The following definitions are used throughout the discussion and specification of webinos. The following list of terms is not exhaustive.
Other terms may be used and will be defined and added throughout the project work.
Some definitions will originate in certain domains and may overlap. So, a "Feature [WAC]" might be different from an automotive "Feature".
Protection of resources against unauthorized access; a process by which use of resources is regulated according to a security policy and is permitted by only authorized system entities according to that policy. [RFC 2828]
A mechanism that implements access control for a system resource by enumerating the identities of the system entities that are permitted to access the resources. [IEC 62351-2, ed. 1.0 (2008-08)]
The management of policies, rules, processes and information to control access to certain resources. In particular, the collection of systems and/or services associated with specific on-line resources and/or services that together derive the decision (privileges) about whether to allow a given entity to gain access to those resources or make use of those services [STORK Glossary and Acronyms]
A set of data, tools and functionalities, that can be accessed after the successful accomplishment of the processes of Authentication and Authorization. It allows for accountability.
The property of a system (including all of its system resources) that ensures that the actions of a system entity may be traced uniquely to that entity, which can be held responsible for its actions. [RFC 2828]
A mechanical device for moving or controlling a mechanism or system. It is operated by a source of energy, usually in the form of an electric current, hydraulic fluid pressure or pneumatic pressure, and converts that energy into some kind of motion. [Wikipedia]. Webinos must provide methods that allow Web Applications to control Actuators.
the process of public promotion (of some product or service) [http://wordnetweb.princeton.edu/perl/webwn?s=advertising]
"Anonymity requires that other users or subjects are unable to determine the identity of a user bound to a subject or operation" (BS ISO/IEC 15408-2:2008)
The condition of having a name that is unknown or concealed. [RFC 2828]
Installation (or setup) of a program (including drivers, plugins, etc.) is the act of putting the program onto a computer system so that it can be executed. Because the requisite process varies for each program and each computer, many programs (including operating systems) come with a general-purpose or dedicated installer ? a specialized program which automates most of the work required for their installation.
A continuous process of managing the life of an application through governance, development and maintenance.
see Installable Web Application
An interface, i.e. a point of interaction between components, implemented by a software program that enables it to interact with other software. It facilitates interaction between different software programs similar to the way the user interface facilitates interaction between humans and computers.
"A complete, self-contained program that performs a specific function directly for the user. This is in contrast to system software such as the operating system kernel, server processes, libraries which exists to support application programs and utility programs." -- http://foldoc.org/application+program
Applications may exist on a device or be hosted online.
An overall set of client and/or server functions that may enable various capabilities of the user related to the application lifecycle, e.g. widget discovery, selection, preview, payment, authorization checks, update, etc. [Source: WAC]
A device client that supports client-side functions of an AppStore. [Source: WAC]
A network server that supports server-side functions of an AppStore. [Source: WAC]
An assault on system security that derives from an intelligent threat, i.e., an intelligent act that is a deliberate attempt (especially in the sense of a method or technique) to evade security services and violate the security policy of a system. [RFC 2828]
(see also Adversary) the originator of an attack.
The process of vouching for the accuracy of information. External entities can attest to shielded locations, protected capabilities, and Roots of Trust. A platform can attest to its description of platform characteristics that affect the integrity (trustworthiness) of a platform. Both forms of attestation require reliable evidence of the attesting entity. [http://www.trustedcomputinggroup.org/developers/glossary/]
An operation that provides proof of a set of the platform's integrity measurements [http://www.trustedcomputinggroup.org/developers/glossary/]
"Authentication is the process of confirming the correctness of the claimed identity." -- http://www.sans.org/security-resources/glossary-of-terms/
The mechanism used to corroborate claimed information with a specified, or understood, level of confidence. Mechanisms include the use of username/password, X.509 client certificates and biometrics, etc. [STORK Glossary and Acronyms]
A server that provides authentication services to users or other systems. For example, the user passes its identity and password (or certificate, smartcard, biometric data) to the authentication server; the latter veri?es this data and grants the authentication proof (e.g., a credential) to the user.
property that ensures that the identity of a subject or resource is the one claimed. Authenticity applies to entities such as users, processes, systems and information [IEC 62210, ed. 1.0 (2003-05)]
A right or a permission that is granted to a system entity to access a system resource. [RFC 2828]
A server that consults the security policy, extracts the relevant security rules, evaluates these rules with the current access parameters, eventually, invokes the con?ict resolution process, and generates the corresponding credentials that permit the access to resources.
