Purchases:

1. beautiful 3/4 sleeve Michael Stars Dress; brown with copper sheen; knee length; perfect to go with boots - $20.00

2. sweater whose tag read, "made in West Germany"; tan cashmere blend in knit geometric pattern; very 70s, very chic - $14.50

3. cozy American Apparrel unisex shag fleece rib cardigan in charcoal grey; too hipster? naah - $15.00

4. angel soft Kenzie twisty sweater; lavender; boyfriend will appreciate - $19.50

Total - $69.00

Although these purchases would have put me back at least $200 if I had bought these items new; if I had not bought them at all, I would still have $69 in my pocket and I would still have clothing to wear.

Solution. I think that there are a few things that I can do here that will allow me to get my fashion fix and save me Hamiltons.

1. Channel Boredom: Instead of venturing out to shop when I find my mind wandering, I can and should go to the bookstore and read some financial books for free. Additionally, I could drag my lazy ass to the campus gym, but I am sure that I will have my work cut out for me during the school year anyway. I don't think UPenn leaves its students bored.

2. Allocate Fashion Funds: Set a monthly amount that cannot be exceeded for fashion expenditures. Treat them like rollover minutes. What I don't spend in September gets added in to the fashion fund for October. I am thinking around $50-$100 a month, but I will have to wait and see how much I will be earning during the school year to pick an exact amount.

Coffee. Ah, the most widely used mood altering drug in the US. I am a user. I love lattes and cappuchinos and those new delicious Vivanno smoothies from Starbucks...sigh. Whenever I go out, I end up spending around $10 on beverages of this type. I am a regular at various coffee houses around the city (if that's possible) and even brew my own joe at home; however, I think I can do without once in a while

Solution. This is one addiction that I am unwilling to give up. How can I save money and keep my caffine high?

1. Limit Consumption: I will hereby limit myself to one coffee beverage obtained from a location other than my residence a day. This does not apply to coffee beverages bought by others for me.

2. Coffee Cash: Freshman at UPenn are required to purchase the most expensive meal plan. Luckily, I received a scholarship which covers this expense. My plan is the "Liberty Plan" which gives me 125 "meals" which can be used at the cafeterias around campus and $400 "dining dollars" which are useable at various eateries. There is a Starbucks on campus where these dollars can be spent. If there are around 110 days in the fall semester I can spend $3.60 on Starbucks every day. This is good. I would gladly replace lunch with a soy latte and a banana. Yum.

I think that my reduced consumption will be good for my wallet as well as for the environment. More budgeting to come...

My delay in posting Part IV of this series was that I had to get out to our school to verify the compass direction (on of twenty-four precise Chinese directions). Now that I surveyed the site two different times, and took very precise compass measurements, I am very certain that the facing direction of our building the direction receiving the most energy) is to the rear. I also checked the facing direction of my own classroom, which also has it's facing direction opposite the entrance.

I've been studying Eva Wong's book A Master Course in Feng Shui. It's an EXTREMELY well-written book (but would be difficult for beginners).

The first thing you should determine is how is your school building's position on the city streets? Is it in a favorable or unfavorable situaiton? Secondly you should determine your school building's facing direction, which is NOT necessarily the same as the building entrance direction. Eva has whole chapters both on building sites, and on how to correctly determine a building's facing direction. The third thing to determine is the facing direction of your own classroom (again, not necessarily the direction of the door).

I used Eva Wong's method of calculating the flying stars on our entire building (built in Period 7), and I also did a second chart for only my classroom. After looking up Eva Wong's interpretations for the flying stars, I looked up more detailed interpretations which I found in my brand-new book by Stephen Skinner. Did I ever have some surprises!

I will tell you about the surprises in my own classroom first.

In the area of the class where my male assistant has sat for the past two years (two different assistants who both had their desk in the same place), the flying stars indicate gastro-intestinal problems, stomach pain, and digestive problems. For the past two year, my assistants have developed this problem. Now I will test this out. Again, I have a new assistant. I am not going to change the place of his desk. But if he starts to develop stomach problems, I certainly will!

The next thing I noticed was that in the part of the class where I used to have my desk several years ago, gossip, arguments, and legal entanglements are predicted. The Feng Shui of the entire building also indicates gossip, arguments, and legal for where my classroom is located in the building!

During the year my desk was in this place, I had severe problems with politics involving students, parents, and the administration. Anyway, suffice it to say that the happenings that year certainly fit the criteria for gossip, arguments, and legal entanglements!

That particular year, I had one of the most difficult classes ever. It had two new and extremely disruptive third-graders placed in it, who spoke not one word of English. Half the class was constantly out of their chairs, and others were passing nasty notes about girls in the class (and we could never find out who was doing it). Those were just a few of the things that happened that year. Meanwhile, since I changed the location of my desk to the "command" position, things improved dramatically (before I knew about Feng Shui).

There are two areas in my class that are indicated as extremely harmful to the health of eldest sons. So now I will have to revise what I said in my earlier post, about not worrying about students' Feng Shui. I see that some areas of the class are more helpful/harmful. Perhaps this is a reason to move students' places every few weeks, or so. My thoughts are that stronger students can support more difficult areas, at least for a short time, than weaker students, who should be placed in the stronger areas. I will try to keep eldest sons out of the two bad areas.

I was dismayed to see that the corner of our room where we normally keep lunches can promote stomach problems, but the only possible place I was considering moving them to is even worse for digestive problems! So I guess I will leave them where they are..

During the same year I had the difficult class and problems with workplace politics, that previous position of my desk additionally indicated good for wealth, especially in real estate. At that time, I was able to make a very auspicious purchase of a piece of land (in fact, it was the same day that the twin towers were attacked, when the U.S. dollar was at its highest point against the local currency). Since that time, the value of the dollar has dropped in HALF (which I attribute to the War and deficit spending).

Where I currently have my desk is apparently good for wealth in real estate (I purchased a house for a good price since I moved my desk here). It also indicates joyful activities, and marital harmony. But it does indicate lung problems (which I never had before, but interestingly have developed some breathing problems in response to pollens, just since I've sat here). I'll have to look for a remedy for that...

In my flying stars chart for our whole building, I found some very auspicious areas (in fact, the Elementary Principal has his office located in the most auspicious area for academic achievement, fame, wealth, a good marriage, and joyful activities! Just wait until I tell him....

On the other hand, in our main office's area, I found quarrelling, fighting, jealousy and cheating are indicated!

So, in conclusion, I really feel I've chosen the correct facing directions and got the stars in the right places on the charts (as backed up by the events that have been happening in those areas of the school). I think it's important to do both chards, and see how they interact to support each other.

Part Three of this series.

Reactions?

Eileen

Rebel Sim card can unlock almost any mobile phone available in the market, and now the iPhone 3G, the hottest selling product of the year joins its list.
Anyone can buy a Rebel Sim card from www.rebelsimcard.com and unlock their iPhone 3G.

A lot of users were already looking for a solution to unlock their phone, with no software yet released to unlock the iPhone 3G, even after using the Rebel Sim card with the iPhone 3G the phone warranty is not lost! and the contract with existing network provider is not breached.

And guess what's more, the phone is still in warranty and Apple cannot detect it!! therefore users can use another networks simcard to make cheaper calls, without loosing their warranty! , without getting Apple to know about it, without breaching the contract, and last but not the least, users don't need to have special skills to use Rebel Sim Card, it works Out of the box and it does not require any modification to the iPhone 3G firmware.

Even if you are an amateur, it will just take less than a minute to unlock your new iPhone 3G.

Rebel Simcard v29 brings the World's Most Advanced STK menu to Rebel Simcard. - Upgrade now - 19-Aug-08
Now Rebel Simcard can work on almost any mobile phone of the world.
A must-have piece of technology.

iPhone 3G - GPRS/EDGE and 3G fully working with Rebel Simcard - Youtube 19-Aug-08

iPhone 3G - GPRS/EDGE and 3G fully working with Rebel Simcard - Google Video. - 19-Aug-08

How to use Rebel Simcard on iPhone 3G for beginners.
iPhone 3G 2.0.1 unlock without jailbreak/How to insert network sim with Rebel simcard in your iPhone 3G - 08-Aug-2008.

See how the STK menu in Rebel Simcard works. - 6/8/2008
Note : STK menu is available in all Rebel Simcards.

Apple iPhone 3G unlock using Rebel Simcard Part 1- NO NEED JAILBREAK, NO NEED TO MODIFY FIRMWARE!! - 29/7/2008

Apple iPhone 3G unlock using Rebel Simcard Part 2- NO NEED JAILBREAK, NO NEED TO MODIFY FIRMWARE!! - 29/7/2008

How Rebel SimCard Cutter Operates

Apple iPhone 3G Unlock using Rebel Simcard.

