|
|
Glossary
Abbreviation / Term Description
ACL
Access Control List
Active Directory A Microsoft technology, part of Active
Platform, that enables applications to find, use and manage directory resources
(such as user names, network printers and permissions) in a distributed
computing environment. Active Directory is a component of Microsoft Windows Open
Services Architecture (WOSA).
AS/1
Applicability Statement 1 (AS1) is Electronic Data Interchange over the Internet
(EDIINT) specification that uses a well-known standard using SMTP to transport
data.
AS/2
Applicability Statement 2 (AS2) is Electronic Data Interchange over the
Internet (EDIINT) specification that uses a well-known standard using HTTP to
transport data.
AS/3
Applicability Statement 3 (AS3) is Electronic Data Interchange over the
Internet (EDI-INT) specification that uses a well-known standard using FTP to
transport data.
Authentication Generally follows identification. The process of establishing
that the user is indeed that user and has a right to use the system. The user
supplies or generates authentication information that corroborates the binding
between the person and the identifier.
Authorisation Determining a users access to a resource
BAM
Business Activity Monitoring
Basel II
aka Basel 2, The New Basel Capital Accord , Basel Committee on Banking
Supervision, Basel Capital Accord, New Basel Capital Accord. Original agreement
concluded among country representatives in 1988 in Switzerland to develop
standardized risk-based Capital requirements for banks across countries. Being
updated for implementation in 2006.
BI
Business Intelligence
BMS
Basic Mapping Support.
BPEL
Business Process Execution Language. OASIS specification
BPM
Business Performance Management
BPO
Business Processing Outsourcing
BPEL
Business Process Execution Language. OASIS specification
CDI
Customer Data Integration is a shared software & services layer across
enterprise business systems.
CICS
Customer Information Control System - An IBM licensed program that provides
online transaction processing services and management for critical business
applications. CICS runs on mainframes, RS/6000 (AIX), AS/400 and non-IBM
platforms such as Windows, Unix & Linux. The CICS application programming
interface (API) enables programmers to port applications among the hardware and
software platforms on which CICS is available. It controls the interaction
between applications and users and lets programmers develop screen displays
without detailed knowledge of the terminals being used.
COBOL
Common Business Oriented Language. Originally developed in the 1950s and 60s by
the US Department of Defense and computer manufacturers, COBOL is a computer
language for business data processing - often on mini & mainframes. It remains a
widely used programming language.
Compliance
Enterprises must comply with a raft of regulations that include:
see below
CRM
Customer Relationship Management or Customer Retention Management or
Customer Resource Management
CTG
CICS Transaction Gateway
CWS
CICS Web Support
DBMS
Data Base Management System
Digital Signature
Electronic signature to guarantee data integrity. Often linked to the identity
of the signer with a security token such as X.509 digital certificate to ensure
non-repudiation.
EAI
Enterprise Application Integration
EAM
Enterprise Access Management. Provides a single, unified framework that enables
an organization to manage external users’ access.
EASI
Enterprise Application Security Integration
Eclipse
Eclipse is defined as an "open universal platform for tools integration."
EDI
Electronic Data Interchange
EDIINT
Electronic Data Interchange over the Internet
EFT
Enhanced File Transfer – often used to refer to the added features and value
provided in Secure and Managed File Transfer solutions such as CyberFusion and
SIFT.
EII
Enterprise Information Integration
EJB
Enterprise JavaBeans (EJBs) is a Java API from Sun Microsystems that defines a
component architecture for multi-tier client/server systems. EJB systems are
written in Java and are therefore platform independent. Being object oriented,
they can be implemented into existing systems with little or no recompiling and
configuring.
Encryption
Prevents any non-authorized party from reading or changing data. The level
of protection provided by encryption is determined by an encryption algorithm.
Recognised algorithms include DES, Triple-DES, AES (Rijndael), Blowfish and
Blowfish Long.
