1 Appendix 1: Dictionary of Security Related Terms and Abreviations

Acrylonitrile Butadiene Styrene (ABS)

A plastic used to make up the card body of some smart cards.

Archie

System for searching indices of files available on public servers by anonymous FTP on the Internet.

Authentication

A data security mechanism that ensures the integrity of a message that has been received (e.g., guarantees that nothing was altered during the transmission), and/or that confirms the identity of the message issuer, but does not scramble the message to make it unintelligible to others (see Encryption).

Biometrics

The technique of studying physical characteristics of a person such as finger prints, hand geometry, eye structure or voice pattern.

Client

A computer, typically a PC or workstation, that receives information from another computer.

Client-server

An architecture in which there is interaction between two or more computers. The client requests services from the server.

Common Gateway Interface (CGI)

A specification to allow Web servers to communicate with other programs and systems.

Credit Card

The sum corresponding to a purchase is debited from the card holder account over several months with a rate of interest fixed by the bank or credit organization (view Debit Card).

Data Encryption Standard (DES)

An encryption standard supported by the federal government that has become a standard in industry as well.

Debit Card

The card holders account is debited a few days after the purchase as with a check. The smart card on-board intelligence can be used in credit card or debit card programs to implement innovative security schemes to reduce fraud.

The smart card implements techniques such as card and terminal authentication, electronic signature, online resource management, selective or systematic PIN control, and balance control.

Distributed Computing

An environment in which work is performed on more than one computer and a communications network is required. A more accurate description of the current direction computing technology is moving.

Distributed Database

A database in which information is stored on more than one physical hardware server.

Electronic Purse

A smart card containing electronic cash which can be used as a substitue for coins and bank notes. The electronic purse solves the problems associated with the use of cash such as handling costs and security risks. The card is loaded at ATMs and can be used for low-value purchases in shops and vending machines. The banks therefore reduce the amount of cash in circulation and the risk of counterfeited coins and bank notes.

The bank can also earn interest on the float, which is the total of the balance in the all issued electronic purses. For the retailer and his customers, the electronic purse is a secure, convenient, and fast payment method. With the electronic purse arrival, financial institutions can now cover the whole range of personal financial transactions with an adapted payment smart card.

Encryption

A data security mechanism used to scramble messages (e.g., convert information into a format which is unreadable without the use of a password or key). Encryption insures that no unauthorized person can read the message; it does not insure that the message has not been altered during transmission (see Authentication).

File Transfer Protocol (FTP)

A method for file transferring on the Internet.

Graphics Interface Format (GIF)

Format for storing images (pictures, drawings, etc.).

Graphic User Interface (GUI)

A PC and workstation user interface popularized by the Apple Macintosh and Microsoft Windows for accessing application functions. GUIs typically utilize windows, icons, and pull down menus, and are operated with a mouse or keyboard.

Groupware

A class of software that supports the sharing of information between two or more people. The range of products is diverse and includes electronic mail, bulletin boards, scheduling, and conferencing. Lotus Notes is the most prominent product in this category.

Global System for Mobile Communications (GSM)

A pan-European standard for portable telephones.

Home Page

The Web page which is used as a starting (or entry) point to a Web server.

Hypertext Markup Language (HTML)

A language used to format the documents which make up the Web.

HyperText Transfer Protocol (HTTP)

The rules (or protocol) for providing communications between a Web server and clients such as browsers.

Internet

A global collection of computer networks permitting universities, corporations, government agencies and research institutions to communicate and share information. Often referred to in connection with the concept of the information highway.

ISO

The ISO 78 1 6 defines the physical, electrical and protocol characteristics of smart cards.

Mandatory Access Control (MAC)

Multipurpose Internet Mail Extensions (MIME)

An Internet standard for incorporating multimedia information in electronic mail. MIME is described in RFC 1341, and we can find out about it in the newsgroup comp.mail.mime; a FAQ exists on it.

Mosaic

A type of Internet browsing technology supported on a variety of graphic interface platforms including MS Windows, Apple Macintosh and X Window. Famous browsers are Netscape Navigator, NCSA Mosaic, Spyglas, Spry's Air Mosaic and so on.

Newsgroups

A bulletin board-like system where information can be posted on a particular subject (see Usenet).

Network News Transport Protocol (NNTP)

A standard used in the transmission of Usenet messages.

Off-line

Not connected to a telephone or communications network.

On-line

Connected by a telephone or other communications network.

Open System

Used to describe computing environments that have published technical specifications which will: - permit third parties to build add-on products and services, - allow for the easy interchange of components. This term is frequently associated with the UNIX environment, along with standards published by a variety of organizations.

Open Systems Foundation (OSF)

A not-for-profit organization with the goal of producing licensed implementations of standardized software. Its membership consists of most of the world's major computer systems vendors.

Personal Identification Number (PIN)

The number or code that a cardholder must type in to confirm that he is the genuine owner of the card.

Personalization

Modify a smart card to represent information concerning one person. There are two sorts of personalization: graphical and electrical. Graphical personalization modifies the visual aspect of the card (holder's name, photograph, electrical personalization modifies the information held in electronic form.

Point to Point Protocol (PPP)

A protocol which allows a computer to use TCP/IP with standard telephone lines and high speed modems.

Polyvinyl Chloride (PVC)

A plastic used to make up the card body of some smart cards.

Scalability

The ability to increase and/or expand the power or capabilities of a technology without requiring changes to a customer's software.

Secure HyperText Transport Protocol (SHTTP)

An extension to HTTP which provides security features for use in communications and performing transactions.

Server

A computing device that provides services to other computers. These services include access to disk drives, databases, and communication devices. Servers include workstations, minicomputers, and mainframes.

Simple Mail Transport Protocol (SMTP)

A protocol that describes how electronic mail is moved between users in a TCP/IP network.

Simple Network Management Protocol (SNMP)

A protocol which describes how information is sent from devices on a network such as hubs, routers, switches, and computers to the applications programs which monitor and manage them.

Telnet

A terminal emulation protocol for programs that provide access to computers on the Internet.

Transmission Control Protocol/Internet Protocol (TCP/IP)

A standard communications protocol commonly used in UNIX networks. It is the communication protocol of the Internet.

Uniform Resource Locator (URL)

An address which specifies the location of a Web page.

Usenet

A collection of thousands of newsgroups (Bulletin Boards (BBS)) available on the Internet. The information is sorted by topics of interest.

Wide Area Information Server (WAIS)

Software used to index text files in servers.