Rebel Simcard working with Nokia N82 - Auto Mode

Rebel SimCard To By Network Restriction on Samsung SGH-M300

Rebel SimCard 3D Design Graphics

Rebel SimCard By Passes Network Restrictions on LG KP130

Rebel SimCard To By Network Restriction on Nokia 3110

Rebel SimCard To By Network Restriction on Nokia N95

Rebel Simcard By Passing Unlocking For Nokia 6300

Rebel SimCard To By Network Restriction on Virgin Fly

Rebel SimCard By Network Restriction on Sony Ericsson W810

Rebel SimCard To By Network Restriction on Nokia 6500s Slide

Rebel SimCard To By Network Restrictions on Nokia 6500c

Rebel SimCard To By Network Restrictions on Nokia 2610

Rebel SimCard By Passes Network Restrictions on Nokia 1208

Rebel SimCard To Bypass Network Restrictions on Nokia 2310

Mobile Acronyms

Smart Cards Glossary

iPhone Terms

1G
The first generation of analogue mobile phone technologies including AMPS, TACS and NMT

2G
The second generation of digital mobile phone technologies including GSM, CDMA IS-95 and D-AMPS IS-136

2.5G
The enhancement of GSM which includes technologies such as GPRS

3G
The third generation of mobile phone technologies covered by the ITU IMT-2000 family

3GPP
The 3rd Generation Partnership Project, a grouping of international standards bodies, operators and vendors with the responsibility of standardising the WCDMA based members of the IMT-2000 family

3GPP2
The counterpart of 3GPP with responsibility for standardising the CDMA2000-based members of the IMT-2000 family. 3GPP2 is spearheaded by ANSI

8PSK
Octantal Phase Shift Keying

BACK TO TOP

A5/1/2/3/8X
Encryption algorithms for GSM networks

AAL
ATM Adaptation Layer

ABR
Available Bit Rate

A-bis
Interface between the BSC and BTS in a GSM network

AB
Access Burst; used for random access and characterised by a longer guard period to allow for burst transmission from a MS that does not know the correct timing advance when first contacting a network

ACTE
Approvals Committee for Terminal Equipment

ACTS
Advanced Communications Technologies and Services – a European technology initiative

ACU
Antenna Combining Unit

ADPCM
Adaptive Differential Pulse Code Modulation; a form of voice compression that typically uses 32kbit/s

AFC
Automatic Frequency Control

AGCH
Access Grant Channel; downlink only, BTS allocates a TCH or SDCCH to the MS, allowing it access to the network

Air interface
In a mobile phone network, the radio transmission path between the base station and the mobile terminal

A-interface
Interface between the MSC and BSS in a GSM network

AM
Amplitude Modulation

AMPS
Advanced Mobile Phone System, the analogue mobile phone technology used in North and South America and in around 35 other countries. Operates in the 800MHz band using FDMA technology

AMR
Adaptive Multi-Rate codec. Developed in 1999 for use in GSM networks, the AMR
has been adopted by 3GPP for 3G

Analogue
The representation of information by a continuously variable physical quantity such as voltage

ANSI
American National Standards Institute. An non-profit making US organisation which does not carry out standardisation work but reviews the work of standards bodies and assigns them category codes and numbers

ANSI-136
See D-AMPS

API
Application Program Interface

AoC
Advice of Charge

ARIB
Association of Radio Industries and Businesses. An organisation established by Japan’s Ministry of Posts and Communications to act as the standardisation authority for radio communication and broadcasting

ARPU
Average Revenue Per User

ASCII
American Standard Code for Information Interchange

ASIC
Application Specific Integrated Circuit

ASP
Application Service Provider

Asymmetric Transmission
Data transmissions where the traffic from the network to the subscriber is at a higher rate than the traffic from the subscriber to the network

A-TDMA
Advanced Time Division Multiple Access

ATM
Asynchronous Transfer Mode; a multiplexed information transfer and switching method in which the data is organised into fixed length 53-octet cells and transmitted according to each application’s instantaneous need

AUC
Authentication Centre; the element within a GSM network which generates the parameters for subscriber authentication

BACK TO TOP

Bandwidth
A term meaning both the width of a transmission channel in terms of Hertz and the maximum transmission speed in bits per second that it will support

BCH
Broadcast Channels; carry only downlink information and are mainly responsible for synchronisation and frequency correction (BCCH, FCCH and SCH)

BCCH
Broadcast Control Channel; the logical channel used in cellular networks to broadcast signalling and control information to all mobile phones within the network

B-CDMA
Broadband Code Division Multiple Access

B-ISDN
Broadband ISDN

BER
Bit Error Rate; the percentage of received bits in error compared to the total number of bits received

BERT
Bit Error Rate Test

Bit
A bit is the smallest unit of information technology. As bits are made up using the binary number system, all multiples of bits must be powers of two i.e. a kilobit is actually 1024 bits and a megabit 1048576 bits. Transmission speeds are given in bits per second (bit/s)

Bluetooth
A low power, short range wireless technology designed to provide a replacement for the serial cable. Operating in the 2.4GHz ISM band, Bluetooth can connect a wide range of personal, professional and domestic devices such a laptop computers and mobile phones together wirelessly.

BHCA
Busy Hour Call Attempts; the number of call attempts made during a network’s busiest hour of the day

BSC
Base Station Controller; the network entity controlling a number of Base Transceiver Stations

BSS
Base Station System/Subsystem

BTS
Base Transceiver Station; the network entity which communicates with the mobile station

BACK TO TOP

CAI
Common Air Interface; a standard developed for the UK’s public CT2 networks which enabled the same handset to be used on different networks

CAMEL
Customised Application for Mobile network Enhanced Logic; an IN feature in GSM networks that enables users to carry personal services with them when roaming into other networks that support CAMEL

CSE
CAMEL Service Environment

Capacity
A measure of a cellular network’s ability to support simultaneous calls

CB
Cell Broadcast

CC
Call Control; manages call connections

CCB
Customer Care and Billing

CCCH
Common Control Channels; a group of uplink and downlink channels between the MS and the BTS (see PCH, AGCH and RACH)

CCS7
Common Channel Signalling No. 7

CDMA
Code Division Multiple Access; also known as spread spectrum, CDMA cellular systems utilise a single frequency band for all traffic, differentiating the individual transmissions by assigning them unique codes before transmission. There are a number of variants of CDMA (see W-CDMA, B-CDMA, TD-SCDMA et al)

CDMAone
The first commercial CDMA cellular system; deployed in North America and Korea; also known as IS-95

CDMA2000
A member of the IMT-2000 3G family; backwardly compatible with cdmaOne

CDMA 1X
The first generation of cdma2000; the standardisation process indicated that there would be CDMA 2X and CDMA 3X but this no longer appears likely

CDMA 1X EV-DO
A variant of CDMA 1X which delivers data only

CDPD
Cellular Digital Packet Data; a packet switched data service largely deployed in the USA. The service uses idle analogue channels to carry the packetised information.

CDPSK
Coherent Differential Phase Shift Keying

CDR
Call Detail Records; the record made within the cellular network of all details of both incoming and outgoing calls made by subscribers, The CDR is passed to the billing system for action

Cell
The area covered by a cellular base station. A cell site may sectorise its antennas to service several cells from one locationCell site
The facility housing the transmitters/receivers, the antennas and associated equipment

Cell splitting
The process of converting a single cell to multiple cells by sectorising the antennas in the cell site or constructing additional cells within a cell site

CELP
Code Excited Linear Prediction; an analogue to digital voice coding scheme, there are a number of variants used in cellular systems

CEPT
Conference of European Posts and Telecommunications. A organisation of national posts, telegraphs and telephone administrations. Until 1988, when this work was take over by ETSI, the main European body for telecommunications standardisation. CEPT established the original GSM standardisation group

CF
Call Forwarding

CI
Carrier to Interference ratio

CIBER
Cellular Intercarrier Billing Exchange Roamer Record

CID
Caller Identification

Circuit switching
A method used in telecommunications where a temporary dedicated circuit of constant bandwidth is established between two distant endpoints in a network. Mainly used for voice traffic; the opposite of packet switching

CLID
Calling Line Identification

CLIP
Calling Line Identification Presentation

CLIR
Calling Line Identification Restriction

CM
Connection Management; is used to set up, maintain and take down call connections

CMOS
Complementary Metal Oxide Substrate

Codec
A word formed by combining coder and decoder the codec is a device which encodes and decodes signals. The voice codec in a cellular network converts voice signals into and back from bit strings. In GSM networks, in addition to the standard voice codec, it is possible to implement Half Rate (HR) codecs and Enhanced Full Rate (EFR) codecs

Control signal
A signal sent to a cellular phone from a base station or vice versa which carries information essential to the call but not including the audio portion of a conversation

CPE
Customer Premises Equipment; all the equipment on the end user’s side of the network interface

CPU
Central Processing Unit

CRC
Cyclic Redundancy Check

CRM
Customer Relationship Management

CSS
Customer Support System

CT
Cordless Telephony

CT0
Zero generation cordless telephony; the earliest domestic cordless phones which used analogue technology and which had severe limitations in terms of range and security

CT1
First generation cordless telephony; Improved analogue phones with greater range and security; a number of European nations produced CT1 standards

CT2
Second generation cordless telephony; Using digital technology CT2 phones offered greater range, improved security and a wide range of new functionalities. Used in both domestic and cordless PABX deployments, CT2 was standardised as an interim ETS but was overwhelmed by DECT

CT2-CAI
Second generation cordless telephony-common air interface

CTA
Cordless Terminal Adaptor; a DECT term

CTM
Cordless Terminal Mobility

CTR
Common Technical Regulation; part of the ETSI standardisation process

CUG
Closed User Group

BACK TO TOP

D/A
Digital to Analogue conversion

DAC
Digital to Analogue Convertor

DAMA
Demand Assigned Multiple Access

D-AMPS
Digital AMPS, a US wireless standard also known as IS-136

DAN
DECT Access Node

DCA
Dynamic Channel Assignment

DCCH
Dedicated Control Channels; responsible for roaming, handovers, encryption etc. (See SDCCH, SACCH and FACCH)

