Second list of words that appears during a standar customer installation.
Please let me know if i went wrong with any concept.
Concept | Brief Description |
ABAC | Attribute Based Access Control, also known as policy-based access control for IAM, defines an access control paradigm whereby access rights are granted to users through the use of policies which combine attributes together. |
IAM | AWS Identity and Access Management (IAM) is a web service that helps you securely control access to AWS resources. Use IAM to control who is authenticated (logged in) and authorized (has permissions) to use resources. |
Rugged software | For software to be considered as rugged, it must cope with all potential threats to the confidentiality, integrity, and availability of the information, and be robust when used in ways not anticipated.
“Rugged” describes software development organizations that have a culture of rapidly evolving their ability to create available, survivable, defensible, secure, and resilient software. |
NTLM | In a Windows network, NT (New Technology) LAN Manager (NTLM) is a suite of Microsoft security protocols intended to provide authentication, integrity, and confidentiality to users. NTLM is the successor to the authentication protocol in Microsoft LAN Manager (LANMAN), an older Microsoft product. |
UPN | In Windows Active Directory, a User Principal Name (UPN) is the name of a system user in an email address format. A UPN (for example: john.doe@domain.com) consists of the user name (logon name), separator (the @ symbol), and domain name (UPN suffix). |
Kerberos | Is a computer-network authentication protocol that works on the basis of tickets to allow nodes communicating over a non-secure network to prove their identity to one another in a secure manner. |
STRIDE | Is a model of threats developed by Praerit Garg and Loren Kohnfelder at Microsoft[1] for identifying computer security threats.[2] It provides a mnemonic for security threats in six categories.[3]
The threats and Desired properties are :
Spoofing → Authenticity
Tampering → Integrity
Repudiation → Non-repudiability
Information disclosure → Confidentiality
Denial of Service → Availability
Elevation of Privilege → Authorization |
Checksums | Is a small-sized datum derived from a block of digital data for the purpose of detecting errors that may have been introduced during its transmission or storage. By themselves, checksums are often used to verify data integrity but are not relied upon to verify data authenticity. |
PEM | Is an ASCII text format for public certificates. It is portable across platforms |
JWT | JSON Web Token is an open standard for secure transmission of information between two parties as a JavaScript Object Notation (JSON) object. JWT is used for authentication and authorization. Because JWT enables single sign-on (SSO) , it minimizes the number of times a user has to log on to cloud applications and websites. |
Certificates | Qlik Sense uses certificates to secure communication between components that are installed on different computers.A certificate is a data file that contains keys that are used to encrypt communication between a client and a server in a domain. Certificates also confirm that the domain is known by the organization that issued the certificate. |
SAML | Security Assertion Markup Language. Is an open standard for exchanging authentication and authorization data between parties, in particular, between an identity provider and a service provider. SAML is an XML-based markup language for security assertions (statements that service providers use to make access-control decisions) |
SPN | Service principal name, is a unique identifier of a service instance.
SPNs are used during authentication to associate a service instance with a service logon account. This allows a client application to request that a service authenticate an account even if the client does not have the account name. A SPN always includes the name of the host computer on which the service instance is running, so a service instance might register a SPN for each name or alias of its host. |
SSO | Single sign-on is a centralized session and user authentication service in which one set of login credentials can be used to access multiple applications. |
log4net library | The Apache log4net library is a tool to help the programmer output log statements to a variety of output targets. log4net is a port of the excellent Apache log4j™ framework to the Microsoft® .NET runtime. We have kept the framework similar in spirit to the original log4j while taking advantage of new features in the .NET runtime. |
Kubectl | The kubectl command line tool lets you control Kubernetes clusters. |
Shared Persistence | This means that nodes share a single repository database and a network folder for the application files. You can either share the central node repository and application storage, or setup dedicated machines for repository and application storage. |
TLS | Transport Layer Security (TLS) is the successor protocol to SSL. TLS is an improved version of SSL. It works in much the same way as the SSL, using encryption to protect the transfer of data and information. The two terms are often used interchangeably in the industry although SSL is still widely used. |
UNC | Universal Naming Convention) A standard for identifying servers, printers and other resources in a network, which originated in the Unix community. A UNC path uses double slashes or backslashes to precede the name of the computer. |
