Relationships Related Term:  authorization preservation n. ~ Measures taken to protect materials from unauthorized access, change, destruction, or other threats. Citations: †(Personal communication, R [..]

Piece of paper that proves ownership of stocks, bonds, and other investments.

An efficient disclosure control method provides protection against exact disclosure or unwanted narrow estimation of the attributes of an individual entity, in other words, a useful technique prevents [..]

The total, essential, or particular being of a person; the individual.

mid-15c., "condition of being secure," from Latin securitas, from securus "free from care" (see secure). Replacing sikerte (early 15c.), from an earlier borrowing from Latin; earli [..]

An operating unit that is responsible for protecting merchandise and other assets from pilferage (internal or external). Those working in security may be employees or outside agency people.

The property that is pledged as collateral.

Real or personal property that a borrower pledges for the term of a loan. Should the borrower fail to repay, the creditor may take ownership of the property by following legally mandated procedures.

stock or bond. A security demonstrates ownership or financial participation in a business or government.

safety or stability.

A certificate issued by a company, government or other organisation giving proof that money has been invested in the stock, bonds, debt, options or other derivatives or instruments issued or sold by it. Securities are increasingly held in electronic rather than paper form.

Traditionally, a security was a physical document, such as stock or bond certificate, that represented your investment in that stock or bond. But with the advent of electronic recordkeeping, paper certificates have increasingly been replaced by electronic documentation.In current general usage, the term security refers to the stock, bond, or other [..]

Generally, an instrument evidencing debt of or equity in a common enterprise in which an investment is made on the expectation of financial return. The term includes notes, stocks, bonds, debentures o [..]

May mean any one of the following Freedom from danger, i.e. safety. Freedom from fear or anxiety, e.g. from the prospect of being laid off, i.e. job security. Something given, deposited, or pledged to [..]

the state of being free from danger or injury; "we support the armed services in the name of national security" defense against financial failure; financial independence; &am [..]

See: computer system security.

The property used as collateral for a loan.

safety, confidence, protection, a guarantee, a surety

1. A condition that results from the establishment and maintenance of protective measures that ensure a state of inviolability from hostile acts or influences.  2. With respect to classified matter, the condition that prevents unauthorized persons from having access to official information that is safeguarded in the interests of national security.  [..]

The property that will be pledged as collateral for a loan.

Jensens Internet Dictionary Protection against error and fraud. In computing and networking this includes firewall protections (e.g., passwords) for entry and encriptions for messages that contain protected data such as credit card numbers. (See also Cryptolope)

An investment instrument such as a stock or bond.

Collateral given or pledged to guarantee fulfillment of an obligation (Black’s). Implied is the forfeiture of this collateral if the obligation is not met.

Definitions (2) 1. An investment instrument, other than an insurance policy or fixed annuity, issued by a corporation, government, or other organization which offers evidence of debt or equity. The of [..]

(n.) In the computer industry, the term security -- or the phrase computer security -- refers to techniques for ensuring that data stored in a computer cannot be read or compromised by any individuals [..]

Feelings of basic safety, assurance, and independence from alarm. In psychology, is regarded to be engendered by such conditions as a comforting, approving support system of family and friends; progre [..]

See Safety on campus

In computing, the technology developed to prevent unauthorized persons, particularly hackers and crackers, from gaining entry to protected systems and files, including data encryption, virus detection [..]

A password, key, procedure, or other device which has the ability to limit change in selected parameters. The existence and enforcement of techniques which restrict access to data, and the conditions [..]

is a blanket term referring to an instrument (usually just recorded as a piece of paper) that represents financial value, such as stock, bonds, debt securities, funds, options, futures contracts and o [..]

pl: -ties 1 a : something (as a mortgage or collateral) that is provided to make certain the fulfillment of an obligation [used his property as for a loan] b : surety see also security for costs 2 ...

Something given or deposited as surety for the payment of debt. In the case of home loans, the property which is to be bought with the loan money usually acts as the security.

Any kind of transferable certificate of ownership including EQUITY SECURITIES and DEBT SECURITIES.

A pledge made to secure the performance of a contract or the fulfillment of an obligation. Examples of securities include real estate, equipment stocks or a co-signer. Mortgages are a form of security [..]

a share, participation, or other interest in property or in an enterprise of the issuer or an obligation of the issuer.

A transferable certificate of ownership of an investment product such as a note, bond, stock, futures contract or option. A security can also be defined as “property, which is pledged as collateral for a loan or other credit, and subject to seizure in the event of default.”

Specific revenue sources or assets pledged by an issuer to the bondholder to secure repayment of the bond.