"The property of being accessible and usable upon demand by an authorized entity" (ISO/IEC 13335-1:2004 taken from BS ISO/IEC 27001:2005 )
A certificate store will often have numerous certificates stored, possibly issued from a number of a different certification authorities. It consists of key pairs that encrypt and decrypt the symmetric key used for encrypting and decrypting data by Encrypting File System, digital certificates and so on.
A child application is a self contained application package that is included within another application package (parent application). The are used as means for distributed application development and deployment where a parent application can export child applications to other devices in order to provide a service that can be distributed over several devices to the user.
A statement made by one entity about itself or another entity that a relying party considers to be ?in doubt? until it passes ?Claims Approval?. [STORK Glossary and Acronyms]
"Cloud computing is Web-based processing, whereby shared resources, software, and information are provided to computers and other devices (such as smartphones) on demand over the Internet." (http://en.wikipedia.org/wiki/Cloud_computing)
"The Cloud" can therefore refer to a range of services provided by remote infrastructures. A single instance of a Cloud is Amazon EC2, for example.
Cloud application services or "Software as a Service (SaaS)" deliver software as a service over the Internet, eliminating the need to install and run the application on the customer's own computers and simplifying maintenance and support. People tend to use the terms ?SaaS? and ?cloud service? interchangeably, when in fact they are two different things.
"The property that information is not made available or disclosed to unauthorized individuals, entities, or processes" (ISO/IEC 13335-1:2004 taken from BS ISO/IEC 27001:2005 )
Is the action of transforming content to adapt to device capabilities. Content adaptation is usually related to mobile devices that require special handling because of their limited computational power, small screen size and constrained keyboard functionality.
Schilit et al. (1994) define context as where you are, who you are with, and what resources are nearby. This might suggest that context is more focused on the user?s surrounding as opposed to his/her inner states. A more specific definition is provided by Dey et al(2001). They defined it as any information that can be used to characterize the situation of an entity. An entity is a person, place, or object that is considered relevant to the interaction between a user and an application, including the user and applications themselves.. Some examples of context types according to the actor/entity that is involved are: User context (contexts describing a user?s situation), software context (context describing a software?s situation).
Context is more or less the set of facts or circumstances that surround a situation or event.
the process of acquiring context data that describe aspects of a situation. This is usually done through the identification of a corresponding occurring event.
A system is context aware if it uses context to provide relevant information and/or services to the user, where relevancy depends on the user's task. Three important context-awareness behaviours that an application might exhibit can be identified:
? The presentation of information and services to a user
? The automatic execution of a service
? The tagging of context to information for later retrieval.
Ref: Dey & Abowd, David R. Morse & Stephten Armstrong & Anind K. Dey
the conceptualization of how context data (within webinos) relate to determining factors such as situations, events and entities
a dedicated objects that holds context data about a corresponding webinos entity
Context of use refers to the "users, tasks, equipment, and the environments where a system is used" - ISO/IEC 13407
Context information can be found in a variety of sources. These can be as follows:
? Features in content items or the items themselves, these can include metadata about the content item
? Index terms
? Structure of a subject area as represented by a classification scheme, thesaurus or ontology
? User searches, user logs (containing queries, click behavior, timings and so on)
? Comments on content items (from individual users, groups, experts etc)
? Sensor information about the environment (location, temperature, time, etc)
? Actuator information such as a remote control mechanism or a switch that records its state when someone has pressed it
? User activities and user generated content over social media platforms
Context structure refers to the schema and the organization of the factors characterizing a specific event. This event consists of information decomposed to the primitive substances, that combined together give a consistent body of the structure. In the information technology dialect the event may refer to a specific task, situation or a goal of the system. The corresponding information describing the system is the input mostly coming from various sensors, ontologies, function of task and related data.
The structure is designed to enable effective matching and retrieval of contexts. The user context structure consists of five subcontexts:
? Environment context (it captures the entities that surround the user. These entities may be things, services, temperature, light, humidity, noise and persons)
? Personal context. It consists of two sub contexts: the physiological context (pulse, blood pressure, weight, hair colour etc) and mental context (mood, interests, anger, stress etc)
? Task context. This context describes what people are doing. The task context can be described with explicit goals, tasks, actions, activities, ore events.
