Glossary
This is a glossary of terms, used on MAYI ID related sites, materials and systems.
A |
|
| Access Control | The selective restriction of access to data, systems, or resources, ensuring that only authorized users can perform specific actions. |
| ACME | Automatic Certificate Management Environment, a certificate automation protocol. |
| Alert logs | Alert logs are specialized log files that record significant events, warnings, and error messages generated by a system or application. They serve as a critical resource for system administrators and developers to monitor system health, diagnose issues, and ensure the smooth operation of software and hardware components. |
| Agent | The agent works as an automatic credential injector for selected web/desktop apps. The agent is activated by receiving a deep link from MAYI PAM which is handled by the agent. |
| Authentication | The process of verifying the identity of a user, device, or entity, typically as a prerequisite to granting access to resources in an information system. |
| Authorization | The process of determining what actions an authenticated entity is permitted to perform within a system, such as accessing specific data or executing particular functions. |
| Automation portal |
Automation Portal is a standalone application allowing Partners, their Customers or Tenant Managers to configure and deploy Tenant on their own without any IT support. |
B |
|
| Bookmarks |
When coming back to MAYI ID platform you can set which page you will land after the Signin in. |
| Biometric Authentication | A security process that relies on the unique biological characteristics of an individual, such as fingerprints, facial recognition, or iris scans, to verify identity. |
C |
|
| CLM |
Certificate Lifecycle Management |
| CLM vs CMAS | Certificate Lifecycle Management (CLM) is formerly known as a Certificate Management and Automation System (CMAS) |
| CMP | Certificate Management Protocol |
| CSR | Certificate Signing Request (CSR) will validate whether you can use the common name in Certificates |
D |
|
| DNS | The Domain Name System (DNS) is the phonebook of the Internet. Humans access information online through domain names, like nytimes.com or espn.com. Web browsers interact through Internet Protocol (IP) addresses. DNS translates domain names to IP addresses so browsers can load Internet resources |
| Digital Identity | The online or networked identity adopted or claimed in cyberspace by an individual, organization, or electronic device. |
E |
|
| Enrollment, Remote enrollment, On-behalf enrollment vs Onboarding | Enrollment is an application that allows a user to register with the MAYI ID system, where user configures ways to authenticate himself/herself when signing in and ressetting password. Enrollment is a part of a bigger process called Onboarding, which includes configuration of permissions, groups and roles. |
| Emergency access | Emergency access is an application that provides the possibility to change the PIN of the vSEC card, reset the password to the application, unblock a blocked user or receive the emergency access OTP for emergency situations when the user loses his credentials. |
| EST | Enrollment over Secure Transport |
F |
|
| Floating secret | A security credential that is not fixed to a single user or device but can be dynamically assigned and reassigned as needed. This approach enhances flexibility in managing access across various systems and users. |
| Favourite items | You can tag certain items as favourite. In Vault: Folders, Secrets, Connections |
| Federated Identity Management | An arrangement that allows users to use the same identification data to obtain access to the networks of all organizations in the group, streamlining authentication across multiple systems. |
G |
|
|
GAC |
Global Admin Console is a part of the applications configuration - the successor of Admin Console. |
H |
|
| Heartbeat | A periodic signal sent between systems or components to indicate normal operation and confirm connectivity. Heartbeats are essential in monitoring the health and status of services, ensuring they are functioning correctly. |
| HOTP |
|
I |
|
| Identity Provider (IdP) | A trusted entity that creates, maintains, and manages identity information for users and provides authentication services to relying applications within a federation or distributed network. |
| Identity Lifecycle Management | The comprehensive management of the identity and access privileges of users throughout their tenure with an organization, from creation to deletion. |
J |
|
K |
|
| Keycloak | An open-source identity and access management solution developed by Red Hat. Keycloak provides features such as single sign-on (SSO), identity brokering, and user federation, simplifying the implementation of authentication and authorization in applications. |
L |
|
| LDAP | LDAP is an open, vendor-neutral application protocol for accessing and maintaining data such as usernames, passwords, email addresses, and other static data within directories. LDAP can also tackle authentication, so users can sign on just once and access many different files on the server. |
| LMS | Learning Management System - A software application or platform designed to deliver, manage, and track educational courses or training programs. LMS platforms facilitate online learning by providing tools for content delivery, assessment, and reporting. |