In association with computers, communication systems and automation, the term security is understood to mean any measures used to protect a system from attacks, whether accidental or intentional. The motivation for these attacks may vary, but includes espionage for example, or specific functional impairment through malware such as viruses, worms an [..]

Services which protect data, ensuring its confidentiality, availability and integrity.

Real estate or personal property used as collateral to back up a loan, which gives the lender tangible property that may be sold upon default to pay off the indebtedness.

A pledge made to secure the performance of a contract or the fulfillment of an obligation. Examples of securities include real estate, equipment stocks or a co-signer. Mortgages are a form of security with strong legal standing, because they are publicly registered following a formal legal procedure. A mortgage gives the lender holding a mortgage s [..]

The NZECO may seek a security to ensure that, in the event of a buyer's default, it will be repaid or appropriately compensated. Forms of security include: a bank guarantee; a guarantee from a pa [..]

A legal right of access to value through mortgages, contracts, cash accounts, guarantees, insurances, pledges, or cashflow, including licenses, concessions, and other assets.  A negotiable certi [..]

The paper right to a (generally tradeable) asset. The term is frequently used as a loose label to refer to all shares, debentures, notes, bills, government and semi-government bonds etc, which are traded on the stock exchange.

An investment instrument, other than an insurance policy or fixed annuity, issued by a corporation, government, or other organization that offers evidence of debt or equity. The official definition, from the Securities Exchange Act of 1934, is, "Any note, stock, treasury stock, bond, debenture, certificate of interest or participation in any p [..]

The collateral taken by the lender to insure against default by the borrower, on the loan.

An asset that guarantees the lender their loan until the loan is repaid in full. Usually the property is offered to secure the loan.

An asset which a borrower uses to secure funding from a lender. In the event that the borrower cannot repay their debt, this asset can be acquired by the lender.

A (financial) security is a fungible financial instrument.

An asset that guarantees the lender their loan until the loan is repaid in full. Usually the property is offered to secure the loan.

Charge, Mortgage, Lien or Pledge.

In relation to financial assets, a security is an investment such as shares or bonds which can be traded in financial markets.

A financial instrument.

You can offer something you own as security or collateral on a loan, making it a secured loan. This could be property or stocks and shares, or something else of value. The lender ‘holds’ this to protect their investment when they lend you money. In return, the debtor often gets a lower interest rate, but people can risk losing their home if they ca [..]

A certificate issued by a corporation or government that has a value. Stocks and bonds are the most common securities.

Property - the vehicle in the case of car finance - that a financier can claim in case a borrower defaults on their loan obligation.

legal term for stock or shares

An investment that is represented by a negotiable document issued by a corporation or governmental entity for the purpose of raising capital. A listed security is one that is approved for trading on a [..]

Property which is designed and used as collateral.

The term security--

According to 122 CFR 12.2 [Title 12 -- Banks and Banking; Chapter I -- Comptroller of the Currency, Department of the Treasury; Part 12 -- Recordkeeping and Confirmation Requirements for Securities Tr [..]

menu Relative Danger Books Java Security Learning More Digital Signing And Encryption Schemes Links Security Holes Relative Danger The most dangerous things are at the top: Opening a file attached to [..]

New stuff that can make your computer and all your data even safer, and for dealing with new nasties online.

In the context of patron training, refers to tools and practices used to prevent unauthorized access of personal data by third parties.

Definitions of system access for end users. Security can be physical (equipment-related), module-related or data-related.

property which is pledged as collateral for a loan, which can be taken back by the lender if the borrower defaults on the loan

is a financial instrument that represents debt, such as a bond, or represents ownership in an entity, (i.e. a stock). A security can be assigned value and traded in financial markets.

(also known as Collateral) is property or assets that a lender can take possession of, in the event that a loan cannot be repaid.

(n) the state of being free from danger or injury(n) defense against financial failure; financial independence(n) freedom from anxiety or fear(n) a formal declaration that documents a fact of relevanc [..]

Ensuring that private information remains private in an atmosphere where all other information is free. Security also means that viruses are prevented from infecting people's systems.

Evidence of an investment, either in direct ownership (as with stocks), creditorship (as with bonds), or indirect ownership (as with options).

cautela, obses

Enhanced Linux - Security-Enhanced Linux (SELinux) is a version of the Linux kernel and utilities, which contains support for mandatory access controls based on the principle of least privilege. It is [..]

The protection of the Nation and its people, vital interests, and way of life. (NPG, PPD-8)

All campuses have a 24 hour security office.

A condition safe from unwanted intrusion

The property used as collateral for a loan.

Collateral for a debt. For example, accounts receivable may be pledged as security for a loan. Security is a generic term used to refer to a bond, share certificate or other medium or long-term invest [..]