ERP
Enterprise Resource Planning
ESS
Employee Self Service
ETL
Extract Transform Load
ETML
Extract Transform Move Load
EUA
Enterprise User Administration – abbreviation. Another term for aspects of
Identity Management.
FTP
File Transfer Protocol is a common way to move files between computers over
the Internet. Anonymous FTP gives users access (without an ID and password) to
areas on a remote system that contain public files.
FTP/S (FTPS)
Secure File Transfer Protocol. File transfer Protocol secured with SSL
GCOS
General Comprehensive Operating System – used by Bull and originally
developed by General Electric.
GLBA
Gramm-Leach-Bliley Act - also known as the Financial Services Modernization
Act of 1999. Signed into US law in 1999, GLBA provides limited privacy
protections against the sale of private financial information.
HIPAA
Health Insurance Portability and Accountability Act (1996) - Wide-reaching US
law designed to protect the privacy of health information. It governs the
acquisition, storage, use, and disclosure of health records.
HTML
Hyper Text Markup Language. The language of the internet.
HTTP
HyperText Transfer Protocol – The protocol for moving hypertext files across the
Internet
HTTP/S (HTTPS)
Hyper-Text Transfer Protocol with SSL Encryption
IdM
Identity Management – abbreviation
IAM
Identity & Access Management – abbreviation
Identification
The user claims an identity, usually by supplying a user ID or user name to the
security system.
Identity Grid
A coordinated network of services for accessing, transporting, sharing and
managing identity data across and between organizations and applications.
Identity Management is a general term and
encompasses technologies including password management (synchronisation and self
reset), user provisioning and access management. Enables and maintains user
access to network resources. This includes the creation of the user entity
(functionality typically found in a human resource applications), authorization
and permissions (SSO and password management functionality), and a single point
of administration for de/provisioning accounts (as in provisioning).
IMS
Information Management System. IMS was developed in 1969 by IBM to manage data
for NASA and later made commercially available as a DBMS. IMS supports the
hierarchical data model and is a joint hierarchical database and information
management system. IMS Connect runs on IBM mainframes and through which IMS
Connector for Java communicates with IMS. IMS Connect uses OTMA to communicate
with IMS.
ISO17799
aka ISO 17799, BS7799, BS 7799. Replaced by ISO27001. A comprehensive set of controls comprising best
practices in information security. It is an internationally recognized
information security standard comprised of ten prime sections: 1) Business
Continuity Management (BCM), 2) System Access Control, 3) System Development and
Maintenance, 4) Physical and Environmental Security, 5) Compliance, 6) Personnel
Security, 7) Security Organization, 8) Computer & Operations Management, 9)
Asset Classification and Control, 10) Security Policy. BS7799-1 covers best
practice and guidelines for managing security and sets the basis for ISO17799.
BS7799-2 is the standard against which organisations are tested for compliance.
A new category 27000 will replace these. ISO 27001 will be based on BS7799-2. 27002
will incorporate BS7799-1. 27004 will cover metrics & measurement.
ISO10181-3 aka ISO 10181-3. Access Control Framework. The framework defines four
roles for components participating in an access request: Initiators, Targets,
Access Control Enforcement Functions (AEFs), Access Control Decision Functions (ADFs)
J2EE
Java 2 Enterprise Edition
J2ME
Java 2 Micro Edition
J2SE
Java 2 Standard Edition
Jboss
is an open source Java based application server.
Kerberos
Kerberos is a network authentication protocol which utilizes symmetric
cryptography to provide authentication for client-server applications.
LDAP
Lightweight Directory Access Protocol
LDIF
LDAP Directory Interchange Format
Liberty Alliance
Consortium working towards federated XML-based identity infrastructure
MFT
Managed File Transfer provides much more than file transfer such as
scheduling, checkpoint restart, audit, security and post processing.