? Social context
? Spatio-temporal context. This context aspect describes aspects of the user context relating to the time and spatial location (time, location, direction, speed, shape of buildings etc)
Data that is transferred or presented to establish either a claimed identity or the authorizations of a system entity. [RFC 2828]
A webinos application capable of running on multiple devices, such as a set-top box and smartphone, not necessarily simultaneously.
An event that indicates the outcome of the delivery of another event, according to the "Delivery notifications" part of the "Messaging" section in the Webinos System Specifications.
A piece of hardware such as a mobile telephone, laptop, PC, home media centre, in-car system, netbook, tablet, game console, or router. The term ?terminal? may be used analogue.
In the context of webinos, a set of devices grouped by some criteria (proximity, user, complementing features). Synonymous with webinos cloud.
A structure that associates an identity with an entity such as a user, a product or an Application Instance where the certificate has an associated asymmetric key pair which can be used to authenticate that the entity does, indeed, possess the Private Key (IEC 62541-2, ed. 1.0 (2010-02))
A set of claims made by one digital subject about itself or another digital subject." Where a digital subject is "a person or thing represented or existing in the digital realm which is being described or dealt with. -- The Laws of Identity
A protocol for vouching for an AIK using zero-knowledge-proof technology. [http://www.trustedcomputinggroup.org/developers/glossary/]
is a suite of Internet Engineering Task Force (IETF) specifications for securing certain kinds of information provided by the Domain Name System (DNS) [Wikipedia]
A distributed data structure used to perform a look up service similar to a hash table, where a key is mapped to a value. The key is first mapped to a number in a range. Network nodes are responsible for maintaining the mapping from numbers to values for different parts of the range. Distributed Hash Tables form an attractive solution to mapping user identities to the URLs for personal zone hubs, where the search is distributed across the hubs in a federated process.
see Digital identity
Any concrete or abstract object of interest, including relations among things (IEC 61360-1, ed. 3.0 (2009-07))
A set of structured data that is meant to be exchanged among two or more addressable entities (e.g., applications, services).
Logical unit within the WRT in charge of routing events among local and/or remote addressable entities.
A collection of data, APIs and/or platform-specific code, that is not part of webinos but is meant to be used in conjunction with it and is consistent with webinos APIs (use case: WOS-UC-TA3-004: Embedding Proprietary Extensions).
An option or functional capability available to the user.
Geo-Location is an identification of the real-world geographic location of an object, such as a cell phone or an Internet-connected computer terminal. Geo-location may refer to the practice of assessing the location, or to the actual assessed location.
A method for allowing a member of a group to anonymously sign a message on behalf of the group.
An anonymous credential system developed by IBM Research and based upon zero knowledge proofs. Users are issued strong credentials. Idemix can then be used to prove that a credential has certain properties without disclosing anything else about the owner of that credential. This provides effective authentication and good privacy based upon strong credentials.
An act or process that presents an identifier to a system so that the system can recognize a system entity and distinguish it from other entities. [IEC 62351-2, ed. 1.0 (2008-08)]
Informally, identity "is whom someone or what something is, for example, the name by which something is known." -- SANS (Glossary)
A digital identity is "a set of claims made by one digital subject about itself or another digital subject." Where a digital subject is "a person or thing represented or existing in the digital realm which is being described or dealt with". -- The Laws of Identity
Token be an encrypted and encoded identity certificate. It is returned from the Privacy Certificate Authority (A trusted third party that issues platform identities) to the platform.
Token placed in Identity Credential Request element when Requesting a identity certificate.
An identity token identifies an entity. For example, it can be a cryptographic key or a certificate. In most cases, additional knowledge is needed to be able to validate the token, and as such to authenticate the entity which identifies by this token. In case of the key, the validating entity needs to know the key. In case of the certificate, the validating entity needs to be able to validate the entire certificate chain.
It is a ?information-based media content or programming that also includes entertainment content in an effort to enhance popularity with audiences and consumers.?