DCE
Data Communications Equipment

DCH
Data Clearing House

DCPSK
Differentially Coherent Phase Shift Keying

DCS1800
Digital Cellular System at 1800MHz, now known as GSM1800

DECT
Digitally Enhanced Cordless Telecommunications system, a second generation digital cordless technology standardised by ETSI

DEPSK
Differential Encoded Phase Shift Keying

DES
Digital Encryption Standard

DFSK
Double Frequency Shift Keying

Digital
a method of representing information as numbers with discrete values; usually expressed as a sequence of bits

DPCM
Differential Pulse Code Modulation

DPSK
Digital Phase Shift Keying

DQPSK
Digital Quadrature Phase Shift Keying

DS-CDMA
Direct Sequence CDMA

DSP
Digital Signal Processing

DSRR
Digital Short Range Radio; a UK standard for a low power, short range radio system designed for small voice and data networks

DTE
Data Terminal Equipment

DTMF
Dual Tone MultiFrequency; better know as Touch Tone. The tones generated by touching the keys on the phone are used for a variety of purposes including voice mail systems and voice messaging

DTX
Discontinuous Transmission

Dual Band
The capability of GSM infrastructure elements and handsets to work across both the 900MHz and 1800MHz bands. The capability to seamlessly handover between the two bands offers operators major capacity gains

DB
Dummy Burst; transmitted as a filler in unused timeslots of the carrier

Duplex
The wireless technique where one frequency band is used for traffic from the network to the subscriber (the downlink) and another, widely separated, band is used for traffic from the subscriber to the network (the uplink)

BACK TO TOP

EDGE
Enhanced Data rates for GSM Evolution; effectively the final stage in the evolution of the GSM standard, EDGE uses a new modulation schema to enable theoretical data speeds of up to 384kbit/s within the existing GSM spectrum. An alternative upgrade path towards 3G services for operators, such as those in the USA, without access to new spectrum. Also known as Enhanced GPRS (E-GPRS)

EEPROM
Electrically Erasable Programmable Read Only Memory

EFR
Enhanced Full Rate; a alternative voice codec that provides improved voice quality in a GSM network (see codec)

EFT
Electronic Funds Transfer

EGSM
Extended (frequency range) GSM

EIR
Equipment Identity Register; a database that contains a list of all valid mobile stations within a network based on their IMEI

EIRP
Effective Isotropic Radiated Power

EPOC
The mobile phone operating system developed by Symbian. Derived from epoch-the beginning of an era-EPOC is a 32-bit operating environment which comprises a suite of applications, customisable user interfaces, connectivity options and a range of development tools

EPROM
Erasable Programmable Read Only Memory

Erlang
A dimensionless unit of average traffic density in a telecommunications network

ERMES
Enhanced Radio Messaging System; a paging technology developed by ETSI which was intended to allow users to roam throughout Europe. Adopted by a number of European and Middle Eastern countries, ERMES, like paging in general, was overtaken by the ubiquity of GSM

ERO
European Radiocommunications Office

ERP
Effective Radiated Power

ESMR
Enhanced Special Mobile Radio; a US PMR variant (see SMR)

ESN
Electronic Serial Number; a 32-bit number that uniquely identifies a mobile phone

ESPRIT
European Strategic Programme for Research and Development in Information Technology

ETACS
Extended TACS; the extension of TACS by the addition of new frequencies

ETSI
European Telecommunications Standards Institute: The European group responsible for defining telecommunications standards

BACK TO TOP

FACCH
Fast Associated Control Channel; similar to the SDCCH but used in parallel for operation of the TCH. If the data rate of the SACCH is insufficient borrowing mode is used

FB
Frequency Correction Burst; used for frequency synchronisation of the mobile

FCC
Federal Communications Commission; the US regulatory body for telecommunications

FCCH
Frequency Correction Channel; downlink only, correction of MS frequencies, transmission of frequency standard to MS etc.

FDD
Frequency Division Duplex; a radio technique which uses paired spectrum; UMTS has an FDD element

FDMA
Frequency Division Multiple Access-a transmission technique where the assigned frequency band for a network is divided into sub-bands which are allocated to a subscriber for the duration of their calls

FEC
Forward Error Correction

FH
Frequency Hopping

FH-CDMA
Frequency Hopping CDMA

FMC
Fixed Mobile Convergence

FMI
Fixed Mobile Integration

FPLMTS
Future Public Land Mobile Telecommunications System, the original title of the ITU’s third generation concept now known as IMT-2000

FRA
Fixed Radio Access; see WLL

FSDPSK
Filtered Symmetric Differential Phase Shift Keying

FSK
Frequency Shift Keying; a method of using frequency modulation to send digital information

FSOQ
Frequency Shift Offset Quadrature Modulation

FSS
Fixed Satellite ServiceGb
The interface between the PCU and the SGSN in a GSM/GPRS network

BACK TO TOP

Gc
The interface between the GGSN and the HLR in a GSM/GPRS network

Gd
The interface between the SGSN and the SMSC in a GSM/GPRS network

Gf
The interface between the SGSN and the EIR in a GSM/GPRS network

Gi
The interface between the GGSN and the Internet in a GPRS network

Gn
The interface between the GGSN and the SGSN in a GPRS network

Gp
The interfaces between the GGSN/SGSN and the Border Gateway in a GPRS network

Gr
The interface between the SGSN and the HLR in a GPRS network

Gs
The interface between the SGSN and the MSC in a GSM/GPRS network

GAIT
GSM/ANSI 136 Interoperability Committee

GAP
Generic Access Profile; a DECT term

Gbit/s
A unit of data transmission rate equal to one billion bits per second

GMSC
Gateway Mobile Services Switching Centre; the gateway between two networks

GCF
Global Certification Forum

Geostationary
Refers to a satellite in equatorial orbit above the earth which appears from the surface to be stationary

GERAN
GSM-EDGE Radio Access Network; the name for the evolution of GSM towards 3G based on EDGE

GGRF
GSM Global Roaming Forum

GGSN
Gateway GPRS Support Node; the gateway between a cellular network and a IP network.

GHz
A unit of frequency equal to one billion Hertz per second

GMPCS
Global Mobile Personal Communications by Satellite

GMSK
Gaussian filtered Minimum Shift Keying; a refinement of FSK which minimises adjacent channel interference

GPRS
General Packet Radio Service; standardised as part of GSM Phase 2+, GPRS represents the first implementation of packet switching within GSM, which is a circuit switched technology. GPRS offers theoretical data speeds of up to 115kbit/s using multislot techniques. GPRS is an essential precursor for 3G as it introduces the packet switched core required for UMTS

GPS
Global Positioning System; a location system based on a constellation of US Department of Defence satellites. Depending on the number of satellites visible to the user can provide accuracies down to tens of metres. Now being incorporated as a key feature in an increasing number of handsets

GRX
GPRS Roaming Exchange

GSM
Global System for Mobile communications, the second generation digital technology originally developed for Europe but which now has in excess of 71 per cent of the world market. Initially developed for operation in the 900MHz band and subsequently modified for the 850, 1800 and 1900MHz bands. GSM originally stood for Groupe Speciale Mobile, the CEPT committee which began the GSM standardisation process

GSM MoU
The GSM Memorandum of Understanding, an agreement signed between all the major European operators to work together to promote GSM. The precursor of the GSM Association

GSM-R
GSM-Railway, A variant of GSM designed to meet the special communications needs of international train operators

BACK TO TOP

Handoff
The transfer of control of a cellular phone call in progress from one cell to another, without any discontinuity

Hands-free
The operation of a cellular phone without using the handset; usually installed in vehicles.

HCS
Hierarchical Cell Structure; the architecture of a multi-layered cellular network where subscribers are handed over from the macro to the micro to the pico layer depending on the current network capacity and the needs of the subscriber

HDLC
High level Data Link Control

HIPERLAN
High Performance Radio Local Access Network; a wireless local area network being standardised by ETSI (Also HIPERLAN2)

HLR
Home Location Register; the database within a GSM network which stores all the subscriber data. An important element in the roaming process

HSCSD
High Speed Circuit Switched Data; a special mode in GSM networks which provides higher data throughput By cocatenating a number of timeslots, each delivering 14.4kbit/s, much higher data speeds can be achieved

HSPSD
High Speed Packet Switched DataIub
The interface between the Node B and the RNC in a UMTS network

BACK TO TOP

Iur
The interface between RNCs in a UMTS network

Iups
The connection between the RNC and the packet switched network in a GSM/GPRS/UMTS network

Iucs
The connection between the RNC and the circuit switched network in a GSM/GPRS/
UMTS network

I-ETS
Interim European Telecommunications Standard

I-mode
A service developed by Japanese operator NTT DoCoMo, I-mode delivers a huge range of services to subscribers and has proved enormously popular with some 30 million regular users. The revenue sharing model used for I-mode is being adopted by other operators as the basis for the new services enabled by GPRS and 3G

IMEI
International Mobile Equipment Identity

IMSI
International Mobile Subscriber Identity; an internal subscriber identity used only by the network

IMT-2000
The family of third generation technologies approved by the ITU. There are five members of the family: IMT-DS, a direct sequence WCDMA FDD solution IMT-TC, a WCDMA TDD solution IMT-MC, a multicarrier solution developed from cdma2000 IMT-SC, a single carrier solution developed from IS-136/UWC-136 IMT-FT, a TDMA/TDD solution derived from DECT

IN
Intelligent Network

INAP
Intelligent Network Application Part

Internet
A loose confederation of autonomous databases and networks. Originally developed for academic use the Internet is now a global structure of millions of sites accessible by anyone

Intranet
A private network which utilises the same techniques as the Internet but is accessible only by authorised users

IP
Internet Protocol

IPR
Intellectual Property Rights

IPv6
The next generation of IP addressing designed to replace the current system IPv4 which uses a 32 bit address code which limits the number of possible addresses. IPv6 uses a 128 bit code ensuring that the possible number of IP addresses will be virtually limitless

IrDA
Infra red Data Association

Iridium
A low earth orbit satellite communications system developed initially by Motorola.