MetaDirectory
A centralized service that stores and integrates identity information from
multiple directories in an organization providing a unified view. A
metadirectory solves important business issues that result from having
information stored in multiple, disparate data repositories throughout an
organization.
MFS
Message Format Service is a method of organizing files on a volume in a "flat"
or non-hierarchical structure
MiFID
Markets in Financial Instruments Directive
MS
Passport Microsoft single sign-on initiative
MTAs
Message Transfer Agents in the NHSnet/NHS Messaging Service
NDM
Network Data Mover, Network DataMover now known as CONNECT:Direct
OASIS
Organization for the Advancement of Structured Information Standards
OID
Oracle Internet Directory
OTMA
Open Transaction Manager Access
Password Synchronisation Password Synchronisation propagates changes
(synchronises) all passwords to the same value across multiple platforms and
applications.
Provisioning
Is a general term usually meaning the ability to control users - including
adding users, revoking, resuming and deleting. Access control and definition by
roles and rules together with the ability to use templates and bulk creation are
all part of a good provisioning tool.
RADIUS
Remote Authentication Dial-in User Service
RBAC
Role Based Access Control. Also Rule Based Access Control
ROI
Return on Investment
SAML
Security Assertion Markup Language - an OASIS standard
Secure FTP
Secure File Transfer Protocol based on open standards and SSH. Does not have
enhanced management. aka SFTP or S/FTP.
Secure SSH
Secure Shell. Secure file transfer based on open standards. Does not have
enhanced management.
Self-Learning
First application login when user first enters user name and password.
Self-Service Password Reset Identity verification questions and answers
mechanisms as in challenge-response identity verification. The management of a
single password reduces the likelihood of discovery thus improving security.
SFTP
Secure FTP using SSH (secure Shell) for security
Single Sign-On
A single action of user authentication and authorization permits a user to
access all computers and systems where he has access permission, without the
need to enter multiple passwords aka sso, single signon, single logon.
SOA
Services Oriented Architecture - using Web Services
SOE
Service Orientated Enterprise
SOAP
Simple Object Access Protocol - is used to envelop the XML data sent to a Web
Service and is a lightweight protocol for exchange of information in a
decentralized, distributed environment. It is an XML based protocol that
consists of three parts: an envelope that defines a framework for describing
what is in a message and how to process it, a set of encoding rules for
expressing instances of application-defined datatypes, and a convention for
representing remote procedure calls and responses.
SOX
Sarbanes-Oxley Act. see compliance
SSH
Shell file transfer based on open standards. Does not have enhanced management.
SSL
Secure Sockets Layer. Session based encryption
Struts
Jakarta Struts is an open-source framework for developing J2EE web applications.
TCP/IP (TCPIP)
Transmission Control Protocol/Internet Protocol, suite of communications
protocols used to connect hosts on the Internet.
TLS
Transport Layer Security. Session based encryption
TN3270 TN 3270
IBM class of terminals
TN5250 TN 5250
IBM class of terminals
UDDI
Universal Description, Discovery and integration. Defines a way to publish and
discover information about Web Services in a directory.
UTS
Unicode Technical Standard or Universal Transport System or Update TimeStamp
VPN
Virtual Private Network
W3C
WorldWide Web Consortium
WAS
Web Services
Enable applications to talk to each other using XML as a common language. May
integrate varied platforms.
WLI
WebLogic Integration, Web Logic Integrator
Workflow
The management of tasks and steps that may be automated or taken by
individuals in business processes. The workflow specifies what tasks need to be
done, in what order (sometimes linearly and sometimes in parallel), and who has
permission to perform each task.
WOSA
Windows Open Services Architecture
WS-Choreography
Describes messaging and other interactions for Web Services
WSDL
Web Services Description Language is an XML format for describing network
services as a set of endpoints operating on messages containing either
document-oriented or procedure-oriented information.