"The property of safeguarding the accuracy and completeness of assets" (ISO/IEC 13335-1:2004 taken from BS ISO/IEC 27001:2005 )
A memory for recording (storing) information (data) entirely located on a specific device
The part of the webinos runtime responsible for loading and executing applications which may not be running or be in an inactive move.
see Installable Web Apps
"Structured data about data. Increasingly this term refers to any data used to aid the identification, description and location of networked electronic resources." -- SWDB (Glossary)
A mechanism whereby two parties can verify each other's identity, e.g. a website can authenticate a user, and the user can authenticate the website. This provides mitigation against spoofed sites, spoofed DNS and spoofed IP addresses.
XML namespaces are used for providing uniquely named elements and attributes in an XML document. An XML instance may contain element or attribute names from more than one XML vocabulary, e.g., the W3C Widget vocabulary and the added webinos specific attributes.
In XMPP Service Discovery mechanism, a node is a specific service/device which is communicable or about which information can be obtained. There are two types of nodes in XMPP: Info Nodes which are directly addressable and Items Nodes which are not addressable directly. Info Nodes are connected over IP and could be directly communicated using its full JID. Item nodes information is retrieved using Info Nodes. Details about the communication part to item nodes is not covered in XMPP standard, only information about fetching information about item nodes is specified.
An extension that, if not available, still allows the application to run, yet with less and/or degraded functionality.
A feature that, if not available, still allows the application to run, yet with less and/or degraded functionality.
A parent application is an application that contains child applications within its application package. See: child application.
This is a service that runs as part of the user's personal zone, and may be exposed to others via the personal zone hub, subject to the user's preferences. The user can install new personal services (provided by 3rd parties) in addition to the ones that are provided directly by the webinos platform.
This provides the means for users to manage their personal devices and services. The zone is exposed on each device as a set of local APIs, with a shared model of context that is synchronized across all devices in the zone together with the personal zone hub. The personal zone supports a single sign on mechanism so that users authenticate to a device, the device to the zone, and the zone to applications/services. The zone further supports an overlay networking model that hides the details of addressing and interconnect technologies. This is based upon 3rd party components that enable the zone to scale in the face on a continuing evolution of networking technologies. Note that some devices (e.g. a TV or networked printer) may be shared by several people, and forms part of a shared zone.
The Personal Zone Hub runs on a Web server with a public URL, and provides the means for people to access your devices and services subject to your preferences. It supports setting up logical peer to peer connections across Firewall/NAT boundaries.
A webinos-enabled device supports the zone apis (see personal zone) that enable it to function as part of the user's personal zone. Other non-webinos devices may be connected through webinos-enabled devices, which act as personal zone proxies.
As used in information security, refers to information that can be used to uniquely identify, contact, or locate a single person or can be used with other sources to uniquely identify a single individual.
An operating system and software environment running on top of a device, managing the device hardware and providing common services for efficient execution of various application software.
Examples: The most common operating systems used in mobile smart phones include Symbian OS, Android, iOS, RIM Black Berry OS, or Windows Mobile. Popular modern operating systems for personal computers include Microsoft Windows, Mac OS X, and GNU/Linux. MeeGo is a Linux-based open source mobile operating system project, primarily targeted at mobile devices and information appliances in the consumer electronics market.
Abstractly, a policy is a rule that defines a choice in the behaviour of a system . Security policies in Webinos are the permissions defined by users of the webinos runtime in order to allow or deny access to a resource or capability by an application or component. For example, a policy may define that Application A may not use the GPS location capabilities on a device.
Point which manages policies. -- Wikipedia XACML
Point which evaluates and issues authorization decisions. -- Wikipedia XACML
Point which intercepts user's access request to a resource and enforces PDP's decision. -- Wikipedia XACML
Point which can provide external information to a PDP, such as LDAP attribute information. -- Wikipedia XACML
A component on the webinos runtime capable of editing and viewing security policies based on interaction with the user.
The process of synchronising policies between webinos devices, to maintain a common set of security policies. This involves making sure every platform has the same set of XACML policy files dictating how applications and users are allowed to use the runtime. Synchronisation primarily occurs between a device's personal zone proxy and the personal zone hub.
The right of individuals to control or influence what information related to them may be collected and stored and by whom and to whom that information may be disclosed.[ISO 7498-2: Security Architecture]
Right or permission expressly granted to a single or specified group of user(s) or device(s) to perform specified actions, in specified roles and associated to established identity [IEC/PAS 62443-3, ed. 1.0 (2008-01)]
The management of applications on the runtime, stating which ones are given "privileged" status and therefore access to non-public webinos APIs.