CONTAINER SECURITY GUARD / ESCORT

Security means safety, as well as the measures taken to be safe or protected.

The condition achieved when designated information, material, personnel, activities and installations are protected against espionage, sabotage, subversion and terrorism, as well as against loss or unauthorised disclosure. The term is also applied to those measures necessary to achieve this condition and to the organisations responsible for those m [..]

Evidence of an investment, either in direct ownership (as with stocks), creditorship (as with bonds), or indirect ownership (as with options).

An exchangable asset of value, including stocks, bonds, and other financial instruments.

A legal right of access to value through mortgages, contracts, cash accounts, guarantees, insurances, pledges or cash flow, including licences, concessions and other assets. Lenders can act on securit [..]

Collateral pledged by a bond issuer (debtor) to an investor (lender) to secure repayment of the loan.

Property pledged to the creditor in case of a default on a loan; see collateral.

Assets or personal property used as collateral to secure a loan.

In relation to financial assets, a security is an investment such as shares or bonds which can be traded in financial markets.

means an asset e.g. a car or property, used to secure the loan which can be accessed by the credit provider to repay arrears if you do not meet your obligations.

Security is an important aspect of wireless networking. Wireless devices normally support multiple security standards previously, the most common standard was WEP (Wired Equivalent Privacy). Recently, [..]

Protective measures against unauthorized access to or interference with computer operating systems, Telecommunications, or data structures, especially the modification, deletion, destruction, or relea [..]

Access by all in a community at all times to enough nutritious Food for an active, healthy Life. (from http://www.fns.USDA.gov/fsec/ accessed 4/22/2011)

Financial assistance for the impoverished Elderly through public funding of Programs, services, and individual Income supplements.

Government sponsored social Insurance Programs.

That which ensures to the satisfaction of the Customs that an obligation to the Customs will be fulfilled. Security is described as "general" when it ensures that the obligations ari [..]

A financial instrument such as stock, bond or treasury bill.

The Underwriters subscribing a risk. The Insurers.

The underwriters subscribing a risk.

Property offered as backing for a loan. In the case of mortgages, the property being purchased with the loan usually forms the security for the loan.

The value of the cash, investments or assets you provide to secure your loan.

In the case of mortgages, real estate offered as collateral for the loan.

The protection that’s placed on a file. Security includes various types of accounts to authenticate users, levels of privilege sets to determine what can be done with a file, and authorization of othe [..]

Belief in the safety of one's person and position. Security is a driving factor in employee reporting.

A general term for a tradable financial instrument.

General term for an equity or debt instrument issued by a government or company.

(1) an asset traded on a financial market, such as shares or bonds or (2) an asset pledged to ensure the repayment of a loan

General term for an equity or debt instrument issued by a government or company.

An investment instrument, other than an insurance policy or fixed annuity, issued by a corporation, government, or other organization that offers evidence of debt or equity. The official definition, f [..]

a financial instrument which includes the assumption of debt, (bonds, bills), shares, derivatives (swaps, options, futures). Share Price

A condition that results from the establishment and maintenance of protective measures that enable an enterprise to perform its mission or critical functions despite risks posed by threats to its use of information systems. Protective measures may involve a combination of deterrence, avoidance, prevention, detection, recovery, and correction that s [..]

Techniques and practices that preserve the integrity of computer systems, and digital library services and collections.

Essentially, a contract that can be assigned a value and traded. It could be a stock, bond or mortgage debt, for example.

A general term that applies to most investment types, including stocks, options, bonds, etc.

measures taken on entry to the airside area to prevent illegal acts against civil aviation.

Measures taken on entry to the airside area to prevent illegal acts against civil aviation.

Any kind of transferable certificate of ownership including equity securities and debt securities.

Measures taken to keep something secure.

The value of the cash, investments or assets you provide to secure your loan.

Real or personal property that guarantees the repayment of a loan. The borrower risks losing the property if the loan is not repaid.

Documents representing the right of the bearer to capital or credit. These instruments can be traded and their transfer or endorsement accredits ownership of them or implied rights.

Security refers to a general environment of law and order; freedom from physical threats.

QoS

 

, Techniques for ensuring that data stored in a computer cannot be read or compromised. Most security measures involve data encryption and passwords. Data encryption is the translation of data into a form that is unintelligible without a deciphering mechanism.

Measures taken to keep something protected or safe from viewing, destruction, or manipulation.

Processes, practices, and software that secure health information from unauthorized access, ensuring that the information is not altered and that it is accessible when needed by those authorized.

Security is where passengers have their possessions checked before they get on their flight. We have to take our shoes off when we go through security.

