Terms, Definitions and Abbreviations
Terms and Definitions
Please note: the definitions of terms are only valid in a certain context. This glossary applies only within the context of this document.
Please note missing terms and definitions in the review feedback form.
If available, definitions were taken from IEC 63278-1:2023 and IEC 63278.-3.
- Access Control
-
The decision to permit or deny a subject access to system objects (network, data, application, service, etc.)
[Source: NIST SP 800-162]
- Usage Control
-
Enforcement of data usage restrictions on the consumer side after access to data has been granted.
Note 1: Usage Control is concerned with requirements that pertain to data processing (obligations) rather than data access (provisions).
- accountability
-
property of a system (including all of its system resources) that ensures the actions of a system entity may be traced uniquely to that entity, which can be held responsible for its actions
[SOURCE: IEC TS 62443-1-1:2009, 3.2.3]
- authenticate
-
verify the identity of a user, user device, or other entity, or the integrity of data stored, transmitted, or otherwise exposed to unauthorized modification in an information system, or to establish the validity of a transmission
[SOURCE: IEC TS 62443-1-1:2009, 3.2.12]
- authentication
-
security measure designed to establish the validity of a transmission, message, or originator, or a means of verifying an individual’s authorization to receive specific categories of information
[SOURCE: IEC TS 62443-1-1:2009, 3.2.13]
- authorization
-
right or permission that is granted to a system entity to access a system resource
[SOURCE: IEC TS 62443-1-1:2009, 3.2.14]
- data integrity
-
property that data has not been changed, destroyed, or lost in an unauthorized or accidental manner
Note 1 to entry: This term deals with constancy of and confidence in data values, not with the information that the values represent or the trustworthiness of the source of the values.
[SOURCE: IEC TS 62443-1-1:2009, 3.2.38]
Abbreviations
Abbreviation | Description |
---|---|
AAS |
Asset Administration Shell |
AASX |
Package file format for the AAS |
ABAC |
Attribute Based Access Control |
ACL |
Access Control List |
API |
Application Programming Interface |
BLOB |
Binary Large Object |
BNF |
Backus Naur Form |
DKE |
Deutsche Kommission für Elektrotechnik |
HTTP |
Hypertext Transfer Protocol |
ID |
Identifier |
IDTA |
Industrial Digital Twin Association |
IDP |
Identity Provider |
IEC |
International Electrotechnical Commission |
IRDI |
International Registration Data Identifier |
ISO |
International Organization for Standardization |
JSON |
JavaScript Object Notation |
MIME |
Multipurpose Internet Mail Extensions |
OAUTH |
Open Authorization |
ODRL |
Open Digital Rights Language |
OIDC |
OpenID Connect |
OPC |
Open Packaging Conventions (ECMA-376, ISO/IEC 29500-2) |
RDF |
Resource Description Framework |
REST |
Representational State Transfer |
RFC |
Request for Comment |
ROA |
Resource Oriented Architecture |
SOA |
Service Oriented Architecture |
UML |
Unified Modeling Language |
URI, URL, URN |
Uniform Resource Identifier, Locator, Name |
VDE |
Verband der Elektrotechnik Elektronik Informationstechnik e. V. |
VDI |
Verein Deutscher Ingenieure e.V. |
VDMA |
Verband Deutscher Maschinen- und Anlagenbau e.V. |
W3C |
World Wide Web Consortium |
XACML |
eXtensible Access Control Markup Language |
XML |
eXtensible Markup Language |
X509 |
Standard format for public key certificates |
ZIP |
archive file format that supports lossless data compression |
ZVEI |
Zentralverband Elektrotechnik- und Elektronikindustrie e. V. |