The ability of a system to perform a required function under stated conditions for a specified period of time. [RFC 2828]
The Remote Data Binding Protocol ensures that the tickets are encrypted by a key that is known only to the ticket issuer.
A feature that is absolutely needed for an application to run.
Allows a Mobile Operator or device owner to block a specific application or group of applications.
The level of impact on agency operations (including mission, functions, image, or reputation), agency assets, or individuals resulting from the operation of an information system, given the potential impact of a threat and the likelihood of that threat occurring. [NIST SP 800-30]
(see also Risk Assessment) Systematic use of available information to identify hazards and to estimate the risk [ISO/IEC Guide 51, Definition 3.10]
The process of identifying risks to agency operations (including mission, functions, image, or reputation), agency assets, or individuals by determining the probability of occurrence, the resulting impact, and additional security controls that would mitigate this impact. Part of risk management, synonymous with risk analysis, and incorporates threat and vulnerability analyses. [NIST SP 800-53]
A form of identity-based access control where the system entities that are identified and controlled are functional positions in an organization or process. [IEC 62351-2, ed. 1.0 (2008-08)]
An event that contains a JSON-RPC 2.0 request object or request batch, according to the "Delivery notifications" part of the "Messaging" section in the Webinos System Specifications.
An event that contains a JSON-RPC 2.0 response object or response batch, according to the "Delivery notifications" part of the "Messaging" section in the Webinos System Specifications.
All aspects related to defining, achieving, and maintaining confidentiality, integrity, availability, non-repudiation, accountability, authenticity, and reliability. [ISO/IEC 13335-1]
(Comment by Claes/SEMC: The 1 st bullet is ok as it is a general definition not assuming any specific implementation. The 2nd definition assumes a specific solution/implementation and refers only to control of access to device capabilities. I propose that the 2nd bullet is removed)
The ability to understand and apply security policies
A process (or a device incorporating such a process) that can be used in a system to implement a security service that is provided by or within the system. Some examples of security mechanisms are authentication exchange, checksum, digital signature, encryption, and traffic padding.[RFC 2828]
A processing or communication service that is provided by a system to give a specific kind of protection to system resources.[RFC 2828]
Is a device that connects to a television and an external source of signal, turning the signal into content which is then displayed on the television screen or other display device.
A device that measures a physical quantity and converts it into a signal which can be read by an observer or by an instrument. [Wikipedia]. Webinos must provide methods for Web Applications to get access to sensor data.
Sensor network consists of spatially distributed autonomous sensors to cooperatively monitor physical or environmental conditions, such as temperature, sound, vibration, pressure, motion or pollutants.
An addressable logical functional entity that is exposed on a device or a server. The service availability varies over time depending on the device status (on/off), service status (stopped/running/installed/uninstalled) and connection status (connected/disconnected). Examples of services are: an API to get the temperature from a sensor, a web API provided by a Web Server or a remote control API provided by a TV.
Technology used to established a direct peer to peer connection for exchanging data between one or many devices over a short distance such as Bluetooth, ANT+, NFC, Zigbee, Wireless USB, UWB or WiFi Direct.
Single sign-off is the property whereby a single action of signing out terminates access to multiple software systems. [wikipedia - http://en.wikipedia.org/wiki/Single_sign-on]
It is a property of access control of multiple, related, but independent software systems. With this property a user logs in once and gains access to all systems without being prompted to log in again at each of them [wikipedia]
A smartphone is a mobile phone that offers more advanced computing ability and connectivity than a contemporary basic feature phone. Smartphones and feature phones may be thought of as handheld computers integrated within a mobile telephone, but while most feature phones are able to run applications based on platforms such as Java ME, a smartphone allows the user to install and run more advanced applications based on a specific platform. Smartphones run complete operating system software providing a platform for application developers.
A web site that focuses on building and reflecting of social networks or social relations among people, e.g., who share interests and/or activities. A social network service essentially consists of a representation of each user (often a profile), his/her social links, and a variety of additional services.
The term has sociological origins and refers to both people and organizations that endue a person. Social Context is the aggregation of social circles where somebody lives, interacts with others and develops his activities, beliefs and social intelligence. A person?s social context includes both the personal social context (his friends and the communities he belongs to) and his community social context (their role and identity in different communities).