XACML
OASIS eXtensible Access Control Markup Language
XML
Extensible Markup Language is a W3C initiative that allows information and
services to be encoded with meaningful structure and semantics that computers
and humans can understand. XML is ideal for information exchange, and can easily
be extended to include user-specified and industry-specified tags.
XrML
EXtensible rights Markup Language
COMPLIANCE
UK regulations and standards include
· Data Protection Act 1998
· Freedom of Information Act 2000
· Electronic Communications Act 2000
· BS7799-2:2002 (BS 7799) Information Security Management System. Also global
standard ISO17799 (ISO 17799)
· BS10181 (BS 10181) Authentication and Access Control. Also global standard
ISO10181 (ISO 10181)
· Enterprise Act 2002
· Financial Services Act 1986
· Financial Services & Markets Act 2000
EU regulations and standards include
· The Privacy and Electronic Communications (EC Directive) Regulations 2003
· Basel II Capital Accord
· Human Rights Act 1998
· Markets in Financial Instruments Directive (MiFID)
US regulations and standards include
· HIPAA - Health Insurance Portability and Accountability Act 1996
· HL7 is a standard for the healthcare industry.
· Sarbanes-Oxley Act aka SOX Act. Officially titled the “Public Company
Accounting Reform and Investor Protection Act of 2002”, signed into law on 30
July 2002
· PATRIOT Act aka USAPA is The official title is "Uniting and Strengthening
America by Providing Appropriate Tools Required to Intercept and Obstruct
Terrorism (USA PATRIOT) Act of 2001."
· SEC & NASDAQ regulations - including SEC 17a-3, the requirement to make
records, and SEC 17a-4, the requirement to keep records are most relevant.
Specific rules surrounding retention, non-rewriteable storage, and ease of
retrieval and viewing are highlighted by 17a-4. NASD 3010 and 3110 refer to and
inherit the same requirements of 17a-3 and 17a-4 as applied to the NASD,
demanding the creation of policies and retention of reviewable customer records
and transaction data.
· Gramm-Leach-Bliley ACT aka GLB. Officially titled the “Financial Services
Modernization Act of 1999” repealed the Glass-Steagall Act opening up
competition among banks, securities companies and insurance companies.
Introduction to ProAtria™ and
overview of solutions.
Pro:Atria Ltd was established in 2001 as a specialist consultancy and
distributor for enterprise software products with a focus on multi-platform
solutions and include solutions for Network Performance and Diagnosis, Identity
Management & Provisioning, Secure File Transfer & SFTP, SOA & Web Services (see
below for details). Technical skills, together with listening to customer needs,
have led to the development of SFTPPlus as a
solution to the requirement for audit and automation of SFTP as a supported and
cost-effective product.
Development & Technical Support skills are available in the UK as well
with the product vendors which enables our Technical Consultants to work closely
with customers on finding the right technical solution as well as offering the
best Technical Support.
Consultancy - the nature of enterprise needs as well as requirements for
integration in total solutions means that we are often called upon to offer
consultancy and advice on the best way of achieving the objectives. Pro:Atria
will always offer that advice in order to develop long term relationships and
the best solution. Typically we will offer initial consultancy free of charge in
order to help develop the relationship at an early stage of planning. All
charges are agreed in advance and deviations will only be charged on an agreed
basis.
Meetings are often needed before formal plans or budgets are approved and
you will find Pro:Atria staff understands such needs and are prepared to make
significant efforts to work with you.
UK customers include some of the largest names from Banking, Stockbroking,
Consultancy, Outsourcing, Insurance, Government and Local Authority, Travel,
Engineering, Retail, Accountancy, etc.
Platforms supported include: IBM mainframe, AS/400, UNIX (AIX, Solaris,
HP-UX, Tru64), OpenVMS, Linux, Netware, Windows etc as well as many major
enterprise products e.g. Apache, BEA Websphere, IBM WebLogic, RACF, ACF2, Top
Secret, Microsoft Exchange, Lotus Domino/Notes, Oracle, DB2, SQL etc.
