Definitions & Terminology
This is not an exhaustive list rather an explanation of some of the jargon used on this site.
A-space Intelligence community sharing
ACL Access control list
ACN Apple Consultants Network
ACS Adobe Creative Suite
ADAC Active Directory Administrative Center
Admit Mac ADmitMac
ADmitMac Active Directory admit Mac
ADUC Active Directory Users and Computers
AES Advanced Encryption Standard
AFCEA Armed Forces Communications and Electronics Association
AFP Apple Filing Protocol
AFP548 port associated with AFP, also 427
AM AdmitMac
Android is a software stack for mobile devices that includes an operating system, middleware and key applications
Android 1.0
Android 1.1
Android 1.1
Android 1.5 Cupkake
Android1.6 Donut
Android 2.0/2.1 Eclair
Android 2.2 Froyo
Android 2.3 Gingerbread
Android 3.0/3.1 Honeycomb
Android 4.x Ice Cream Sandwich
Android 5.x Jelly Bean
Angel investor early stage VC investment typically by an individual or pool of individuals
Apache Open Source Web Server, runs about 2/3rds of the world's websites
AppleTalk Apple network protocol unsupported as of 2009
APDU Application Protocol Data Unit
API Application Programming Interface
APL Approved Products List
APN Apple Push Notification service
APO Army Post Office
ARD Apple Remote Desktop
AS Authentication Service
ASCL Alternate Smart Card Login
Asia Pac Asia and Pacific Rim
ASN Abstract Syntax Notification
ATO Authority to Operate
B2B Business to business
B2C Business to consumer
Benelux Belgium Netherlands and Luxemburg
BES Blackberry Exchange Server
Biometrics consists of methods for uniquely recognizing humans based upon one or more intrinsic physical or behavioral traits
Bluetooth is a wireless technology built into Apple products - it works well for short distances and environments that are not highly secure
BRIC Brazil Russia India and China
BYO or BYOD Bring Your Own Device - integration of personal devices with corporate IT infrastructure
CA Certificate Authority
CAC Common Access Card
CACNG or CAC-NG Next Generation CAC smart card
CC Creative Commons
CCID Chip/Smart Card Interface Devices
CDSA Common Data Security Architecture
CE Conformité Européenne
CI Counter intelligence
CIFS Common Internet File System
CHUID – Card Holder Unique Identifier
CIV Commercial Identity Verification
CJIS Criminal Jusice Information System
Cloud computing is the delivery of computing as a service rather than a product, whereby shared resources, software, and information are provided to computers and other devices as a utility (like the electricity grid) over a network (typically the Internet).
CMI Classified Message Incident
CMS Cryptographic Message Syntax
CMS Credential Management Software
COTS Commercial Off The Shelf
CRL Certificate Revocation List
CSS Central Security Service
DAR Data At Rest
DCPDS Defense Civilian Personnel Data System
DECnet suite of network protocols created by Digital Equipment Corporation
Deployment tools - built into ADmitMac, compatible with common ones such as Casper, FileWave, DeployStudio and ARD
DFS Distributed File System
DIACAP DoD Information Assurance Certification and Accreditation Process
Digital Signing of documents carried out by products such as Silanis' ApproveIt, Adobe Document Services, Microsoft InfoPath and IBM's PureEdge
DISA Defense Information Systems Agency
DIT Data In Transit
DITSCAP Department of Defense Information Technology Security Certification and Accreditation Process
DN distinguished name
DNS Domain Name Service
DoD US Department of Defense
Domain - logical division of an Active Directory network (forest, tree, and domain)
DSS Data Security Standards
DMDC Defense Manpower Data Center
DV Dave
DTS Defense Travel System
EHR - Electronic Health Record also electronic patient record (EPR) or computerised patient record (CPR) is an evolving concept defined as a systematic collection of electronic health information about individual patients or populations
EMEA Europe, Middle East and Africa
EMV stands for Europay, MasterCard and VISA, a global standard for inter-operation of integrated circuit cards (IC cards or "chip cards") and IC card capable point of sale (POS) terminals and automated teller machines (ATMs), for authenticating credit and debit card transactions
Ethernet - family of frame-based computer networking technologies for local area networks
EULA End User License Agreement
Eval Free trial or evaluation Software
EWS Exchange Web Server
FASC-N – Federal Agency Smartcard Credential Number --The government selected format stored in the CHUID
FCC Federal Communications Commission
FCC Part 15 regulates nearly every electronics device sold inside the United States for unintentional emissions
FCP Apple Final Cut Pro
FDCC Federal Desktop Core Configuration
FERPA Family Educational Rights and Privacy Act
FFRDC Federally Funded Research and Development Centers
FIM Forefront Identity Manager
FIPS Federal Information Processing Standard
FIPS 140-2 Security Requirements for Cryptographic Modules
FIPS 201 Personal Identity Verification of Federal Employees and Contractors
FISMA Federal Information Security Management Act
Flash Adobe animation product that works on 99% of browsers worldwide but not on iOS
FOB Freight On Board
Forest - logical division of an Active Directory network (forest, tree, and domain)
FP Fingerprint
FPO Fleet Post Office
Free Software understood as "free" as in "free beer" but typically "free" as in "free speech" since customization, certification, support, updating, upgrading and training are not free
Fremium Sofware - software that is free of charge for limited functionality, limited time, limited size etc.