IS-54
The first evolution in the USA from analogue to digital technology. Used a hybrid of analogue and digital technology, superseded by IS-136

IS-95
Cellular standard know also as cdmaOne

IS-136
Cellular standard also known as TDMA or D-AMPS

ISDN
Integrated Services Digital Network

ISO
International Standards Organisation

ISP
Internet Service Provider

ITU
International Telecommunications Union

ITU-R
ITU Telecommunications Radio Sector

ITU-T
ITU Telecommunications Standardisation Sector

IWF
Interworking Function

BACK TO TOP

Java
A programming language developed by Sun Microsystems Java is characterised by the fact that programs written in Java do not rely on an operating system

JPEG
Joint Photographic Experts Group

BACK TO TOP

LAN
Local Area Network

LANS
Local Area Network Services

LAP
Link Access Protocol

LEO
Low Earth Orbit; refers to satellites which orbit the Earth at around 1,000 kilometres

LMSS
Land Mobile Satellite Service

LOS
Line of Sight

BACK TO TOP

MAC
Media Access Control; the lower sublayer of the OSI system

MAN
Metropolitan Area Network

MAP
Mobile Application Part

Mbit/s
Megabit: a unit of data transmission speed equal to one million bits per second

MHz
Megahertz; a unit of frequency equal to one million Hertz

MCPA
Multi Carrier Power Amplifier

MeXe
Mobile Execution Environment; likely to be based on Java, MeXe enables WAP-enabled devices to offer a wider range of features with greater security and flexibility, as well as greater control of telephony features

MFSK
Multiple Frequency Shift Keying

MMI
Man Machine Interface

MMS
Multimedia Messaging Service; an evolution of SMS, MMS goes beyond text messaging offering various kinds of multimedia content including images, audio and video clips

MMSK
Modified Minimum Shift Keying

MNO
Mobile Network Operator

Modulation
The process of imposing an information signal on a carrier. This can be done by changing the amplitude (AM), the frequency (FM) or the phase, or any combination of these

MoU
Memorandum of Understanding-
see GSM MoU

MPEG
Motion Picture Experts Group; MPEG4 is a technology for compressing voice and video so that the information can be transmitted over normally difficult links such as mobile radio

MS
Mobile Station

MSC
Mobile Switching Centre; the switching centre of a mobile phone network, the MSC has interfaces to the BSCs, HLR, VLR and other MSCs

MSISDN
Mobile Station International ISDN Number

MSK
Minimum Shift Keying; Another term for FFSK

Multiplexing
A telecommunications technique where several channels can be combined to share the same transmission medium. The most common forms are Time Division Multiplexing (TDM) and Frequency Division Multiplexing (FDM)

MVPN
Mobile Virtual Private Network

BACK TO TOP

N-AMPS
Narrowband AMPS

NB
Normal Burst; used to carry traffic and control channels except RACH

NET
Norme Europeenne de Telecommunications

NMT
Nordic Mobile Telephone system; an analogue cellular technology deployed in the Nordic countries in the late 1970’s; variations were also deployed in the Benelux countries and in Russia. NMT operated in the 450 and 900MHz bands and was the first technology to offer international roaming, albeit only in the Nordic countries

Node B
The element in a UMTS network which interfaces with the mobile station, analogous to a BTS in a GSM network

BACK TO TOP

OTA
Over the air activation (of services and tariff changes)

O&M
Operations and Maintenance

OMC
Operations and Maintenance Centre

OMC-R
The radio OMC

OMC-S
The switching OMC

OSI
Open Systems Interconnection; a seven layer model for protocols defined by ISO

BACK TO TOP

PACS
Personal Access Communication System; a digital cordless technology developed initially by Bell Labs in the US, PACS was designed to compete with DECT

Packet switching
A communication system wherein the information is transmitted in packets of a set size. These packets have address headers and find their way to their destination by the most efficient route through the network. Compared to circuit switching where a connection is occupied until the traffic exchange is completed, packet switching offers considerable efficiencies as connections can be used by a number of users simultaneously

PAMR
Public Access Mobile Radio; Commercial service using trunking techniques in which multiple groups of users can set up their own closed systems within a shared public network

PAP
Public Access Profile; a DECT term

PCH
Paging Channel; downlink only, the MS is informed of incoming calls by the BTS via the PCH

PCM
Pulse Code Modulation; the standard digital voice format at 64kbit/s

PCMCIA
Personal Computer Memory Card Interface Association the body responsible for defining the standards and formats for memory expansion cards for laptop computers and PDAs. Now extended to cover cards for mobile phones

PCN
Personal Communications Network; a designation initially used in the UK to refer to networks operating in the 1800MHz band (see also DCS1800). No longer in use

PCS 1900
Personal Communications Systems 1900MHz; the terminology used in the US to describe the new digital networks being deployed in the 1900MHz band; rarely used today

PCU
Packet Control Unit; an element in a GPRS/UMTS network

PDA
Personal Digital Assistant

PDC
Personal Digital Communications; a digital cellular technology developed and deployed uniquely in Japan. A TDMA technology, PDC is incompatible with any other digital cellular standard

PEDC
Pan European Digital Communications; A designation occasionally used in the early 1990’s to describe GSM. No longer in use

Penetration
The percentage of the total population which owns a mobile phone

PHS / PHP
Personal HandyPhone System/Phone; a digital cordless technology developed in Japan which achieved great success. Deployed by NTT DoCoMo and other Japanese operators PHS offered two-way communications, data services and Internet access and eventually won some 28 million customers. Now in decline as cellular’s wide area capabilities offer better service

PIN
Personal Identifier Number

PKI
Public Key Infrastructure

PLMN
Public Land Mobile Network; any cellular operator’s network

PMR
Private Mobile Radiocommunications; two-way radio technology widely used for despatch and delivery services, taxi companies and the like. See TETRA

POCSAG
Post Office Code Standardisation Group; a now defunct industry grouping which standardised pager addressing systems

PoP
Points of Presence; a method of measuring the value of a cellular licence; the approximate number of potential customers within a geographical area

POTS
Plain Old Telephone Service

PROM
Programmable Read Only Memory

PSK
Phase Shift Keying

PSRCP
Public Safety Radio Communications Project; an initiative by the UK Government to standardise all emergency services communications on to a single digital technology (see TETRA)

PSDN
Public Switched Data Network

PSPDN
Public Switched Packet Data Network

PSTN
Public Switched Telephone Network

PSU
Power Supply Unit

PTO
Public Telecommunication Operator

PTT
Posts, Telephone and Telegraph Administration

PTT
Push-to-Talk; a feature of PMR systems

PWT
Personal Wireless Telecommunications; a variant of DECT developed for use in the USA

BACK TO TOP

QAM
Quadrature Amplitude Modulation

QAPSK
Quadrature Amplitude Phase Shift Keying

QCELP
Quadrature Code Excited Linear Prediction

QoS
Quality of Service; a broad term to describe the performance attributes of an end-to-end connection

QPSK
Quadrature Phase Shift Keying

BACK TO TOP

RACE
Research in Advanced Communications in Europe

RACH
Random Access Channel; uplink only, allows the MS to request an SDCCH in response to a page or for a call

RAM
Random Access Memory

RFP
Radio Fixed Part; equivalent to a base station in a DECT system

RCC
Radio Common Carrier

RELP
Regular pulse Excitation Linear Prediction coding

Reuse
The assignment of frequencies or channels to cells so that adjoining cells do not use the same frequencies and cause interference whereas more distant cells can use the same frequencies. Reuse expands the capacity of a cellular network by enabling the use of the same channels throughout the network

RP
Radio Part

RNC
Radio Network Controller; the element which controls the Node Bs within a UMTS network. It is roughly analogous to a BSC in a GSM network

Roaming
A service unique to GSM which enables a subscriber to make and receive calls when outside the service area of his home network e.g. when travelling abroad

Router
A device which forwards information in a network on a connectionless basis

RRM
Radio Resource Management, part of the UMTS infrastructure

RT
Remote Terminal

BACK TO TOP

SACCH
Slow Associated Control Channel; transmits continuous measurements in parallel with operation of TCH or SDCCH; needed for handover decisions

SAR
Specific Absorption Rate

SB
Synchronisation Burst; used for time synchronisation of the mobile

S-CDMA
Synchronous CDMA (see CDMA)

SCH
Synchronisation Channel; downlink only frame synchronisation and identification of base station

SCP
Switching/Service Control Point

SDCCH
Stand-alone Dedicated Control Channel; communications channel between the MS and the BTS. Used for signalling during call set-up before a TCH is allocated