Programming skills include: IBM 390 assembler, Rexx, C/C++, Java, .Net,
XML, HTML etc.
Products by Company (alphabetical order)
Applied Expert Systems
AES Clever range of Network Performance software including TCP/IP,
website, tracing and routing modules. Performance, monitoring, analysis and
diagnosis are all provided by the comprehensive range used by many large
corporations worldwide. More
information......
Eurekify
SAGE: Provisioning, EUA & RBAC - from Eurekify. Sage has been developed
to provide automated discovery and management of job roles for User
Administration & Provisioning and significantly reduce the cost of
implementation of an EUA solution from leading vendors such as IBM and BMC. May
be used as a one-off discovery or compliance survey as well as part of an
identity management project. More
information......
Geneous Software AG
Account Geneous™: Identity Management & Provisioning software. Account
Geneous enables the enterprise to provision and manage user accounts and
identities with efficiency and enhanced security with a web based solution.
Without the difficult and costly implementation associated with products from
other leading vendors.
More
information......
ProAtria™
SFTPPlus™ (SFTP extended) was developed with a major insurance company
to provide additional audit and management to open SFTP products in order to
meet regulatory and corporate compliance requirements. It is a cost
effective solution that may be installed at one side of the data transfer. More
information on this website and at
www.proatria.com
Proginet Corporation
CyberFusion Integration Suite (CFI)™: for
Secure file Transfer is a complete suite of enhanced file transfer management to
help ensure compliance, security, control and integration. The CFI 'Platform
Server' (multi-platform peer-to-peer file transfer) and 'Internet Server' (e.g.
B2B secure internet file transfer) may be implemented ‘stand alone’ or together
to meet corporate requirements and the optional Command Center module can
provide a central point of control and audit.
CFI Platform Server: Secure File Transfer in the enterprise across LAN, WAN &
the internet offering encryption & security, reliability & guaranteed delivery,
management & automation, audit & control. Cost saving migration from competitor
products (such as CONNECT:Direct and XCOM) is supported. CFI is used
worldwide by many leading enterprises.
More information......
CFI Internet Server Secure Internet File Transfer enables data to be securely
transferred via the internet with easily downloadable Java based browser
application. Ideal for secure transfer of data between business partners.
Information security via SSL & HTTPS ensures that data is moved securely through
the firewall & the DMZ. FTP and FTP/S protocols are also supported.
More information......
CFI Command Center: Centralised control of all data movement module, the Command Center provides a single point of control to manage all enterprise file transfer, inside and outside the enterprise, and across platforms. The Command Center's Web-based interface provides a single view of all file transfer activity, bringing together features and functions including server management, user profiles, alerts, status reports, and audit logs. More Information...
SecurForce® is a suite of products for provisioning and Identity
Management offering a progression from password management (synchronisation and
self-reset) through to full provisioning and Identity Management. SecurForce
provides provisioning and user-life cycle management for the large or extended
enterprise. SecurForce delegates and automates many of the identity management
processes commonly implemented by large enterprises.
More information......
SecurPass-Sync® Password Synchronisation across multiple platforms &
applications to enhance security & save helpdesk costs. The same password is
used for access to all platforms & all applications using best security policies
& password changes are automatically propagated. Users may also be quickly
revoked, resumed & deleted from a single point thus improving security.
More information......
SecurPass-Reset® Password Reset - user self-reset of passwords to enhance
security & save help desk calls. Users can reset their passwords without
helpdesk intervention in multi or single-platform environments. Resets are
enabled via a browser-based self-help utility. More
information......
SCORT
|
 |
Pro:Atria Ltd, The Old Exchange,
South Cadbury,
YEOVIL,
BA22 7ET,
UK
Tel: +44 (0)1963 441311
Fax: +44 (0)1963 441312
sftpplus@proatria.com
www.proatria.com
© Pro:Atria Ltd 2001-2006