In other words, social context describes the social aspects of the current user context. It can contain information about friends, neighbours, co-workers, relatives, and their presence. One important aspect in a social context is the role that the user plays in the context. A role can for instance be described with a name, the user?s status in this role.
From a technological aspect, it is a mathematical graph-instance of the real social context of a user. After the development of the social web, the term has gained great exposure, and refers to data that state ? explicitly or implicitly ? the connection among users. These connections may have the following elements:
? The friends and family (relationships) ? the augmented or live address book
? Social information, such as events, groups, calendars, locations
? Social Objects that connect users, such as photos, videos, comments, likes
? Social activities ? find friends/family, invite, share content, tag users, rate
This information can be used to construct a set of egocentric social networks in which a user is at the center of a set of relationships with others, who may also have ties to one another.
Ref: Leveraging Social Context for Searching Social Media, Marc Smith, Vladimir Barash, Lise Getoor, Hady W. Lauw
The collections of social connections that someone maintains in an online social platform (or in any platform that supports the creation of explicit or implicit connections among users)
Social media are media for social interaction, using highly accessible and scalable publishing techniques. Social media uses web-based technologies to turn communication into interactive dialogues.
Social Proximity is the phenomenon of overlapping for different people?s social circles. That helps them to reinforce the deep bonds of trust that facilitate exchange of tacit knowledge, and thus to develop more powerful connection among them. Social proximity is actually a very schematic and physical indicator. It means a person is in touch with others.
A node can have sub-hierarchy of nodes underneath it. A node under a node is referred as sub-node.
Any circumstance or event with the potential to adversely impact agency operations (including mission, functions, image, or reputation), agency assets, or individuals through an information system via unauthorized access, destruction, disclosure, modification of information, and/or denial of service. [NIST SP 800-53]
The direct digital-to-digital conversion of one encoding to another.
An application which has been assigned a specific level of trust, which can be based upon a variety of application attributes and installation context attributes, as defined by a security policy. [Source: WAC]
Entity which is assumed to appropriately enforce security policies. Because of this assumption, the entity may cause other security policies to be obviated.
For example: A trusted authorisation entity declares a user to be authorised for control thereby challenges authentication procedures, that would normally be applied, are not invoked. [IEC 62210, ed. 1.0 (2003-05)]
"Unlinkability requires that users and/or subjects are unable to determine whether the same user caused certain specific operations." (BS ISO/IEC 15408-2:2008)
An application is considered as ?unrecognised? if it does not carry a signature belonging to a defined and recognised identity.
An application is considered untrusted if it has not been assigned any specific level of trust, and is thus assigned to a default level of trust. [Source: WAC]
It is a collection of personal data associated to a specific user. A profile refers therefore to the explicit digital representation of a person's identity. A user profile can also be considered as the computer representation of a user model.
A flaw or weakness in a system?s design, implementation, or operation and management that could be exploited to violate the system?s integrity or security policy. [RFC 2828]
The Wholesale Applications Community (WAC) is an open global alliance formed from the world?s leading telecoms operators. It has been established to increase the overall market for mobile applications. It strives to unite a fragmented applications marketplace by providing common developer tools, a revenue share model across the entire ecosystem and common network and terminal APIs. For more information, see http://www.wholesaleappcommunity.com.
For further information related to the latest WAC Waikiki Beta Releases, see also http://members.wholesaleappcommunity.com/corespec/spec.html#toc-definitions.
The Official WAA:"http://www.webanalyticsassociation.org/?page=aboutus" Definition of Web Analytics: "Web Analytics is the measurement, collection, analysis and reporting of internet data for purposes of understanding and optimizing web usage".
A terminal application which provides a Web Runtime Environment supporting Websites. [Source: WAC]
An API that exposes access to some internal functionality of a piece of software for use by Webinos developers, to get access to specific information, to trigger special behavior, or to perform some other action. The Webinos APIs are typically client-side script APIs, for use in Webinos browsers and similar Webinos user agents (as opposed to server-side APIs, for example).
[Inspired by W3C Web APPs WG's definition of API]
An application written using webinos technologies that will run on a device, across a range of devices reflecting the domains mobile, stationary devices, automotive or home media and/or server. The application will be able to securely and consistently access device specific features, communicate over the cloud and adjust to the device and context specific situation.
