Zero Trust

Glossary

bundle
glossary
ft:publication_title
Glossary
Page created: 29 Nov 2022 |
Page updated: 29 Nov 2022

A security framework requiring all users, whether in or outside the organization’s network, to be authenticated, authorized, and continuously validated for security configuration and posture before being granted or keeping access to applications and data.

Uniform Resource Identifier (URI)

Page created: 22 Sep 2020 |
Page updated: 13 Dec 2022
| 1 min read

Identifies a web resource with a string of characters conforming to a specified format.

URI

URI

Uniform Resource Locator (URL)

Page created: 22 Sep 2020 |
Page updated: 13 Dec 2022
| 1 min read

Identifies a resource according to its Internet location.

URL

URL

Universal 2nd Factor (U2F)

Page created: 22 Sep 2020 |
Page updated: 21 Sep 2021
| 1 min read

Open standard for two-factor authentication using USB devices.

Universal 2nd Factor (U2F)

U2F

virtual server ID

Page created: 22 Sep 2020 |
Page updated: 7 Jul 2022

An optional unique identifier by which an identity federation deployment can be known to a specific connection partner.

webhook

Page created: 29 Nov 2022 |
Page updated: 29 Nov 2022

An HTTP-based callback function that allows lightweight, event-driven communication between two application programming interfaces (APIs).

web service client (WSC)

Page created: 22 Sep 2020 |
Page updated: 7 Jul 2022
| 1 min read

An entity that requests a web service interaction. In the context of a security token service (STS), the web service client would request that a security token be issued for the interaction.

web service client (WSC)

WSC

Web Services Enhancement (WSE)

Page created: 22 Sep 2020 |
Page updated: 7 Jul 2022
| 1 min read

Supplemental software for the .NET framework provided by Microsoft. (Now obsolete.)

Web Services Enhancement (WSE)

WSE

web service provider (WSP)

Page created: 22 Sep 2020 |
Page updated: 7 Jul 2022
| 1 min read

In the context of a security token service (STS), an entity that requests validation of the security token sent with a client's request for service.

web service provider (WSP)

WSP

web services

Page created: 22 Sep 2020 |
Page updated: 7 Jul 2022

A program and platform-independent collection of open protocols and standards available through the Internet and used for exchanging data between applications or devices.

Web Services Security (WS-Security)

Page created: 22 Sep 2020 |
Page updated: 7 Jul 2022
| 1 min read

A standard mechanism for securing web service interactions, often by binding a security token to the web service request.

Web Services Security (WS-Security)

WS-Security

WS-Federation

Page created: 22 Sep 2020 |
Page updated: 21 Sep 2021

Part of the WS-Security framework and an extension of WS-Trust, it defines mechanisms allowing different security realms to broker information on identities, identity attributes, and authentication.

WS-SX

Page created: 22 Sep 2020 |
Page updated: 21 Sep 2021

The OASIS committee working on WS-Trust.

WS-Trust

Page created: 22 Sep 2020 |
Page updated: 21 Sep 2021

A standard protocol by which an application can request that a security token service (STS) issue, validate, or exchange security tokens.

X.509 Attribute Sharing Profile (XASP)

Page created: 22 Sep 2020 |
Page updated: 21 Sep 2021
| 1 min read

Defines a specialized extension of the general attribute query profile and enables organizations with an investment in PKI (Public Key Infrastructure) to issue and receive attribute queries based on user-certificate authentication.

X.509 Attribute Sharing Profile (XASP)

XASP