SDLC
Synchronous Data Link Control

SDMA
Spatial Division Multiple Access

SGSN
Serving GPRS Support Node; the gateway between the RNC and the core network in a GPRS/UMTS network

SIM
Subscriber Identity Module; A smart card containing the telephone number of the subscriber, encoded network identification details, the PIN and other user data such as the phone book. A user’s SIM card can be moved from phone to phone as it contains all the key information required to activate the phone

SoHo
Small Office/Home Office

Streaming
An Internet derived expression for the one-way transmission of video and audio content

STK
SIM ToolKit: specified within the GSM standard, this allows operators to add additional functions to the phone menu in order to provide new services such as mobile banking or email

SMR
Specialised Mobile Radio; the US term for private mobile radio (See PMR)

SMS
Short Message Service; a text message service which enables users to send short messages (160 characters) to other users. A very popular service, particularly amongst young people, with 400 billion SMS messages sent worldwide in 2002

SMSC
SMS Centre-the network entity which switches SMS traffic

SMSCB
SMS Cell Broadcast

SMS-MO
SMS Mobile Originated

SMS-MT
SMS Mobile Terminated

SMS-PP
SMS Point to Point

SP
Service Provider

SQAM
Staggered Quadrature Amplitude Modulation

SQPSK
Staggered Quadrature Phase Shift Keying

SS
Supplementary Service Support; handles special services

SS7
Signalling System Number 7 (See CCS7)

SSP
Service Switching Point

STM
Synchronous Transfer Mode

Symbian
A company created by Psion, Nokia, Ericsson and Motorola in 1998 with the aim of developing and standardising an operating system which enable mobile phones from different manufacturers to exchange information
The operating system is known as EPOC. Matsushita has subsequently joined Symbian

BACK TO TOP

TACS
Total Access Communications System (an AMPS variant deployed in a number of countries principally the UK)

TAP
Transferred Account Procedure; the essential charging methodology for international GSM roaming. There have been four TAP standards, TAP1, TAP2, TAP2+ and TAP3. The latter offers variable record length and is sufficiently flexible to support all future requirements arising from the move to 3G

TBR
Technical Basis for Regulation (part of the ETSI standardisation process)

TCH
Traffic Channel

TD-CDMA
Time Division CDMA

TD-SCDMA
Time Division-Synchronous CDMA; a CDMA variant developed by Chinese vendors which is claimed to offer high data rates and greater coverage

TDD
Time Division Duplex; a radio technology for use in unpaired spectrum. WCDMA/UMTS includes a band for TDD mode usage and both PHS and DECT use this technology

TDMA
Time Division Multiple Access; a technique for multiplexing multiple users onto a single channel on a single carrier by splitting the carrier into time slots and allocating these on a as-needed basis

Telematics
A wireless communications system designed for the collection and dissemination of information, particularly refers to vehicle-based electronic systems, vehicle tracking and positioning, on-line vehicle navigation and information systems and emergency assistance

TETRA
Terrestrial Trunked Radio; a European developed digital private mobile radio technology which is now being extensively deployed worldwide

Tetrapol
A competitive digital PMR technology to TETRA developed by French vendors

TFTS
Terrestrial Flight Telephone System

Timeslot
A frame within a TDMA schema; has a time interval of 576 microseconds. Physical content of a timeslot is known as a burst. Five different burst types exist, they are distinguished by different TDMA frame divisions (see NB, FB, SB, AB and DB)

TIPHON
Telecommunications and Internet Protocol Harmonisation over Networks; an ETSI project designed to support the market for voice communications and voice band communications. In particular TIPHON will ensure that users on IP-based networks can communicate with those on circuit switched networks

TMN
Telecommunications Management Network

TMSI
Temporary Mobile Subscriber Identity; covers the IMSI to prevent over-the-air interception and tracing

TRAU
Transcoder Rate Adapter Unit; the transport unit for a 16kbit/s traffic channel on the A-bis interface

Tri-band
Refers to a mobile phone able to operate on the three internationally designated GSM frequencies- 900, 1800 and 1900MHz

TrueSync
A technology which enables the optimal synchronisation of calendars, address books, action lists and memoranda. It enables multi-point, one-step synchronisation of wireless and wireline devices, desktop computers and server-based applications and services

TRX
Transmitter/receiver (transceiver)

BACK TO TOP

UI
User Interface

Um
The air interface between the BTS and the MS in a GSM network

Uu
The air interface between the Node B and the MS in a UMTS network.

UMTS
Universal Mobile Telecommunications System; the European entrant for 3G; now subsumed into the IMT-2000 family as the WCDMA technology.

UPN
Universal Personal Number

UPT
Universal Personal Telecommunications

URL
Uniform Resource Locator; the addressing system of the Internet

USO
Universal Service Obligation

UTRA
Universal Terrestrial Radio Access; the air interface component of WCDMA.

UTRAN
Universal Terrestrial Radio Access Network; the UMTS radio access network comprising the RNC, Node B and the air interface

USIM
Universal Subscriber Identity Module; the 3G equivalent of the GSM SIM

UWB
Ultra Wide Band

BACK TO TOP

VAS
Value Added Services

VBR
Variable Bit Rate

VHE
Virtual Home Environment

VLR
Visitor Location Register

Vocoder
Voice coder

VoIP
Voice over Internet Protocol

VPN
Virtual Private Network

VSAT
Very Small Aperture Terminal

VSELP
Vector Sum Excited Linear Prediction

BACK TO TOP

WAP
Wireless Application Protocol; a de facto standard for enabling mobile phones to access the Internet and advanced services. Users can access websites and pages which have been converted by the use of WML into stripped-down versions of the original more suitable for the limited display capabilities of mobile phones

WARC
World Administration Radio Conference; an ITU conference held at regular intervals to determine the allocation of spectrum for various services

WCDMA
Wideband CDMA; the technology created from a fusion of proposals to act as the European entrant for the ITU IMT-2000 family

WLL
Wireless Local Loop; a technique for providing telephony and low speed data services to fixed customers using wireless. Regarded as having considerably potential for rapidly addressing the telecommunications gap in developing countries. A number of different WLL solutions have been marketed based on cellular and cordless technologies

WLAN
Wireless Local Area Network; a short range radio network normally deployed in traffic hotspots such as airport lounges, hotels and restaurants. WLAN enables suitably equipped users to access the fixed network wirelessly, providing high speed access (up to 11Mbit/s download) to distant servers. The key WLAN technologies are the IEEE802.11 family and ETSI HIPERLAN/2

WML
Wireless Markup Language; a markup language developed specifically for wireless applications. WML is based on XML

WQAM
Weighted Quadrature Amplitude Modulation

WWW
World Wide Web

A

Access control

The process of granting or denying specific requests to: 1) obtain and use information and related to information processing services; and 2) enter specific physical facilities (e.g., Federal buildings, military establishments, and border crossing entrances).

Access control system format

The algorithm that specifies how data transmitted by the system is to be interpreted. The format specifies how many bits make up the data stream and which bits represent different types of information. For example, the first few bits might transmit the facility code, the next few the unique ID number, the next few parity, and so on.

Access management

The processes and technologies for controlling and monitoring access privileges to resources, consistent with governing policies. Access management includes authentication, authorization, trust, and security auditing.

Access right

The privilege or permission for an individual to access a controlled resource or entity (physical or logical).

AES

Advanced Encryption Standard (AES), also known as Rijndael. A block cipher adopted as an encryption standard by the U.S. government.

API

See application programming interface.

Applicant

An individual applying for an identity card/credential. In context of the Federal Personal Identity Verification (PIV) card, the applicant may be a current or prospective Federal hire, a Federal employee, or a contractor.

Application

A hardware/software system implemented to satisfy a particular set of requirements. In the context of FIPS 201, an application incorporates a system used to satisfy a subset of requirements related to the verification or identification of an end user’s identity so that the end user’s identifier can be used to facilitate the end user’s interaction with the system.

Application authority

The entity that defines the rules of the application and attribute disclosure required from a subject to be disclosed in order to provide the service which may be delegated to a service provider.

Application programming interface (API)

A source code interface that a computer system or program library provides in order to support requests for services to be made of it by other computer programs, and/or to allow data to be exchanged.

Asymmetric cryptographic technique

A cryptographic technique that uses two related operations: a public operation defined by public numbers or by a public key and a private operation defined by private numbers or by a private key. (The two operations have the property that, given the public operation, it is computationally infeasible to derive the private operation.)

Asymmetric keys

Two related keys, a public key and a private key, that are used to perform complementary operations, such as encryption and decryption or signature generation and signature verification.

Assurance level

The degree of certainty that the user has presented an identifier (e.g., a credential) that refers to his or her identity. In the context of FIPS 201, assurance is defined as 1) the degree of confidence in the vetting process used to establish the identity of the individual to whom the credential was issued, and 2) the degree of confidence that the individual who uses the credential is the individual to whom the credential was issued.

Attribute

A quality, characteristic or entity that defines properties of a subject (e.g., person), object or element.

Authenticate

To verify (guarantee) the identity of a person or entity. To ensure that the individual or organization is really who it says it is.

Authentication

The process of validating the identity of a person or other entity.

Authentication factors

Pieces of information used to verify a person’s identity for security purposes. The three most commonly recognized factors are:

• Something you know, such as a password or personal identification number (PIN)
• Something you have, such as a credential, card or token
• Something you are, such as a fingerprint or other biometric.