Security related products include serial controlled video cameras, remote controlled camera housings, video recorders, Digital Time Lapse Recorders, VCRs, badge readers, access control, security gate controls and related products.

 an asset that accrues income. It is usually in the form of a contract detailing a debt or equity issued by a corporation, government or other organisation. Classic examples of securities would be government bonds or corporate shares. 

File that stores one or more server certificates or root certificates from trusted Certification Authorities.

A scheme for adding enough random material to a message so that the message can be encrypted or signed with a primitive. The scheme is defined in RSAES-PKCS 1.5.

Personal Security Environment (PSE) for the SAP System.

To be able to use the security functions provided by SSL and SNC, you must establish trust between the components involved in the communications. Although the basic concepts used here are similar, the [..]

A data encryption standard comprised of a three-step data encryption algorithm that evolved from DES, providing greater security because it encrypts, decrypts, and encrypts the data using three keys i [..]

In J2EE Engine IpVerification Manager is used for IP access control - it checks whether a particular IP address has an access permission.

A list that specifies which users or system components are allowed to access a resource.

Credentials used to access protected resources. An access token is a string representing an authorization issued to the OAuth 2.0 client. Tokens represent specific OAuth 2.0 scopes and durations of ac [..]

Collection of permissions used to enforce authorizations in SAP User Management Engine.

Deliberate attempt to evade system security and alter the system.

A storage location for other users' public-key certificates so that their digital signatures can be verified.

A symmetric cryptographic algorithm that has been adopted by the U.S. government as a replacement for the Data Encryption Standard (DES) algorithm for encrypting sensitive, unclassified data.

In SAML 2.0 it is a logical grouping of service providers under a single name. In this grouping, a user authenticated at the identity provider for one service provider can be automatically federated w [..]

Version of the CRL distribution point that may be used if the primary distribution point is not accessible. For example, you can download the certificate revocation list (CRL) to an alternative local [..]

Form of logon where users do not have to provide any form of authentication such as user ID and password, client certificate, and so on.

The endpoint of a SAML service provider or identity provider that processes the artifact resolution requests from the assertion consumer service of other providers. This communication takes place dire [..]

The endpoint of a SAML service provider or identity provider that validates and interprets the SAML response or artifact presented by the client (user), requests the resolution of any artifacts, and c [..]

Targeted attempt to evade system security to alter the system or to confiscate information.

An element of a Security Assertion Markup Language (SAML) 2.0 assertion that indicates that the SAML asserting party makes no claims about the accuracy or trustworthiness of assertions received by par [..]

The tracking of events as they occur in the system so that a series of events can be reconstructed at a later date.

A group of events recorded by the Security Audit Log.

A file containing audit information from the Security Audit Log.

A security-relevant chronological record or set of records that provide documentary evidence of the sequence of activities that have affected at any time a specific operation, procedure, event or reso [..]

The audit information saved to the audit log.

Special type of logon ticket with a very limited time period of validity. It is used for authentication for communication between the J2EE Engine and SAP NetWeaver Application Server (ABAP), for the s [..]

The sum of information concerning how an authenticating authority identified a principal, including how this information is protected. In SAML a relying party can request the authentication context in [..]

Method used to authenticate a user or component. Examples supported by SAP systems include:

In SAML 2.0 the authentication policy is set by the service provider and determines if a user must reauthenticate at the identity provider or if the identity provider must authenticate the user withou [..]

Definition on the J2EE Engine of what is required for authentication. This includes:

Login module stack that serves as a template for other components. Any changes made to the original login module stack affect all other components that reference it as a template.

Role in the SAP system derived from a portal role. The menu structure and user assignment of the authorization role are assigned by the portal role.

Server issuing access tokens to the OAuth 2.0 client after having successfully authenticated a resource owner and obtained authorization.

A method of submitting HTML forms with HTTP POST automatically. This is usually done with Javascript.

A communication channel that avoids the standard communication channel. For SAML 2.0 the back channel is directly between the identity provider and the service provider. Communication does not go over [..]

A security hole in the software or a program that enables an attacker to gain (remote) access to a system or its data. The security hole can be planned or accidental. In both cases, the security hole [..]

The location on the directory server where the directory access service entries.

The simplest form of authentication supported by most Web browsers and Web servers. With this authentication mechanism the client sends the user ID and password to the server in plain text.

Authentication mechanism to be used in case the first authentication mechanism you configured for Single Sign-On, for example, authentication with logon tickets fails. The user is then authenticated u [..]

An attack that requires trying all (or a large fraction of all) possible values until the right value is found.

