firewall system in which service is provided by processes that maintain complete TCP connection state and sequencing. Application level firewalls often re-address traffic so that outgoing traffic appears to have originated from the firewall, rather than the internal host
Application Loading
To write application on smart card
Application Operator
An entity using an application on smart cards similar to the application provider.
Application Provider
Provider of application sauce code or application load unit
Application Variant
An identifier to manage the application version for MULTOS card. The issuer can assign a number from 0 to 65,535.
Arimura, Dr. Kunitaka
The Japanese inventor who received a patent on smart cards in 1971.
ARPU
Average Revenue Per User
ASC
Application-specific command. An extension of the basic smart card operating system, often stored in the smart card EEPROM.
ASCII
American Standard Code for Information Interchange.
ASIC
Application-Specific Integrated Circuit. An integrated circuit produced for use with specific applications to improve.
ASN.1 Object
Abstract Syntax Notation object as defined in ISO/IEC 8824. A formal syntax for describing complex data objects.
ASP
Application Service Provider OR
Actual Selling Price
Assessment:
Surveys and Inspections; an analysis of the vulnerabilities of an AIS. Information acquisition and review process designed to assist a customer to determine how best to use resources to protect information in systems.
Assurance
A measure of confidence that the security features and architecture of an AIS accurately mediate and enforce the security policy
Asymmetric Cryptographic
Asymmetric systems generate and use a secure key pair, consisting of a private key and a public key. With this key pair, only one key can decipher what the other enciphers. The keys have the property such that knowing one it is improbable to determine the other. Asymmetric key pairs are used in creating digital signatures and transporting symmetric keys.
ATM - Asynchronous Transfer Mode
Asynchronous Transfer Mode. A technology for broadband transmission of high-capacity telecommunications signals.
ATM - Automated Teller Machine.
Automated Teller Machine. Cash dispenser machine. Authorized use is enabled by PIN number.
ATR
Answer To Reset. ATR defines data transmission protocol between smart card and IFD. When the electricity is supplied to the smart card, the card sends ATR to IFD to define the transmission protocol. The chapter 6 of the ISO/IEC7816-3 provides the details.
Attack
A set of techniques implemented to " break " the security of a system or piece of equipment (including smart cards) by discovering the secrets (keys) it relies on. There are attack families : brutal attack, "Yes Card" attack, Timing Attack, SPA (Simple Power Analysis), DPA (Differential Power Analysis), etc. for which components and cards manufacturers have developed counter-measures or answers. A successful attack is referred to as a method.
Audit
The independent examination of records and activities to ensure compliance with established controls, policy, and operational procedures, and to recommend any indicated changes in controls, policy, or procedures.
Audit TraiL
In computer security systems, a chronological record of system resource usage. This includes user login, file access, other various activities, and whether any actual or attempted security violations occurred, legitimate and unauthorized.
Authentication
A validation method. Procedure to verify the authenticity of a user e.g. the identification of communication devices such as smart card(s) and read/write unit(s), usually in electronic commerce. Authentication in Biometry is known as verification. Technique used to check the stated identity of a person, a document or system (a smart card in its dialogue, with a reader, for instance). One refers to passive, static and low authentication, if the password or secret exchanged to administer the proof of the identity is always the same, and active, dynamic or strong authentication if the password or secret is different, and recalculated at each authentication. The smart card is ideally suited to that calculation.
Authentication Centre
In a mobile system it manages the authentication and encryption information associated with each subscriber.
Authentication Header (AH):
A field that immediately follows the IP header in an IP datagram and provides authentication and integrity checking for the datagram.
Authorization
Process to sanction a user's transaction.
Authorization Code
A code generated with the transaction data representing confirmation of authorization.
Automated Information System (AIS):
Any equipment of an interconnected system or subsystems of equipment that is used in the automatic acquisition, storage, manipulation, control, display, transmission, or reception of data and includes software, firmware, and hardware.
Automated Security Incident Measurement
Automated Security Incident Measurement (ASIM): Monitors network traffic and collects information on targeted unit networks by detecting unauthorized network activity
Automated Security Monitoring
Automated Security MonitoringAll security features needed to provide an acceptable level of protection for hardware, software, and classified, sensitive, unclassified or critical data, material, or processes in the system.