Glossary & definitions for ACL, Active Directory, ADSync, Agent, Authentication, Bulk Creation, Connector, EAM, EUA, IdM, IAM, Identification, Identity Grid, Identity Management, LDAP, LDIF MetaDirectory, OID, Password Synchronisation, synchronization, sync, synch, User Provisioning, RADIUS, RBAC, ROI, Self-Service Password Reset, Single Sign-On, single signon, sso, login, logon, Subscriber, Templates Windows XP WinXP, 2003, Win2003, W2K, Win 2K, Win2K, Win2000, 2000, 98, Mainframe IBM OS/390, os390, MVS, zSeries, z/OS, zos, z series, Linux, IBM OS/400, os400, A/S 400, as400, iSeries, i series, AS/400, i5/OS V5R3, i5os, UNIX, IBM AIX, pSeries, p series, rs6000, rs/6000, HP-UX, HPUX, Sun Solaris, Compaq Tru64, Tru 64,Novell Netware, DEC VAX/VMS, OpenVMS, Open VMS, Oracle, SAP, MQ, IBM Websphere, Apache Tomcat, BEA Web Logic (WebLogic), Tivoli, Sun ONE Application Server, Microsoft .NET, SQL, ODBC, Lotus Notes, Lotus Domino, LDAP, SQL Server, RACF (SecureWay Security Server), CA-ACF2, CA-Top Secret, Internet Explorer 6.x (IE6, IE 6), Internet Explorer 5.x (IE5, IE 5), Netscape 7.x, Netscape 6.x, Firefox, Mozilla, Opera

Glossary

Abbreviation/Term	Description
ACL	Access Control List
Account Geneous Server	Means the Account Geneous central software to be installed on one existing server. It does not require its own additional hardware.
Account Geneous Agent	Means the Account Geneous component software which connects to the managed servers/applications. It does not require its own additional hardware.
Account Geneous User	Is an administrator using Account Geneous
Active Directory	A Microsoft technology, part of Active Platform, that enables applications to find, use and manage directory resources (such as user names, network printers and permissions) in a distributed computing environment. Active Directory is a component of Microsoft Windows Open Services Architecture (WOSA).
ADSync	The Active Directory Synchronization tool, or ADSync, provides the ability to register a user directly in one system and create the users' accounts automatically in another system as a unified operation from the Active Directory Users and Computers Console.
Agent	Is a service running on a server to process account changes
Authentication	Generally follows identification. The process of establishing that the user is indeed that user and has a right to use the system. The user supplies or generates authentication information that corroborates the binding between the person and the identifier.
Bulk Creation	Is the ability to create multiple accounts by taking a basic existing account and copying as many times as necessary and then completing user name, password, userid and comment field (if required)
Connector	Is a module to connect to a data repository e.g. database or directory
EAM	Enterprise Access Management. Provides a single, unified framework that enables an organization to manage external users’ access.
EUA	Enterprise User Administration – abbreviation. Another term for aspects of Identity Management.
IdM	Identity Management - abbreviation
IAM	Identity & Access Management - abbreviation
Identification	The user claims an identity, usually by supplying a user ID or user name to the security system.
Identity Grid	A coordinated network of services for accessing, transporting, sharing and managing identity data across and between organizations and applications.
Identity Management	Is a general term and encompasses technologies including password management (synchronisation and self reset), user provisioning and access management. Enables and maintains user access to network resources. This includes the creation of the user entity (functionality typically found in a human resource applications), authorization and permissions (SSO and password management functionality), and a single point of administration for de/provisioning accounts (as in provisioning).
LDAP	Lightweight Directory Access Protocol
LDIF	LDAP Directory Interchange Format
MetaDirectory	A centralized service that stores and integrates identity information from multiple directories in an organization providing a unified view. A metadirectory solves important business issues that result from having information stored in multiple, disparate data repositories throughout an organization.
OID	Oracle Internet Directory
Password Synchronisation	Password Synchronisation propagates changes (synchronises) all passwords to the same value across multiple platforms and applications. a.k.a. password synchronization, password sync, password synch, etc
Provisioning	Is a general term usually meaning the ability to control users - including adding users, revoking, resuming and deleting. Access control and definition by roles and rules together with the ability to use templates and bulk creation are all part of a good provisioning tool.
RADIUS	Remote Authentication Dial-in User Service
RBAC	Role Based Access Control. Also Rule Based Access Control
ROI	Return on Investment
Self-Learning	First application login when user first enters user name and password.
Self-Service Password Reset	Identity verification questions and answers mechanisms as in challenge-response identity verification. Themanagement of a single password reduced the likelihood of discovery thus improving security.
Service/Interface	Is an Account Geneous link between the HR or other subscriber database and Account Geneous/registration desk. This service acts as a control in order that new accounts are created with minimum/basic subscriber data to ensure account creation consistency between HR and user account management. A permanent link is then established from that moment between HR and the user account management. Fields changed in HR for a particular subscriber will be propagated to the appropriate fields in the user accounts managed by Account Geneous.
Single Sign-On	A single action of user authentication and authorization permits a user to access all computers and systems where he has access permission, without the need to enter multiple passwords.
Subscriber	Is the Account Geneous view of an individual users identity. It is usually the master source for the users information throughout the AG system.
Templates	Are pre-defined account creation models that only require completion by adding user name, password, userid and comment field (if required). Mainly used for creations for the same departments and/or personnel with same/similar roles. Templates may be amended on a case-by-case basis for the individual creation by adding or removal of template fields.