A person who uses software for the purpose of furthering a business process, and not for the purposes of carrying out an administrative or developer task such as a purchaser, a sales representative, o [..]

An identifier for a user when using Secure Network Communications after the name is converted to a standard format.

A list that contains the public-key certificates belonging to other users or system components that are trusted.

Logon to an SAP system using digital certificates. The actual authentication takes place using public-key technology, for example, using the Secure Sockets Layer (SSL) protocol.

The act of creating a correspondance between users in a system and X.509 certificates for the purpose of enabling Single Sign-On (SSO).

A request for a Certification Authority (CA) to issue a public-key certificate to a user or component.

The digitally-signed public-key certificate returned to the person or entity requesting a certificate from a Certification Authority (CA). This digitally-signed certificate corresponds exactly to the [..]

Service on the AS Java that checks certificate revocation lists to make sure that a given certificate has not been revoked by the issuing Certification Authority (CA).

A group of certificates that have been declared to be invalid.

An external instance that issues public-key certificates.

A digital document that is used to identify a user or system component.

A specific HTTP header.

The act of inserting (malicious) code into a program or Web site. This enables the attacker, who inserts the code, to change the behavior of the program or Web site.

In Security Assertion Markup Language (SAML) 2.0, the host domain of an identity provider discovery service and its common domain cookie.

In SAML 2.0 the common domain cookie (CDC) is a cookie that enables an identity provider to identify itself to a service provider. When a service provider cannot initially identify the identity provid [..]

Attribute in a user's profile. Every user belongs to one company only.

An interface implemented by application frameworks called by the OAuth authentication module to derive the corresponding ABAP development object from HTTP requests to URIs.

Main CRL distribution point for a Certification Authority (CA). This location is included in the certificates issued by the CA as the CRL distribution point.

Object in SAP User Management Engine, for example, user, user account, group, or role.

Location in the public-key infrastructure where the users' and components' public keys are stored.

Private part of the public and private key pair used for encryption or for digital signatures.

Contains user data such as e-mail address, language, password. Can be changed by an administrator or the user.

Authentication concept that requires a component to explicitly trigger authentication itself. The authentication process is subsequently controlled by the authentication framework of the container in [..]

Evidence that proves a party possesses a private key corresponding to a public key to another party in public-key infrastructure.

A user ID that does not include information about the real person that the ID represents.

The mapping of the messages or message patterns of one protocol onto another protocol. In SAML 2.0, for example, the mapping of a SAML authentication request message onto SOAP is a SAML SOAP binding.

Public part of the public-key pair used for encryption or for digital signatures.

Key pair that consists of the public and the private keys.

A digital document that acts as a user's digital identification card.

A series of documents produced and distributed by RSA Laboratories that define standards for using public-key technology.

An encryption method that uses two different, complementary keys for the encryption and decryption of information sent over computer networks.

System that manages the trust relationships involved with using public-key technology.

List that contains the public-key information (to include the public keys) belonging to other users or system components.

The technology used for securing digital documents.

An SAP NetWeaver component used to monitor and log read access to sensitive data.

An application making protected resource requests on behalf of the resource owner and with its authorization.

An OAuth 2.0 scope is determined in negociation between the resource owner and the user who wants to access the resource.

A Kerberos realm is the set of Kerberos principals that are registered within a Kerberos server. The Kerberos realm represents an administrative domain that has its own Kerberos database containing in [..]

The inability to deny having performed an action.

A type of cross-site scripting attack in which the Web application embeds content received from the HTTP request in its HTTP response. A successful exploitation occurs when the attacker tricks the vic [..]

A temporary token used to obtain access tokens. Refresh tokens are issued to the OAuth 2.0 client by the authorization server and used to obtain a new access token when the current access token become [..]

An entity in the public-key infrastructure (PKI) that verifies a certificate request and then passes it on to the Certification Authority (CA).

In SAML 2.0 the content of the RelayState parameter. The SAML service provider uses this parameter to find out the relative path of the application to which the service provider should redirect an inc [..]

A token used to refer to a principal in SAML messages.

Identifies the type of information the name identifier includes. The SAML standard defines the formats as follows:

User used for anonymous logon to Java applications such as SAP Enterprise Portal.

Service available on the mySAP.com Marketplace that issues mySAP.com users their mySAP.com Passports.

The practice of logging on multiple times to the same account from multiple clients.

An entity capable of granting access to a protected resource.

Hosts the protected resource and is capable of accepting and responding to protected resource requests using access tokens.

The URI to use for Security Assertion Markup Language (SAML) resonse messages.

In SAML 2.0 a temporary identifier for a principal that does not reveal private information about the principal.

A basic protocol used by other protocols to communicate through the network.