A term to indicate any component augmented with webinos-based intelligence that interact with or manage a Webinos Network (i.e. Webinos Agent, Webinos Device, Webinos Runtime)
The webinos project has been defined by a strong consortium of 22 founding partners from nine countries. These companies are academic and industrial with a cross-domain focus; they include mobile phone manufacturers, telecommunication operators, automotive company, research and analytics firm, a communication company and a range of well-known research facilities. It is the intention to engage further companies in the definition and adoption of webinos ? as such the current webinos project members reach out to external companies via a range of communication tools (website, conferences, etc.)
The webinos project refers to the commitment of the 22 webinos founding members to collaborate, define and deliver webinos within the three year time period following the official kick-off in September 2010.
Commonly associated with web applications that facilitate interactive systemic biases, interoperability, user-centered design, and developing the World Wide Web.
An interactive application for displaying and/or updating local data or data on the Web, packaged in a way to allow a single download and installation on a user's machine or mobile device. [Source: WAC]
A WRT is considered as terminal software which supports the execution of web applications.
An interactive method for one party to prove to another that a give statement is true without revealing anything else. This can be used for privacy friendly authentication where one party proves to another certain properties, such as membership of a named group, or an age range, without disclosing their identity or actual age. See Idemix for a library implementing zero knowledge proofs.
|ACL||Access Control List|
|API||Application Programming Interface|
|DAC||Device API and Policy (W3C)|
|DLNA||Digital Living Network Alliance|
|DNS||Domain Name Service|
|IETF||Internet Engineering Task Force|
|IDL||Interface Definiton Language|
|LTE||Long Term Evolution?|
|MNO||mobile Network Operator|
|NAS||Network Attached Storage|
|NPAPI||Netscape Plugin API|
|OEM||Original Equipment Manufacturer|
|PAP||Policy Administration Point|
|PDP||Policy Decision Point|
|PEP||Policy Enforcement Point|
|PII||Personally Identifiable Information|
|PIP||Policy Information Point|
|POS||Point of Sale|
|PWN||Personal Webinos Network|
|WAA||Web Analytics Association|
|WAC||The Wholesale Applications Community|
|WRT||Web Runtime Environment|
|RBAC||Role-Based Access Control|
|TLS||Transport Layer Security|
|TTS||Text to speech|
|UPnP||Universal Plug and Play|
|URI||Uniform Resource Identifier|
|URL||Uniform Resource Locator|
|URN||Uniform Resource Name|
|XMPP||Extensible Messaging and Presence Protocol|
|Source||Citation and Link|
|WAC||WAC Waikiki Beta Release Core Specification - Definitions|
|BS ISO/IEC 15408-2:2008||Evaluation criteria for IT security (British Standards Online)|
|BS ISO/IEC 27001:2005||Information security management systems (British Standards Online)|
|BS EN ISO 13407:1999||Human-centred design processes for interactive systems (British Standards Online)|
|SWDB||Statewide Database - the Redistricting Database for the State of California|
|SANS||SANS Glossary of Security Terms|
|FOLDOC||The Free Online Dictionary of Computing (Editor - Denis Howe)|
|The Laws of Identity||The Laws of Identity by Kim Cameron, 5/12/2005|
|PH10TERMINOLOGY||Andreas Pfitzmann and Marit Hansen. A terminology for talking about privacy by data minimization: Anonymity, Unlinkability, Undetectability, Unobservability, Pseudonymity, and Identity Management v0.34, 10 Aug 2010. url: http://dud.inf.tu-dresden.de/literatur/|
|RFC 2828||Internet Security Glossary, May 2000, url: http://www.ietf.org/rfc/rfc2828.txt|
|NIST SP 800-53||NIST Special Pubblication 800-53 - Recommended Security Controls for Federal Information Systems and Organizations - Rev. 3, Aug 2009, url: http://csrc.nist.gov/publications/PubsSPs.html|
|STORK Glossary and Acronyms||FP7 Project STORK (Secure Identity Across Borders Linked), Glossary and Acronyms, 10 Jul. 2009, url: https://www.eid-stork.eu/index.php?option=com_processes&Itemid=&act=streamDocument&did=615|
The following words and phrases have been drawn from the top 20 stories and may need definitions or examples. Please complete an entry and add it to the section above.