A security framework requiring all users, whether in or outside the organization’s network, to be authenticated, authorized, and continuously validated for security configuration and posture before being granted or keeping access to applications and data.
URI
(Uniform Resource Identifier) Identifies a web resource with a string of characters conforming to a specified format.
URI
URI
URL
(Uniform Resource Locator) Identifies a resource according to its Internet location.
URL
URL
Universal 2nd Factor (U2F)
Open standard for two-factor authentication using USB devices.
Universal 2nd Factor (U2F)
U2F
virtual server ID
An optional unique identifier by which an identity federation deployment can be known to a specific connection partner.
webhook
An HTTP-based callback function that allows lightweight, event-driven communication between two application programming interfaces (APIs).
web service client (WSC)
An entity that requests a web service interaction. In the context of a security token service (STS), the web service client would request that a security token be issued for the interaction.
web service client (WSC)
WSC
Web Services Enhancement (WSE)
Supplemental software for the .NET framework provided by Microsoft. (Now obsolete.)
Web Services Enhancement (WSE)
WSE
web service provider (WSP)
In the context of a security token service (STS), an entity that requests validation of the security token sent with a client's request for service.
web service provider (WSP)
WSP
web services
A program and platform-independent collection of open protocols and standards available through the Internet and used for exchanging data between applications or devices.
web agent
Native library installed in a web server that acts as a policy enforcement point with policies based on web page URLs.
Web Services Security (WS-Security)
A standard mechanism for securing web service interactions, often by binding a security token to the web service request.
Web Services Security (WS-Security)
WS-Security
WS-Federation
Part of the WS-Security framework and an extension of WS-Trust, it defines mechanisms allowing different security realms to broker information on identities, identity attributes, and authentication.
WS-SX
The OASIS committee working on WS-Trust.
WS-Trust
A standard protocol by which an application can request that a security token service (STS) issue, validate, or exchange security tokens.
X.509 Attribute Sharing Profile (XASP)
Defines a specialized extension of the general attribute query profile and enables organizations with an investment in PKI (Public Key Infrastructure) to issue and receive attribute queries based on user-certificate authentication.
X.509 Attribute Sharing Profile (XASP)
XASP
XML
(Extensible Markup Language) A structured, hierarchical text format, based on SGML (Standard Generalized Markup Language), for the flexible and organized exchange of data.
XML