A proposed Internet standard protocol that is an enhancement of the Secure Sockets Layer (SSL) Version 3.0 protocol.

A mechanism used by web browsers to determine the content type of a file. The browser parses the first byte of the binary content stream to determine the MIME type of the file.

Certificate belonging to a Certification Authority (CA).

The highest Certification Authority in a PKI. All users of the PKI must trust it. Its certificate is signed with a private key. There can be any amount of CAs between a user certificate and the root C [..]

Windows NT authentication protocol that uses a challenge and response algorithm for authenticating users within a Windows NT network.

Microsoft's security provider that uses the the Microsoft Windows NT LAN Manager (NTLM) protocol to authenticate users in a Windows NT network.

A public-key cryptographic algorithm which can be used both for encrypting messages and creating digital signatures.

Identity with which an EJB is executed. This identity is usually not the identity of the caller.

The representation of a text in the form of a single string of digits, created using a one-way hash function.

A message type of the single logout protocol of the SAML 2.0 standard. A provider sends a logout request to initiate a Single Log-Out by an identity provider. An identity provider sends a logout reque [..]

A message type of the single logout protocol of the SAML 2.0 standard. A provider sends a logout response to a provider to confirm that it has terminated any sessions with the principal specified in t [..]

A message type of the Authentication Request protocol of the Security Assertion Markup Language (SAML). A response message returns SAML assertions to the requesting service provider.

A system entity providing a set of web applications with a common session management, identity management, and trust management

SAML token profiles are used for WS access authentication at the SOAP message level.

A message type of the Artifact Resolution protocol of the Security Assertion Markup Language (SAML). A SAML provider uses an artifact resolution request to retrieve a SAML message referred to by an ar [..]

A message type of the Artifact Resolution profile of the Security Assertion Markup Language (SAML). An artifact response includes a SAML message requested by another provider.

A collection of statements (though zero statements is possible) made by a SAML authority about a specific principals. According to the SAML standard, these statements can of the following types:

A message type of the Authentication Request protocol of the Security Assertion Markup Language (SAML). A SAML service provider uses an authentication request to get information about a principal or a [..]

SAML browser artifacts are used as a reference to a SAML protocol message stored on a source site (in SAML 1.x) or a provider (in SAML 2.0). The artifacts are designed to be transferred in a URL. The [..]

An entity that manages identity information for principals and provides authentication services to other trusted service providers.

The sender of SAML assertions with which a user can logon to a system trusting the issuer.

The Certification Authority (CA) provided by the SAP AG that issues certificates to SAP customers.

X.509 client certificate issued to SAP customers' end users by the SAP Certification Authority (CA).

Default security provider provided with the SAP System.

Service provided by SAP from which SAP customers can receive public-key certificates issued by the SAP Certification Authority (CA).

A collection of multiple identical virus scanners used for better workload distribution.

Key used for encrypting and decrypting messages using symmetric encryption algorithms.

An open industry standard protocol developed for the secure transmission of payment information over the Internet and other electronic networks.

Internet-standard that defines a means to make email messages more secure by adding both digital signatures and encryption.

Interface that allows secured communication connections between SAP System components. Strong authentication, integrity protection, and privacy protection may be provided.

An Internet standard protocol developed by Netscape that is used to secure communications across the Internet.

Secure storage location in which the SAP System to store critical information such as passwords. The data stored in the system's secure storage is encrypted.

BAdI implementation to provide application-specific data for managing the secure storage.

An interface that allows the SAP system to protect data and documents using digital signatures and encryption.

A tool that produces a log containing security-related system events such as configuration changes or unsuccessful logon attempts.

A vulnerability in a computer program that enables a malicious user to gain unauthorized access to data, networks, systems, or functions.

SAP Notes that are used to inform customers about a solution or workaround for an existing security issue in shipped SAP software (see SAP Note 1139963). They contain advice including countermeasures [..]

The security constraints over the access to protected resource.

Subject confirmation method for system-to-system communication with which a system vouches for the identity of a user. The system forwards this information as part of the SAML assertion to another sys [..]

The name by which a client uniquely identifies an instance of a service.

An XML-based expression syntax for the query and exchange of user account information, for example, users, groups, or roles.

A type of attack where one user attempts to set the session ID of another user.

A standard pseudo-mechanism, used to determine which GSS API mechanisms are shared, select one and then establish a security context for communication using it.

A method used by the Lightweight Directory Access Protocol (LDAP) to authenticate users based on user ID and password.

The capability to terminate all sessions of a specific user or a user agent, such as Web browser, at the click of a single button.

A mechanism that eliminates the need for users to enter passwords for every system that they log on to.