FSLTTP Federal, State, Local, Tribal, Territorial, and Private sector
FSO Field Security Operations
FUD Fear Uncertainty & Doubt
GAL Global Address List
GID Group ID
GLBA Gramm–Leach–Bliley Act
GNOME GNU Desktop Environment
GNU "GNU is Not UNIX" Free Software Project
GP Group Policy
GPL GNU Public License
GPMC Group Policy Management Console
GPO Group Policy Object
GPOE Group Policy Object Editor
GSA General Services Administration
GSA Schedule 70 – A contract administered by the Federal Supply Service of the General Services Administration
GSSAPI Generic Security Services Application Program Interface
GSX Apple Global Service Exchange
GUI Graphical User Interface
GSS-API Generic Security Service API
HIE - Health information exchange is defined as the mobilization of healthcare information electronically across organizations within a region, community or hospital system
HMAC – Hashed Message Authentication Code --A hash function that uses a key
HMO Health Maintenance Organization
HIPAA Health Insurance Portability and Accountability Act
HISEC Microsoft’s Highly Secure templates
HSPD-12 Homeland Security Presidential Directive 12
HTML HyperText Markup Language, standardized in HTML 4 in 1997
HTML5 s the fifth revision of the standard and as of November 2011 is still under development
HW Hardware
IAG identity and access governance
IAM Identity and access management
IC Integrated Circuit
ICAM Identity, Credential & Access Management
ICCD tIntegrated Circuit(s) Card Devices
IDS Integrated Delivery System
IEEE 802.1X Standard for PNAC
IEEE 802.11 Set of standards for WiFi / WLAN
IETF Internet Engineering Task Force
IF Interface
IIS Internet Information Services
IP Internet Protocol address
IP Intellectual Property
IPsec Internet Protocol Security
IOPS Input/Output Operations Per Second, common benchmark for storage
iOS(formerly known as iPhone OS) is Apple's mobile operating system. Originally developed for the iPhone, it has since been extended to support other Apple, Inc. devices such as the iPod touch, iPad and Apple TV.
IR Infra Red
ISV Independent Software Vendor
ISO/IEC 7816 is an international standard related to electronic identification cards with contacts, especially smart cards
IVV Identity Verification and Validation
Java is a programming language originally developed by Sun, available on most OS platforms except iOS
JITC Joint Interoperability Test Command
JRE Java Runtime Environment
JVM Java Virtual Machine
Kanji Japanese writing system
KDC Key Distribution Center
KDE "Kommon" Desktop Environment Free Software
Kerberos computer network authentication protocol
LAM Loadable Authentication Module
LAN Local Area Network
LDAP Lightweight Directory Access Protocol
LE Law Enforcement
Linux is a Unix-like computer operating system assembled under the model of free and open source software development and distribution
LOA Level of Assurance
Mac Macintosh
M&E Media and entertainment
Maintenance technical support, updates and/or upgrades for software licenses
Match on Card is the concept of both matching and storing fingerprints on a smart card.