Authorization

The assignment of a privilege or privileges (e.g., access to a building or network) verifying that a known person or entity has the authority to perform a specific operation. Authorization is provided after authentication.

BACK TO TOP

B

Biometric

A measurable, physical characteristic or personal behavioral trait used to recognize the identity, or verify the claimed identity, of an individual. Facial images, fingerprints, and iris scan samples are all examples of biometrics.

Biometric data

Data encoding a feature or features used in biometric verification.

Biometric information

The stored electronic information pertaining to a biometric. This information can be in terms of raw or compressed pixels or in terms of some characteristic (e.g., patterns).

Biometric reference data

Data stored on the card for the purpose of comparison with the biometric verification data.

Biometric system

An automated system capable of the following:

• Capturing a biometric sample from an end user
• Extracting biometric data from that sample
• Comparing the extracted biometric data with data contained in one or more references
• Deciding how well they match
• Indicating whether or not an identification or verification of identity has been achieved

Biometric template

The formatted digital record used to store an individual’s biometric attributes. This record typically is a translation of the individual’s biometric attributes and is created using a specific algorithm.

Biometric verification

The process of verifying, using a one-to-one comparison, the biometric verification data against biometric reference data.

Breeder document

A document used as an original source of identity to apply for (or breed) other forms of identity credentials.

BACK TO TOP

C

Capture

The method of taking a biometric sample from an end user.

Card

1. A type of physical form factor designed to carry electronic information and/or human readable data.
2. Under FIPS 201, a dual interface smart card-based ID badge for both physical and logical access that contains within it an integrated circuit chip.

Card issuer

The organization or entity that issues cards.

Card management system (CMS)

A smart card/token and digital credential management solution that is used to issue, manage, personalize and support cryptographic smart cards and PKI certificates for identity-based applications throughout an organization.

Card reader

Any device that reads encoded information from a card, token, or other identity device and communicates to a host such as a control panel/processor or database for further action.

Card serial number

An identifier which is guaranteed to be unique among all identifiers used for a specific purpose (see unique identifier).

Cardholder

An individual to whom an ID card is issued or assigned.

Certificate

See digital certificate.

Certificate authority (CA)

A trusted third party that is responsible for issuing and revoking digital certificates within the public key infrastructure.

Certificate revocation list (CRL)

A list of certificates that have been revoked before their expiration by a certificate authority.

Certification

The process of verifying the correctness of a statement or claim and issuing a certificate as to its correctness.

Chain of trust

An attribute of a secure ID system that encompasses all of the system’s components and processes and assures that the system as a whole is worthy of trust. A chain of trust should guarantee the authenticity of the people, issuing organizations, devices, equipment, networks, and other components of a secure ID system. The chain of trust must also ensure that information within the system is verified, authenticated, protected, and used appropriately.

Challenge

The demand for disclosure of one or more attributes related to a subject made by service authority.

Challenge/response

A family of protocols in which one party (e.g., a reader) presents a question (“challenge”) and another party (e.g., a credential) must provide a valid answer (“response”) in order to be authenticated.

Checksum

A computed value that depends on the contents of a message. The checksum is transmitted with the message. The receiving party can then recompute the checksum to verify that the message was not corrupted during transmission.

Chip

Electronic component that performs logic, processing and/or memory functions.

CHUID

Cardholder Unique Identifier. Part of the standardized data model for cardholder identification data for FIPS 201.

Claim

An assertion by a subject about the value of an attribute.

Cloning

The process of creating an identical copy of something.

Component

An element of a larger system. In the FIPS 201 context, a component can be an identity card, PIV issuer, PIV registrar, card reader, or identity verification support, within the PIV system.

Confidence level

The degree of likelihood that an identifier refers to a specific individual.

Contact smart card

A smart card that connects to the reading device through direct physical contact between the smart card chip and the smart card reader. (See ISO/IEC 7816.)

Contactless smart card

A smart card that communicates with a reader through a radio frequency interface.

Control panel

The access control system component that connects to all door readers, door locks and the access control server. The control panel validates the reader and accepts data. Depending on the overall system design, the control panel may next send the data to the access control server or may have enough local intelligence to determine the user’s rights and make the final access authorization. The control panel can be called the controller or panel.

Control point

Any device which is controlled by a physical access system (for example, doors, turnstiles, gates, lights, cameras, elevators). There may be multiple control points for a single access requirement.

Credential

1. Evidence attesting to one’s rights, privileges or evidence of authority.
2. In FIPS 201, the PIV card and data elements associated with an individual that authoritatively binds an identity (and, optionally, additional attributes) to that individual. A smart card can store multiple digital credentials.

Cryptographic key

See key.

Cryptographic smart cards

Advanced smart cards that are equipped with specialized cryptographic hardware that lets algorithms such as RSA be used on the card. Today’s cryptographic smart cards are also able to generate key pairs on the card, to avoid the risk of having more than one copy of the key (since by design (usually) there isn’t a way to extract the keys from a smart card). Cryptographic smart cards are often used for digital signatures and secure identification.

BACK TO TOP

D

Data integrity

The condition in which data is identically maintained during any operation, such as transfer, storage, and retrieval.

DES

Data Encryption Standard. A method for encrypting information. (See related term Triple DES.)

Digital certificate (or public key certificate)

Digital documents (e.g., information such as the name of the person or an organization and their address) attesting to the binding of a public key to an individual or other entity. Digital certificates allow verification of the claim that a specific public key does in fact belong to a specific individual.

Digital signature

Digital information used for the purpose of identification of an electronic message or documents. Digital signatures provide a way of authenticating the identity of creators or producers of digital information.

Discretionary access control (DAC)

Access restriction based solely on an individual’s identity.

Door reader

The device on each door that communicates with a card or credential and sends data from the card to the controller for decision on access rights.

Door strike

The electronic lock on each door that is connected to the controller.

DSA

Digital Signature Algorithm.

Dual interface card

A smart card that has a single smart card chip with two interfaces–a contact and a contactless interface–using shared memory and chip resources.

BACK TO TOP

E

Eavesdropping

The interception of communications between a reader and a credential during transmission by unintended recipients. Messages can be protected against eavesdropping by employing a security service usually implemented by encryption.

ECC

Elliptic Curve Cryptography

EMV

Europay MasterCard Visa. Specifications developed by Europay, MasterCard and Visa that define a set of requirements to ensure interoperability between payment chip cards and terminals.

Encryption

The process of translating information into a code that can only be read if the reader has access to the key that was used to encrypt it. There are two main types of encryption—asymmetric (or public key) and symmetric (or secret key).

End point products

As defined in NIST SP 800-73, products that employ a unified card edge interface that is technology independent and compliant with current international standards.

Enrollment

The process of entering the appropriate identity data for an individual into a system and associating the identity with the privileges being granted by the system.

Enterprise single sign-on (ESSO)

A system designed to minimize the number of times that a user must type their ID and password to sign into multiple applications. The E-SSO solution automatically logs users in and acts as a password filler where automatic login is not possible. Each client is typically given a token that handles the authentication; in other E-SSO solutions each client has E-SSO software stored on their computer to handle the authentication. An E-SSO authentication server is also typically implemented into the enterprise network.

ePassport

A travel document that contains an integrated circuit chip based on international standard ISO/IEC 14443 and that can securely store and communicate the ePassport holder’s personal information to authorized reading devices.

EPC Generation 2 (EPC Gen 2)

The specification developed by EPCglobal for the second-generation RFID air-interface protocol. EPC Gen 2 was developed to support supply chain applications (e.g., tracking inventory). The current ratified standard operates in the ultra-high-frequency (UHF) range (860-960 MHz), supports operation at long distances (e.g., 25-30 feet), and has minimal support for security (e.g., static passwords to access or kill information on the RFID device).

EPCglobal

The not-for-profit organization establishing and supporting “the EPCglobal Network™ as the global standard for real-time, automatic identification of information in the supply chain of any company, anywhere in the world” and “leading the development of industry-driven standards for the Electronic Product Code™ (EPC) to support the use of Radio Frequency Identification (RFID) in today’s fast-moving, information rich, trading networks.” Additional information can be found at http://www.epcglobalinc.org.

Excite field

The RF field or electromagnetic field constantly transmitted by a contactless door reader. When a contactless card is within range of the excite field, the internal antenna on the card converts the field energy into electricity that powers the chip. The chip then uses the antenna to transmit data to the reader.

BACK TO TOP

F

Fair Information Practices

The basis for privacy best practices, both online and offline. The Practices originated in the Privacy Act of 1974, the legislation that protects personal information collected and maintained by the U.S. government. The Fair Information Practices include notice, choice, access, onward transfer, security, data integrity, and remedy.

Faraday cage

An enclosure formed by conducting material, or by a mesh of such material, that blocks out external static electrical fields. Any electric field will cause the charges to rearrange so as to completely cancel the field’s (RF signal) effects in the cage’s interior.

FASC-N

Federal Agency Smart Credential Number. The data element that is the main identifier on the PIV card and that is used by a physical access control system.

Federal Information Processing Standard (FIPS)

A standard for adoption and use by Federal departments and agencies that has been developed within the Information Technology Laboratory and published by NIST, a part of the U.S. Department of Commerce. A FIPS publication covers some topic in information technology to achieve a minimum level of quality or interoperability.

