Reference topics provide quick access to information, and typically consist of a term and a description. These topics may contain proprietary information specific to MobileTrust
Scope: Endpoint Security, Desktop Computers, Mobile Devices
The App Drawer, sometimes called the App Tray, is a collection of all the apps and widgets installed on a mobile device.
A Bar Code is a machine-readable code consisting of numbers and a pattern of parallel lines of varying widths. The code identifies the object or product it is printed on. Bar Codes can be interpreted by optical scanners called Bar Code readers, and other devices including printers and smartphones with interpretive software.
|Data At Rest||
Data At Rest refers to data in storage, in contrast to 'Data in Motion' which is data traversing a network or temporarily residing in computer memory to be read or updated.
|Data Origin Authentication||
Data Origin Authentication verifies that the source of data received is as claimed.
Data Origin Authentication enables the recipient to verify that messages have not been changed in transit (Data Integrity) and that they originated from the anticipated sender (authenticity)
A Field is a place for a piece of informaton in a database or some other form of storage.
A Firewall is software or hardware designed to block intruders and malware from access into computing devices via the Internet or network connections. It filters the data flow at various access points into computers and networks.
Home or Small Business Firewall:
HTTPS (HyperText Transfer Protocol Secure) is a secure version of HTTP (HyperText Transfer Protocol). HTTPS allows secure transactions, including online banking. The URL begins with https:// instead of http://
HTTPS is HTTP with a Secure Socket Layer (SSL). A Secure Socket Layer is an encryption protocol. When a user connects to a HTTPS website, the session is encrypted with a Digital Certificate.
A Hypervisor is a Virtual Machine Manager. It allows you to run multiple operating systems concurrently as 'Virtual Machines' on a single physical computer. Each Virtual Machine emulates a single computer.
An installed Hypervisor controls the physical computer's resources, and makes sure that guest operating systems or virtual machines do not interfere each other.
A Hypervisor on a server allows client computers to log into separate instances of the server that are customized and dedicated to each client.
A Jailbroke Device has had Apple/IOS operating system restrictions removed. Compare with Related Reference: Rooting Device.
A Driver (also known as a Device Driver) is a program that allows a computer or mobile device to communicate with hardware or a device.
A Keyboard Driver controls the keyboard attached to a computer or integrated in a mobile device.Technical
The MobileTrust Keyboard Driver passes keystrokes, in an encrypted format, directly to the browser via an Out-Of-Band Channel that bypasses the System Messaging Queue.
A Key URI is an encryption key encoded in a URI.Technical
Encryption keys may be encoded in URI ih the following format:
otpauth://TYPE/LABEL?PARAMETERS ≈ where TYPE is HOTP (HMAC-based One-time Password Algorithm) or TOTP (Time-based One-time Password Algorithm) and LABEL is a human readable label to help distinguish multiple OTP generators
A Network Packet is a unit of data that is formatted for transmission across a network or the internet.
OATH (Open Authentication) is a non-proprietary set of standards for Two-Factor authentication.
OAuth Authentication is a server-to-server protocol for applications to authenticate each other. Three parties are typically involved: One authorization server, and two servers with their applications that need to communicate with one another.
|One-Time Password (OTP)||
A One-Time Password (OTP) is valid for only one login session or transaction. The purpose is to make it more difficult to gain unauthorized access to restricted resources, such as a bank account. An OTP is generated for use as a second authentication factor in Mobile Trust.
OpenID is an open standard for Single Sign-On (SSO) authentication for affiliated but separate web sites. It does not rely on a central authority to authenticate user identity.
OpenID motto: "Make simple things simple and make complicated things possible."
An Out-Of-Band Channel is a channel of communication that is separate from the main communication channel.
A Packet Filter is a network layer firewall that operates at a low level to prevent packets of data from passing through the firewall unless they match an established set of rules.
The network layer is defined in the TCP/IP protocol suite (the communication language or set of protocols for the Internet).
|Password Vault||A Password Vault allows you to securely store and manage passwords for websites, networks, and cloud services.
ProtectID Authentication is a Two-Factor Authentication system by Strikeforce Technologies.
ProtectID is based the OATH (Open Authentication) architecture. Multiple authentication mechanisms are supported, including biometrics and cell phone authentication.
A PIN (Personal Identification Number) is required for ProtectID authentication in MobileTrust.
A QR (Quick Response) Code is a type of Bar Code. Bar Codes are one dimensional whereas QR Codes are two dimensional. QR Codes can hold a lot more data than Bar Codes.
QR Codes are one of three options for entering an OATH authentication factor in MobileTrust.Figure A. QR Code compared to Bar Code
A Rooted Device provides the user with 'root access' of various Google/Android operating system - subsystems. Compare with Related Reference: Jailbroke Device.Technical
Since Android is based on the Linux kernel, rooting Android gives similar access to administrative (superuser) permissions in Linux.
Related Reference: Jailbroke Device
A Rootkit is unauthorized software, usually malware, that is designed to gain hidden, administrative access to computers and mobile devices. A Rootkit may allow other malware to gain access to operating system level functions and events (actions including keystrokes).
Some forms of malware including certain keyloggers require a Rootkit for installation.
SAML (Security Assertion Markup Language) is a Single Sign-on protocol that completely eliminates the need for passwords. SAML allows the user to log on once for affiliated but separate web sites. It relies on Centralized Identity Management.
A Security Token, sometimes called an Authentication Token or just a Token, usually refers to hard token authentication. Eg. Smart Card or Key Fob. Security Tokens are implemented as second factors in Two-Factor Authentication. See the related concept, Token-Based Authentication. for more information.
By definition, Security Tokens include soft tokens. Eg. One-Time Passwords (OTP) in Mobile Trust.
Security Token Service (STS):
|System Message Queue||
A System Message Queue is an operating system component used for Inter-Process Communication (IPC), or for inter-thread communication within the same process. Messages are placed onto a queue and stored until they are retrieved.
A URI (Uniform Resource Identifier) is a string of characters used to identify a name of a resource.
A URL (Uniform Resource Locator) A URL is a character string used to identify a reference to a web resource. In addition to identifying a web resource, it specifies the means of locating the resource. In most web browsers, the URL of a web page is displayed inside the address bar.