MCU Micro Controller Unit
MCX Mac OS X Managed Preferences
MDM Mobile Device Management
MFA Multi factor authentication, greater than TFA, e.g. physical card, PIN and fingerprint (user has, knows and is)
MFi Apple's Made for iPad, iPhone and iPod program
MFM Mobile File Management / Manager - file handling on mobile devices
MLS multi-level mashup - applications that span multiple networks
MRM Mobile Risk Management
MMC Microsoft Management Console
MMS Multimedia Messaging Service
MSRP Manfucturer Suggested Retail Price
Multimodal biometrics -- havng more than iris, fingerprint, photo biometrics - think of hospitals, disaster and combat zones
NAS Network Attached Storage
NDA Non Disclosure Agreement
NETCOM US army enterprise systems technology activity, Fort Huachuca, AZ
Net 30 Purchase with payment expected in full, in 30 days
NFC Near field communication technology similar to BlueTooth
NFR Not For Resale
NIACAP National Information Assurance Certification and Accreditation Process
NIH National Institute of Health
NIS Network Information Service
NISPOM National Industrial Security Program Operating Manual
NIST National Institute of Standards and Technology
NOC Network Operations Center
Nordic Countries Denmark Finland Norway Sweden and sometimes Iceland
NRE Non Recurring Engineering
NSA National Security Agency
NTLM also NTLM v2 Windows NT LAN Manager
NTFS New Technology File System
OEM Original Equipment Manufacturer
OCSP Online Certificate Status Protocol
OMB-11-11 Continued Implementation of Homeland Security Presidential Directive HSPD 12 – Policy for a Common Identification Standard for Federal Employees and Contractors
OpenCL - open standard for parallel programming of heterogeneous systems
Open Directory LDAP directory model associated with Apple and OS X Server
OpenID is an open standard that describes how users can be authenticated in a decentralized manner
OPSEC Operational Security
OS Operating System
OSD Office of the Secretary of Defense
OSS Open Source Software defined by GNU General Public License 3
OS X or 10 is the successor to Mac OS 9, a UNIX-based operating system and GUI for Mac computers
OS X Server is the server version of OS X
OS X 10.0 Cheetah
OS X 10.1 Puma
OS X 10.2 Jaguar
OS X 10.3 Panther
OS X 10.4 Tiger
OS X 10.5 Leopard
OS X 10.6 Snow Leopard
OS X 10.7 Lion
OS X 10.8 Mountain Lion
OTA Over the air e.g. OTA synchronization of passwords
OTP One-time password
OU Organizational unit
OWA Outlook Web Access
PAC Privilege Attribute Certificate
PAM privileged account management
Patent troll is a term used for a person or company who buys and enforces patents against one or more alleged infringers in a manner considered aggressive or opportunistic with no intention to manufacture or market the patented invention
PCI Payment Card Industry
PDP Policy decision point
PIN Personal Identity Number (not the same as a "password" on Mac)
PIV Personal Identity Verification Primary goal of FIPS 201 system
PIV-I - PIV smart card specification that can be used by non-federal issuers to create highly-secure credentials - the "I" stands for interoperability
PIV II – Technical and interoperability standards for Personal Identity Verification
PKard Public Key Card pronounced “P card” or “Picard”
PKCS Public Key Cryptography Standard
PKCS#11 s one of the family of standards called Public-Key Cryptography Standards (PKCS)
PKI Public Key Infrastructure
PKINIT Standard for using public keys to log on to networks using Kerberos
PKO Public-Key Operations
PNAC Port-based Network Access Control
PO Purchase Order
POC Proof of Concept, sometimes Point of Contact
PPTP Point to point tunneling - a method of implementing a VPN
PR Public Relations
PuTTY is an open source terminal emulator
Q-Space Australia, Canada, UK and US intelligence sharing
QoS Quality of Service
RBAS Role Based Access Control
Red Space Counter Terrorism & Intelligence sharing
RFC Request for Comments
RFP Request for Proposal
RFQ Request for Quotation
RHEL Red Hat Enterprise Linux
ROHS Restriction of Hazardous Substances Directive
ROI Return On Investment
ROM Rough Order of Magnitude pricing or estimate rather than archaic Read Only Memory
RPC remote procedure call
RSoP Resultant Set of Policy
SaaS Software as a Service
Samba Server-side open source re-implementation of SMB/CIFS
SAML Security Assertion Markup Language
Sandbox - in Apple iOS, the sandbox is a set of fine-grained controls limiting an application’s access to files, preferences, network resources, hardware and so on