An intranet domain that consists of a single level. In user@example, the domain has a single designation, "example." This is incontrast with user@example.com, where there is a top-level doma [..]

The server's Personal Security Environment (PSE) that contains the information needed to establish a connection using Secure Network Communication (SNC).

A log where the execution of SQL statements to certain tables are recorded.

Injection of malicious SQL statements by an attacker. an SQL Injection is possibe, if statements or parst of statements that imported from the outside into a program, are passed to the database system [..]

Performs a scanning for various threat types, such as viruses, spyware, malware etc.

Library available to non-SAP applications for authentication purposes and Single Sign-On.

A type of cross-site scripting attack in which the attacker stores the injected code or script on a vulnerable server. For example, the malicious code can be contained in a forum message. The maliciou [..]

The process of identifying a user (or component) by proving that the user has knowledge of a secret without the user having to reveal the secret.

X.509 certificate attribute that identifies the owner of the certificate.

In public key infrastructure, the subject alternative name (SAN) is an extension of X.509 certificate enabling the certificate issuer to associate additional identities with the subject of a certifica [..]

Method to confirm a subject with SAML token profile authentication.

Information used by the SAP system for Secure Store and Forward (SSF) mechanisms where a user or component's private part of the public-key information is stored (the private key).

The server's Personal Security Environment (PSE) that contains the information needed to establish a connection using the Secure Sockets Layer (SSL) protocol, where the server is the client compo [..]

Identity that the server uses for a specific SSL connection. The server can have multiple SSL server identities. Each SSL server identity possesses its own SSL server Personal Security Environment (PS [..]

The server's Personal Security Environment (PSE) that contains the information needed to establish a connection using the Secure Sockets Layer (SSL) protocol, where the server is the server compo [..]

The Personal Security Environment (PSE) used for Single Sign-On (SSO) in the mySAP Workplace when using logon tickets.

Java class defined by the Java Authentication and Authorization Service (JAAS) that defines the authentication logic for a particular authentication mechanism. For example, the Basic Authentication lo [..]

List of login modules containing authentication logic that is assigned to a component. When a user is authenticated on the J2EE Engine, the server sequentially processes the login module stack that ap [..]

The URI to use to contact the Single Sign-On endpoint of the provider to the Security Assertion Markup Language (SAML) 2.0 standard.

The name of the destination (as part of the destination service of the SAP NetWeaver Application Server) to use to contact the Single Sign-On endpoint of the provider according to the Security Asserti [..]

A program or script written to harm, compromise, or hinder a computer system, its applications, or its users.

An attack in which an attacker inserts itself between two parties and pretends to be one of the parties.

The act of enabling a user to link his or her user account on a remote system with his or her user account on the local system during logon.

Secure location where a user or component's public-key information is stored.

A secret known by a user used to confirm his or her identity, such as a numeric password.

The exchange of information or agreement between administrators of SAML providers on how to link user accounts between systems. For example, what data does the identity provider pass to the service pr [..]

Administrator that can add, modify and delete users of all companies.

PAOS is a reverse HTTP-binding for the SOAP protocol. It is a reverse binding because the HTTP response is bound the SOAP request instead of the HTTP request.

Password that is longer than a traditional password and may consist of more than one word.

A deliberate attempt to evade security to gain information from a system, for example, wiretapping or other forms of eavesdropping.

Credentials contain data that enables the subject to perform certain activities. A credential may contain information, which is used to authenticate the subject to new services. These credentials have [..]

The user or component-specific information that allows the user or component to access his or her security information.

Local storage location for each certification revocation list (CRL) that is downloaded from a CRL distribution point.

Publicly available location where a Certification Authority (CA) hosts its certificate revocation list (CRL).

The act of serving content from or diverting a Web client to a different domain without the user's knowledge.

Analysis procedure for decrypting encrypted messages sent over computer networks without knowing the key.

A class of attacks against application servers that tricks an authenticated user into issuing HTTP requests to an application, which can then lead to an undesired action being triggered on behalf of t [..]

A cryptographic algorithm that uses a 56-bit secret key for encrypting and decrypting messages (symmetric cryptrography).

Correctness and appropriateness of the content and/or source of data sent over the Internet.

The data being transferred between the client and the server is encrypted, which provides for integrity and privacy protection. An eavesdropper cannot access or manipulate the data.

The data repository from which the User Management Engine (UME) of the J2EE Engine retrieves user management data such as user, group, and role data.

Authentication concept that releases a component from having to trigger authentication itself. Instead the component declares its protected resources and its desired authentication mechanism in its de [..]

The conversion of an encoded message into its original form.

