Study your flashcards anywhere!

Download the official Cram app for free >

  • Shuffle
    Toggle On
    Toggle Off
  • Alphabetize
    Toggle On
    Toggle Off
  • Front First
    Toggle On
    Toggle Off
  • Both Sides
    Toggle On
    Toggle Off
  • Read
    Toggle On
    Toggle Off
Reading...
Front

How to study your flashcards.

Right/Left arrow keys: Navigate between flashcards.right arrow keyleft arrow key

Up/Down arrow keys: Flip the card between the front and back.down keyup key

H key: Show hint (3rd side).h key

A key: Read text to speech.a key

image

Play button

image

Play button

image

Progress

1/15

Click to flip

15 Cards in this Set

  • Front
  • Back
Identification
Subjects supplying identification information
Username, user ID, account number
Authentication
Verifying the identification information
Passphrase, PIN value, biometric, one-time password, password
Authorization
Using criteria to make a determination of operations that subjects
can carry out on objects
Accountability
Audit logs and monitoring to track subject activities with objects
Service Provisioning Markup Language (SPML)
allows for the exchange of provisioning
data between applications, which could reside in one organization or many. allows for the automation of user management (account creation, amendments,
revocation) and access entitlement configuration related to electronically published
services across multiple provisioning systems. This markup language allows for the integration and interoperation of service provisioning requests across various platforms. is an XML-based framework,
being developed by OASIS, for exchanging user, resource, and service provisioning information between cooperating organizations. allows for the automation of user management (account creation, amendments, revocation) and access entitlement configuration related to electronically published services across
multiple provisioning systems.
Security Assertion Markup Language (SAML)
allows the exchange of authentication and authorization data to be shared between security domains. provides the authentication pieces to federated identity management systemsto allow business-to-business (B2B) and business-to-consumer (B2C) transactions.
Simple Object Access Protocol (SOAP)
specification that outlines how information pertaining to web services is exchanged in a structured manner. It provides the basic messaging framework, which allows users to request a service and, in exchange, the service is made available to that user.is a protocol specification for exchanging structured information in the implementation of web services and networked environments.
service oriented architecture (SOA)
way to provide independent services residing on different systems in different business domains in one consistent manner. environments allow for a suite of
interoperable services to be used within multiple, separate systems from several business domains.
Extensible Access Control Markup
Language (XACML)
used to express security policies and access rights to assets provided through web services and other enterprise applications. both an access control policy language and a processing model that allows for policies to be interpreted and enforced in a standard manner. a declarative access control policy language implemented in XML and a processing model, describes how to interpret security policies.
Extensible Markup Language (XML)
is a set of rules for encoding documents in machine-readable form to allow for interoperability between various webbased technologies.
false rejection rate
Type I error
false acceptance rate
Type II error
crossover error rate
This rating is stated as a percentage and represents the point at which the false rejection rate equals the false acceptance rate
cabability table
is bound to a subject and lists what objects it can access
access control list
are bound to objects and indicate what subjects can
use them.