Federated identity

In information technology (IT), federated identity has two general meanings:

1. The virtual reunion, or assembled identity, of a person’s user information (or principal), stored across multiple distinct identity management systems. Data is joined together by use of the common token, usually the user name.
2. The process of a user’s authentication across multiple IT systems or even organizations.

FIPS 201

Federal Information Processing Standard Publication 201, Personal Identity Verification (PIV) of Federal Employees and Contractors.

Form factor

The physical device that contains the smart card chip. Smart chip-based devices can come in a variety of form factors, including plastic cards, key fobs, wristbands, wristwatches, PDAs, and mobile phones.

BACK TO TOP

G

Gramm-Leach-Bliley

The Financial Services Modernization Act of 1999 (also known as the Gramm-Leach-Bliley Act), enacted to facilitate affiliation among banks, securities firms, and insurance companies. The Act includes provisions to protect consumers’ personal financial information held by financial institutions.

GSM

Global System for Mobile Communications

BACK TO TOP

H

Hacking

The act of gaining illegal or unauthorized access to a computer system or network.

Hash algorithm

A software algorithm that computes a value (hash) from a particular data unit in a manner that enables detection of intentional/unauthorized or unintentional/accidental data modification by the recipient of the data.

Head-end system

The physical access control server, software and database(s) used in a physical access control system.

High frequency (HF)

Radio frequencies (RF) in the range of 3 MHz to 30 MHz. When used in an RF-based identification system, the high frequency used is typically 13.56 MHz.

HIPAA

Health Insurance Portability and Accountability Act of 1996. HIPAA was passed to protect health insurance coverage for workers and their families and to encourage the development of a health information system by establishing standards and requirements for the secure electronic transmission of certain health information. HIPAA mandates that the design and implementation of the electronic systems guarantee the privacy and security of patient information gathered as part of providing health care.

HSPD-12

Homeland Security Presidential Directive 12. The primary objective of HSPD-12 is the development and deployment of a Federal government-wide common and reliable identification verification system that will be interoperable among all government agencies and serve as the basis for reciprocity among those agencies.

Hybrid card

A smart card that contains two smart card chips–both contact and contactless chips–that are not interconnected.

BACK TO TOP

I

IAB

Government Smart Card Interagency Advisory Board.

ICC

Integrated circuit card. ICC typically refers to a plastic (or other material) card containing an integrated circuit which is compatible to ISO/IEC 7816.

Identification

1. The process of using claimed or observed attributes of an entity to deduce who the entity is.
2. The evidence of identity or fact of proof showing the attributes of the individual presenting the identification.

Identification card

Card identifying its holder and issuer which may carry data required as input for the intended use of the card and for transactions based thereon.

Identifier

Unique data used to represent a person’s identity and associated attributes. Names and card numbers are examples of identifiers.

Identity

The subset of physical and/or behavioral characteristics by which an individual is uniquely recognizable. Identity is information concerning the person, not the actual person.

Identity and access management (IAM)

The combination of processes, technologies, and policies to manage digital identities and specify how digital identities are used to access resources.

Identity data

The data associated with an individual’s identity within a specific system and used by that system to verify the individual’s identity.

Identity document

A piece of documentation designed to verify aspects of a person’s identity. (See also breeder document.)

Identity management

In information systems, the management of the identity life cycle of entities. Identity management is sometimes used in conjunction with authorization in the IT industry. Within the life cycle:

• The identity is established: a name (or number) is connected to the subject.
• The identity is re-established: a new or additional name (or number) is connected to the subject.
• The identity is described: one or more attributes which are applicable to this particular subject may be assigned to the identity.
• The identity is newly described: one or more attributes which are applicable to this particular subject may be changed.
• The identity is destroyed.

Identity management system (IDMS)

System composed of one or more computer systems or applications that manage the identity registration, verification, validation, and issuance process, as well as the provisioning and deprovisioning of identity credentials.

Identity proofing

The process of providing sufficient information (e.g., breeder documents, identity history, credentials, documents) to establish an identity to an organization that can issue identity credentials.

Identity registration

The process of making a person’s identity known to a system, associating a unique identifier with that identity, and collecting and recording the person’s relevant attributes into the system.

Identity theft

The appropriation of another’s personal information to commit fraud, steal the person’s assets, or pretend to be the person.

Identity verification

The process of confirming or denying that a claimed identity is correct by comparing the credentials (something you know, something you have, something you are) of a person requesting access with those previously proven and stored in an ID card or system and associated with the identity being claimed.

IEC

International Electrotechnical Commission

International Civil Aviation Organization (ICAO) MRTD

International Civil Aviation Organization Machine Readable Travel Documents. ICAO establishes international standards for travel documents. An MRTD is an international travel document (e.g., a passport or visa) containing eye- and machine-readable data. ICAO Document 9303 is the international standard for MRTDs.

Integrated circuit

Electronic component(s) designed to perform processing and/or memory functions. See chip.

Interoperability

1. The ability of two or more systems or components to exchange information and to use the information that has been exchanged.
2. For the purposes of FIPS 201, the ability for any government facility or information system, regardless of the PIV issuer, to verify a cardholder’s identity using the credentials on the PIV card.

ISO

International Organization for Standardization

ISO/IEC 7810

The series of international standards describing the characteristics of identification cards, including physical characteristics, sizes, thickness, dimensions, construction, materials and other requirements.

ISO/IEC 7812

The governing international standard for magnetic stripe identification cards, such as door entry cards, automated teller machine (ATM) cards, and credit cards.

ISO/IEC 7816

The international standard for integrated circuit cards with contacts, as well as the command set for all smart cards.

ISO/IEC 14443

The international standard, “Identification Cards - Contactless Integrated Circuit(s) Cards - Proximity Cards,” for contactless smart chips and cards that operate (i.e., can be read from or written to) at a distance of less than 10 centimeters (4 inches). This standard operates at 13.56 MHz.

ISO/IEC 15693

The international standard, “Identification Cards - Contactless Integrated Circuit(s) Cards - Vicinity Cards,” for cards operating at the 13.56 MHz frequency which can be read from a greater distance as compared to proximity cards. (See ISO/IEC 14443.)

ISO/IEC 24727

A set of programming interfaces for interactions between integrated circuit cards and external applications to include generic services for multi-sector use.

Issuer (or issuing authority)

The organization that issues an identity card to an individual after identity proofing, background checks and related approvals have been completed. Typically this is an organization for which the individual is working.

BACK TO TOP

K

Key

In encryption and digital signatures, a value used in combination with a cryptographic algorithm to encrypt or decrypt data.

BACK TO TOP

L

Logical access

Access to online resources (e.g., networks, files, computers, databases).

Low frequency (LF)

Radio frequencies (RF) in the range of 30 to 300 kHz. When used in an RF-based identification system, the low frequency is typically 125 kHz.

BACK TO TOP

M

Machine readable travel documents

ICAO establishes international standards for travel documents. An MRTD is an international travel document (e.g., a passport or visa) containing eye- and machine-readable data. ICAO Document 9303 is the international standard for MRTDs.

Man-in-the-middle attack

An attack on an authentication protocol in which the attacker is positioned between the individual seeking authentication and the system verifying the authentication. In this attack, the attacker attempts to intercept and alter data traveling between the parties.

Mandatory access control (MAC)

An access control technique that assigns a security level to all resources (e.g., information, parts of a building), assigns a clearance level to all potential users requiring access, and ensures that only users with the appropriate clearance level can access a requested resource.

Match/matching

The process of comparing biometric information against previously stored biometric data and scoring the level of similarity.

MCU

See microcontroller.

MD5

One of the most popular hashing algorithms, developed by Professor Ronald L. Rivest of MIT, which produces a 128-bit hash from any input.

Memory card

Typically a smart card or any pocket-sized card with an embedded integrated circuit or circuits containing non-volatile memory storage components and perhaps some specific security logic.

Message authentication code (MAC)

A short piece of information used to support authentication of a message. A MAC algorithm accepts as input a secret key and an arbitrary-length message to be authenticated, and outputs a MAC (sometimes known as a tag or checksum). The MAC value protects both a message’s integrity as well as its authenticity, by allowing verifiers (who also possess the secret key) to detect any changes to the message content. MACs are computed and verified with the same key, unlike digital signatures.

Microcontroller (MCU)

A highly integrated computer chip that contains all of the components comprising a controller. Typically this includes a CPU, RAM, some form of ROM, I/O ports, and timers. Unlike a general purpose computer used in IT, a microcontroller is designed to operate in a restricted environment.

Microprocessor card

Typically a smart card or any pocket-sized card with an embedded integrated circuit or circuits containing memory and microprocessor components.

Model

A detailed description or scaled representation of one component of a larger system that can be created, operated, and analyzed to predict actual operational characteristics of the final produced component.

Multi-application card

A smart card that runs multiple applications–for example, physical access, logical access, data storage and electronic purse–using a single card.

Multi-factor authentication

The use of multiple techniques to authenticate an individual’s identity. This usually involves combining two or more of the following: something the individual has (e.g., a card or token); something the individual knows (e.g., a password or personal identification number); something the individual is (e.g., a fingerprint or other biometric measurement).

Multi-factor reader

A smart card reader that includes a PIN pad, biometric reader, or both to allow multi-factor authentication.

Multi-technology card

An ID card that has two or more ID technologies that are independent and that don’t interact or interfere with one another. An example is a card that contains a smart card chip and a magnetic stripe.