The process of retrieving data that has been encrypted using a cryptographic algorithm.

In identity management this is the action of ending federation. Here federation provides the means to share identity information between partners. To share information about a user, partners must be a [..]

Allows you to distribute user administration between several administrators so that each administrator is responsible for a particular group of users.

Administrator that can add, modify and delete users that belong to the same company as the delegated user administrator only.

An area that exists between two networks that allows connections between the networks without sacrificing unauthorized access to the systems located within the networks.

The process of opening a digital envelope.

Security protocol that allows parties with no prior knowledge of each other to agree on a shared key for encrypting further communication.

A security mechanism for protecting digital data.

Process of identifying a person or system component using a cryptographic hash value to avoid sending the user ID and password in clear text.

An electronic "identity card" that establishes a user's credentials when doing business or other transactions on the Web. It is issued by a certification authority (CA) and contains nam [..]

Tree-like structure in which entries in a directory are organized.

A type of attack during which the attacker exploits a flaw in the security of an application to gain access to directories. An attacker can then read or insert data.

A hierarchical identifier for an object as specified by the X.500 format.

Document domain defines the circumstances in which two different applications can share information between two different windows or frames on the client side. The Same Origin Policy (SOP) applies. Tw [..]

Document domain relaxing is the loosing of the Same Origin Policy (SOP).The SOP states that two applications in two different frames or windows can share information only if the protocol, fully-qualif [..]

A group of computers and devices that belong to the same (sub-)network according to their IP addresses (or corresponding aliases).

A cryptographic procedure introduced by SET, an electronic payment system, to ensure data protection during business transactions.

The conversion of a plain-text message into a coded message using an algorithm where no cryptography is involved.

The process of using a cryptographic algorithm to disguise a message to protect it from being intercepted by potential eavesdroppers.

A profile of the Security Assertion Markup Language (SAML) 2.0. The profile enables browsers with enhanced capabilities to take advantage of identity provider discovery and SAML message flow options. [..]

Chargeable software component that is not exclusively calculated for each user.

A component of the SAP NetWeaver Single Sign-On product that enables users to automatically log on to Windows, Windows applications,and web sites.

The process of creating a digital envelope.

Part of SAP User Management Engine that provides connectivity to the user management data sources. It allows the persistence manager to access data from a certain type of data source, for example, LDA [..]

Part of SAP User Management Engine between the application programming interface and the user management data sources.

In SAML 2.0 an permanent identifier for a principal that does not reveal private information about the principal.

To associate or link a number of entities.

A function that is secured with the Secure Sockets Layer (SSL) protocol.

A special server in computer networks that prevents unauthorized penetration (dialling in) of external people and/or the transfer of data that is not to be transferred.

A communication channel that uses the standard communication channel. For SAML 2.0, the front channel is between the identity provider and theservice providers, but goes over the user agent (such as a [..]

An application level interface (API) for network security systems.

German Federal office that is responsible for information technology

A set of users with specified security permissions.

A physical device that can be attached to a server to provide a means for storing digital keys and for performing cryptographic functions.

An algorithm that you can apply to a message or text that guarantees the message's integrity.

Subject confirmation method for desktop-to-server communication where a central security token service (STS) asserts the identity of a user. The STS issues a SAML token containing this information. Th [..]

Role that contains the central functions for the end user in SAP NetWeaver Business Client (NWBC).

A connection which provides for encrypted communications between the client and the server.

The act of determining which SAML identity provider to use when a client requests access to a particular resource of the SAML service provider.

The act of joining the identity data of a principal across multiple systems through the use of a common token.

An organization for developing Internet standards.

Piece of information used for user authentication and Single Sign-On with SAP systems.

Digital certificate attribute where the Distinguished Name of the Certification Authority (CA) that issued the digital certificate is specified.

A class object in the Java Authentication and Authorization Service (JAAS). The subject identifies a person or service or other entity in the JAAS framework. The subject can include principals, such a [..]

One of a collection of connections held ready-for-use when a connection between systems is required.

The set of security restrictions for a component on the J2EE Engine. This includes the login module stack, security roles, and resources that are assigned to the component.

A token endpoint is used by the OAuth 2.0 client to obtain an access token presenting its authorization grant or refresh token.

SAP System tool (transaction SSO2) to assist you with the configuration of logon tickets for Single Sign-On (SSO).

Alert in the Computing Center Management System (CCMS) alert monitor that has been produced by the Security Audit Log.

A cryptographic procedure in which the sender and receiver use the same key to encrypt and decrypt a message sent over computer networks.

Default security product provided by SAP to use for encryption with SAP Systems.

A popular program used to encrypt and decrypt e-mail over the Internet.