SAPM Shared-account password management
Saucer section - architecture where key components can be split from a larger architecture
SBS Microsoft Small Business Server
SC Smart Card
SCEP Simple Certificate Enrollment Protocol
SCR Smart Card Reader
SCVP Server-based Validation Protocol
SDK Software development kit
Security is a form of protection where a separation is created between the assets and the threat
Sharepoint is a Microsft collaboration tool
SE Sales Engineer
SHA-2 is a set of cryptographic hash functions (SHA-224, SHA-256, SHA-384, SHA-512) designed by the NSA
SIEM Security information and event management
SKU Stock Keeping Unit
SMB Small or Medium Business
SMB Server Message Block
SMB2 A new version of SMB associated with new storage servers and compatible with the original SMB
SMC Shared Mission Communities
S/MIME Secure/Multipurpose Internet Mail Extensions
SNC Secure Network Communications
Soft Cert is a certificate or more properly a private key held outside of silicon/hardware
SPNEGO Simple and Protected GSSAPI Negotiation Mechanism) is a GSSAPI "pseudo mechanism" that is used to negotiate one of a number of possible real mechanisms
SSK – Site Specific Key
SSL Secure Socket Layer
SOHO Small Office or Home Office
SOX Sarbanes-Oxley Act
SPNEGO Simple and Protected GSS-API Negotiation Mechanism
SSH Secure Shell
SSO Single Sign-On
SOHO Small Office Home Office
STIG Secure Technical Implementation Guide
SUA Support and Upgrade Agreement also known as maintenance
SUDO run commands with the security privileges of another user (normally the superuser, or root)
SUPM superuser privilege management
SW Software
SYSVOL System Volume
TAMOS Tivoli Access Manager for Operating Systems
TCO Total Cost of Ownership - the overall cost of a solution for all client and server software licenses, maintenance, integration work and training
TDEA Triple Data Encryption Algorithm
TFA Two factor authentication e.g. a physical card and a PIN (user has and knows).
TGS Ticket-Granting Service
TGT ticket-granting ticket
Thursday Thursby
Thrusby Thursby
TLS Transport Layer Security
TPM Trusted Platform Module
Tree - logical division of an Active Directory network (forest, tree, and domain)
Triple DES or 3DES is common name for TDEA
TSS Thursby Software Systems
Tumbleweed a commercial VA
TX Texas
UART Universal Asynchronous Receiver/Transmitter
UCAPL Unified Capabilities Approved Products List
UDID Uniue identifer on an iOS device - How to find it?
UID unique identifier
UK United Kingdom
UNAB Unix Authentication Bridge
USAF US Air Force
USB Universal Serial Bus
USCG US Coast Guard
USMC US Marine Corps
UPN User Principal Name sometimes Unified Principal Name
USN US Navy
VA Validation Authority
VA Veteran's Affairs
VAR Value Added Reseller - reseller that adds service or value beyond a straight product sale
VC Venture Capital early stage funding of high risk and high potential companies
Virtualization, in computing, is the creation of a virtual (rather than actual) version of something, such as a hardware platform, operating system, a storage device or network resources.[1]
Visio Microsoft design
VLA Volume License Agreement also known as a site license
VPN Virtual Private Network
VPP Volume Purchasing Program aka B2B Apple App Store
WAM Web access management
WGM Workgroup Manager
Wifi is a trademark of the WiFi alliance that promotes WLAN
Windows 1, 2, 3, NT, 95, 98, 2000, XP, 2003, Vista, 2008, 7 & 8 Microsoft operating systems
WLAN Wireless LAN
WMI Windows Management Instrumentation
WS-Federation is an Identity Federation specification
Xsan Apple clustered file system associated with OS X Server
Xserve Apple server unsupported as of 2011
501c3 Tax exempt organization under the US tax code
1001,1002 Protocol standard for a NetBIOS service on a TCP/UDP transport
1510 The Kerberos Network Authentication Service (V5)
1777 Lightweight Directory Access Protocol (LDAP)
1964 The Kerberos Version 5 GSS-API Mechanism
2222 Simple Authentication and Security Layer
2743 Generic Security Service Application Program Interface Version 2
3244 Microsoft Windows 2000 Kerberos Change Password and Set Password Protocols
4556 Public Key Cryptography for Initial Authentication in Kerberos (PKINIT)
4120 The Kerberos Network Authentication Service (V5)
7816-4 Smart Card Standard, Part 4, Interindustry Commands for Interchange