M |
|
| Magic questions | List of questions and answers to them, that are configured during enrollment. These questions are used for authentication of users during sign-in or emergency access. |
| Multi-Factor Authentication (MFA) | A security mechanism that requires users to provide two or more verification factors to gain access to a resource, enhancing security beyond just usernames and passwords. |
N |
|
O |
|
| Onboarding vs Enrollment | Enrollment is an application that allows a user to register with the MAYI ID system, where the user configures ways to authenticate himself/herself when signing in and resetting the password. Enrollment is a part of a bigger process called Onboarding, which includes configuration of permissions, groups and roles. |
| OpenID Connect | An identity layer built on top of the OAuth 2.0 protocol, allowing clients to verify the identity of end-users based on authentication performed by an authorization server. |
| OTP, TOTP, HOTP |
|
P |
|
| PAM | Privileged Access Management |
| Passkey | A digital credential that allows users to authenticate without using traditional passwords. Passkeys are often based on public-key cryptography, enhancing security and user convenience by eliminating the need for password memorization. |
| Platform template (in Vault) | A type of Secret template in Vault settings. Platform templates provide a general the basis for creating other templates. |
| Ping | A network utility is used to test the reachability of a host on an Internet Protocol (IP) network. It measures the round-trip time for messages sent from the originating host to a destination computer, aiding in diagnosing network connectivity issues. |
| Principal name | In identity management, a principal name uniquely identifies a user or entity within a given context, such as a network or realm. It is often used in authentication protocols to specify the identity requesting access. |
| Provisioning | The process of creating, managing, and maintaining user accounts and access rights within a system or application. |
Q |
|
R |
|
| RADIUS (Remote Authentication Dial-In User Service) | A networking protocol that provides centralized Authentication, Authorization, and Accounting (AAA) management for users who connect and use a network service. RADIUS is commonly used for managing access to networks, including Wi-Fi and VPN services. |
|
Role Based Access Control (RBAC) |
An approach to restricting system access to authorized users based on their role within an organization, simplifying management of permissions. |
S |
|
| Safewalk | A multi-factor authentication (MFA) solution that enhances security by requiring users to provide multiple forms of verification before granting access to systems or applications. Safewalk supports various authentication methods, including biometrics and one-time passwords. |
| SAML | Security Assertion Markup Language. It is an open for exchanging authentication & authorization data between parties, in particular, between an identity and service providers |
| Selfservice | An application where each user can manage own authentication tokens, password, requests or approvals. |
| SCEP | Simple Certificate Enrollment Protocol, a certificate automation protocol. |
| Secret | In cybersecurity, a secret refers to any confidential data that must be protected from unauthorized access to maintain the security and integrity of systems and information. Common examples of secrets include passwords, API keys, encryption keys, and tokens. Proper management of these secrets is crucial to prevent security breaches and ensure that only authorized entities can access sensitive resources. |
| Slug name | The name “slug” comes from web publishing and refers usually to a part of a URL which identifies a page or resource. |
| SSO | Single sign-on (SSO) is an authentication scheme that allows a user to log in with a single ID to any of several related, yet independent, software systems. |
T |
|
| TAC | Tenant Admin Console (TAC) an application for Tenant management. |
| Telnet | A network protocol that allows a user to communicate with a remote device or server over a TCP/IP network. Telnet provides a command-line interface for managing devices but lacks encryption, making it less secure compared to modern alternatives like SSH. |
| Tenant, Default tenant | In multi-tenant architectures, a tenant represents a group of users or an organization that shares common access with specific privileges to the software instance. The default tenant is the initial or primary tenant configured in the system, often used as a template for creating additional tenants. |
| Theme, GUI theme | A theme in a graphical user interface (GUI) refers to a set of design elements and styles that define the appearance of the interface. Themes control aspects like color schemes, fonts, and layout, allowing customization of the user experience. |
| Token | In security contexts, a token is a digital object that represents the right to access resources or services. Tokens are often used in authentication and authorization processes to verify identities and grant appropriate access levels. |
| TOTP |
|
U |
|
V |
|
W |
|
|
WCCE |
Windows Client Certificate Enrollment Protocol |
X |
|
Y |
|
Z |
|