Search results

Term entries in the full glossary matching "security"

W3C Glossaries

Showing results 1 - 11 of 11

payload security

From XML Key Management (XKMS 2.0) Requirements (2003-05-05) | Glossary for this source

The XKMS request or response XML obtains integrity and/or confidentiality by being signed using an XML digital signature and/or encrypted using XML Encryption. The signature itself may be placed in the SOAP header when using a SOAP binding, for example. This is in contrast to transport integrity, where a SOAP message containing the XKMS payload is secured using TLS or other transport security mechanisms.

From Composite Capability/Preference Profiles (CC/PP): Structure and Vocabularies 1.0 (2004-01-15) | Glossary for this source

Describes a set of procedures applied to data communications to ensure that information is transferred exactly as the sender and receiver intend, and in no other way. Security generally breaks down into Integrity, Authentication, Confidentiality and Privacy.
security administration

From Web Services Glossary (2004-02-11) | Glossary for this source

Configuring, securing and/or deploying of systems or applications enabling a security domain.

security architecture

From Web Services Glossary (2004-02-11) | Glossary for this source

A plan and set of principles for an administrative domain and its security domains that describe the security services that a system is required to provide to meet the needs of its users, the system elements required to implement the services, and the performance levels required in the elements to deal with the threat environment. A complete security architecture for a system addresses administrative security, communication security, computer security, emanations security, personnel security, and physical security, and prescribes security policies for each. A complete security architecture needs to deal with both intentional, intelligent threats and accidental threats. A security architecture should explicitly evolve over time as an integral part of its administrative domain's evolution. [RFC 2828]

security auditing

From Web Services Glossary (2004-02-11) | Glossary for this source

A service that reliably and securely records security-related events producing an audit trail enabling the reconstruction and examination of a sequence of events. Security events could include authentication events, policy enforcement decisions, and others. The resulting audit trail may be used to detect attacks, confirm compliance with policy, deter abuse, or other purposes.

security domain

From Web Services Glossary (2004-02-11) | Glossary for this source

An environment or context that is defined by security models and a security architecture, including a set of resources and set of system entities that are authorized to access the resources. One or more security domains may reside in a single administrative domain. The traits defining a given security domain typically evolve over time. [RFC 2828]

security mechanism

From Web Services Glossary (2004-02-11) | Glossary for this source

A process (or a device incorporating such a process) that can be used in a system to implement a security service that is provided by or within the system.

security model

From Web Services Glossary (2004-02-11) | Glossary for this source

A schematic description of a set of entities and relationships by which a specified set of security services are provided by or within a system. [RFC 2828]

security policy

From Web Services Glossary (2004-02-11) | Glossary for this source

A set of rules and practices that specify or regulate how a system or organization provides security services to protect resources. Security policies are components of security architectures. Significant portions of security policies are implemented via security services, using security policy expressions. [RFC 2828]

security policy expression

From Web Services Glossary (2004-02-11) | Glossary for this source

A mapping of principal identities and/or attributes thereof with allowable actions. Security policy expressions are often essentially access control lists. [STG]

security service

From Web Services Glossary (2004-02-11) | Glossary for this source

A processing or communication service that is provided by a system to give a specific kind of protection to resources, where said resources may reside with said system or reside with other systems, for example, an authentication service or a PKI-based document attribution and authentication service. A security service is a superset of AAA services. Security services typically implement portions of security policies and are implemented via security mechanisms. [RFC 2828]

The Glossary System has been built by Pierre Candela during an internship in W3C; it's now maintained by Dominique Hazael-Massieux

Copyright © 2000-2003W3C® (MIT, ERCIM, Keio), All Rights Reserved. W3C liability, trademark, document use and software licensing rules apply. Your interactions with this site are in accordance with our public and Member privacy statements.