Multi-technology reader

A card reader/writer that can accommodate more than one card technology in the same reader (e.g., both ISO/IEC 14443 and ISO/IEC 15693 contactless smart card technologies or both 13.56 MHz and 125 kHz contactless technologies).

Mutual authentication

For applications requiring secure access, the process that is used for the smart card-based device to verify that the reader is authentic and to prove its own authenticity to the reader before starting a secure transaction.

BACK TO TOP

N

NFC—Near Field Communication

A short-range wireless standard (ISO/IEC 18092) that uses magnetic field induction to enable communication between devices when they are brought close together (within 10-20 centimeters or 4-8 inches). NFC technology is compatible with ISO/IEC 14443-based technology.

NIST

National Institute of Standards and Technology

Non-repudiation

The ability to ensure and have evidence that a specific action occurred in an electronic transaction (e.g., that a message originator cannot deny sending a message or that a party in a transaction cannot deny the authenticity of their signature).

BACK TO TOP

O

OCSP

Online Certificate Status Protocol. An online protocol used to determine the status of a public key certificate.

Off-card

Refers to data that is not stored on the ID card or to a computation that is not performed by the integrated circuit on the ID card.

On-card

Refers to data that is stored on the ID card or to a computation that is performed by the integrated circuit chip on the ID card.

One-time password/OTP

Passwords that are used once and then discarded. Each time the user authenticates to a system, a different password is used, after which that password is no longer valid. The password is computed either by software on the logon computer or by OTP hardware tokens in the user’s possession that are coordinated through a trusted system.

Open ID

A decentralized digital identity system, in which any user’s online identity is given by, for example, a URL (such as for a blog or a home page) and can be verified by any server running the protocol. Users are able to clearly control what pieces of information can be shared such as their name, address, or phone number.

Operational range

The maximum distance between a contactless smart card reader and a contactless smart card.

BACK TO TOP

P

PACS

See physical access control system.

PAIIWG

Physical Access Interagency Interoperability Working Group

Password

A form of secret authentication data that is used to control access to a resource. The password is kept secret from those not allowed access, and those wishing to gain access are tested on whether or not they know the password and are granted or denied access accordingly. Typically referred to as “something you know” for single factor authentication.

PC/SC

Personal Computer/Smart Card. The PC/SC specification defines how to integrate smart card readers and smart cards with the computing environment and how to allow multiple applications to share smart card devices.

PCSC Lite

Personal Computer/Smart Card Lite. PCSC Lite is open source software that implements the PC/SC specification for Linux.

Personal identification number (PIN)

A secret that an individual memorizes and uses to authenticate his or her identity or to unlock certain information stored on an ID card (e.g., the biometric information). PINs are generally only decimal digits.

Personal identity verification (PIV) card

The physical artifact (e.g., identity card, smart card) issued to an individual that contains printed and stored identity credentials (e.g., photograph, cryptographic keys, digitized fingerprint representation) so that the claimed identity of the cardholder can be verified against the stored credentials by another person (human-readable and verifiable) or an automated process (computer-readable and verifiable).

Personally identifiable information (PII)

In information security and privacy, any piece of information which can potentially be used to uniquely identify, locate, or contact a person or steal the identity of a person.

Pharming

A cyber attack that directs people to a fraudulent website by poisoning the domain name system server.

Phishing

A cyber attack that directs people to a fraudulent website to collect personal information for identity theft.

Physical access

Access to facilities (e.g., buildings, rooms, airports, warehouses).

Physical access control system (PACS)

A system composed of hardware and software components that controls access to physical facilities (e.g., buildings, rooms, airports, warehouses).

PIN

Personal identification number. A numeric code that is associated with an ID card and that adds a second factor of authentication to the identity verification process.

PIV

See personal identity verification.

PKCS #11

Public Key Cryptography Standard #11. This standard defines the interface for cryptography operations with hardware tokens.

PKI

Public key infrastructure. See public key infrastructure.

Population

The set of users for an application.

Privacy

The ability of an individual or group to keep their lives and personal affairs out of public view, or to control the flow of information about themselves.

Private key

The secret part of an asymmetric key pair that is used to create digital signatures and, depending upon the algorithm, to decrypt messages, files or other information encrypted (for confidentiality) with the corresponding public key.

Privilege

An authorization or right granted by an application authority for an individual or group to perform an action.

Proximity cards

A generic name for contactless integrated circuit devices typically used for security access or payment systems. It can refer to 125 kHz RFID devices or 13.56 MHz contactless smart cards. (See ISO/IEC 14443.)

Public key

The public part of an asymmetric key pair that is used to verify signatures created with its corresponding private key. Depending on the algorithm, public keys are also used to encrypt messages, files, or other information that can then be decrypted with the corresponding private key. The user releases this key to the public who can use it to encrypt messages to be sent to the user and to verify the user’s digital signature. Compare with private key.

Public key certificate

A digital document that is issued and digitally signed by the private key of a certificate authority (CA) and that binds an attribute of a subject to a public key.

Public (asymmetric) key cryptography

A type of cryptography that uses a pair of mathematically related cryptographic keys. The public key can be made available to anyone and can encrypt information or verify a digital signature. The private key is kept secret by its holder and can decrypt information or generate a digital signature.

Public key infrastructure (PKI)

The architecture, organization, techniques, practices, and procedures that collectively support the implementation and operation of a certificate-based public key cryptographic system. There are four basic components to the PKI: the certificate authority (CA) responsible for issuing and verifying digital certificates, the registration authority (RA) which provides verification to the CA prior to issuance of digital certificates, one or multiple directories to hold certificates (with public keys), and a system for managing the certificates. Also included in a PKI are the certificate policies and agreements among parties that document the operating rules, procedural policies, and liabilities of the parties operating within the PKI.

BACK TO TOP

R

Radio frequency (RF)

Any frequency within the electromagnetic spectrum associated with radio wave propagation. Many wireless communications technologies are based on RF, including radio, television, mobile phones, wireless networks and contactless payment cards and devices.

Radio frequency identification (RFID)

Technology that is used to transmit information about objects wirelessly, using radio waves. RFID technology is composed of 2 main pieces: the device that contains the data and the reader that captures such data. The device has a silicon chip and an antenna and the reader also has an antenna. The device is activated when put within range of the reader. The term RFID has been most commonly associated with tags used in supply chain applications in the manufacturing and retail industries.

Reader

Any device that communicates information or assists in communications from a card, token or other identity document and transmits the information to a host system, such as a control panel/processor or database for further action.

REAL ID Act

The REAL ID Act of 2005. Legislation intended to deter terrorism by establishing national standards for state-issued driver’s licenses and non-driver’s identification cards in addition to other key executables.

Registration

See identity registration.

Registration authority

A body given the responsibility of maintaining lists of codes under international standards and issuing new codes to those wishing to register them.

Response

A message returned by the integrated circuit chip to the terminal after the processing of a command message received by the chip.

RFID tag (labels)

Simple, low-cost and disposable electronic devices that are used to identify animals, track goods logistically and replace printed bar codes at retailers. RFID tags include an integrated circuit that typically stores a static number (an ID) and an antenna that enables the chip to transmit the stored number to a reader. When the tag comes within range of the appropriate RF reader, the tag is powered by the reader’s RF field and transmits its ID to the reader. There is little to no security on the RFID tag or during communication with the reader. Typical RFID tags can be easily read from distances of several inches (centimeters) to several yards (meters) to allow easy tracking of goods.

Role

The actions and activities assigned to or required or expected of a person or group.

Role-based access control (RBAC)

Access to resources based on a user’s assigned role. Access permissions, which determine which resources can be accessed and the privileges in the context of that resource, are administratively associated with roles, and users are administratively assigned appropriate roles. Roles can be granted new permissions as new resources are incorporated, permissions can be revoked from roles as needed, and role assignments for users can be modified or removed as needed. Since users are not assigned permissions directly, but only acquire them through their role (or roles), management of individual user rights becomes a matter of simply assigning the appropriate roles to the user, which simplifies common operations such as adding a user, or changing a user’s department.

RSA

Refers to public/private key encryption technology that uses an algorithm developed by Ron Rivest, Adi Shamir and Leonard Adleman and that is owned and licensed by RSA Security.

BACK TO TOP

S

Sarbanes-Oxley

The Sarbanes-Oxley Act of 2002, which introduced changes to regulations that apply to financial practice and corporate governance for public companies. The Act introduced new rules that were intended “to protect investors by improving the accuracy and reliability of corporate disclosures made pursuant to the securities laws.”

Secret key

A key used with symmetric cryptographic techniques by a set of specified entities.

Secure hash algorithm (SHA)

One of the most popular hashing algorithms, designed for use with the Digital Signature Standard by the National Institute of Standards and Technology (NIST) and the National Security Agency (NSA). SHA-1 produces a 160-bit hash.

Secure identity

The verifiable and exclusive right to use the identity information being presented by an individual to access a set of privileges.

Security attributes

Condition of use of objects in the ID card including stored data and data processing functions, expressed as a data element containing one or more access rules.

Seed

A random sequence of bits that is used in a cryptographic algorithm as the input to generate other, longer pseudo-random bit sequences.

SIM

Subscriber Identity Module. A SIM is the smart card that is included in GSM (Global System for Mobile Communications) mobile phones. SIMs are configured with information essential to authenticating a GSM mobile phone, thus allowing a phone to receive service whenever the phone is within coverage of a suitable network.

Skimming

The practice of obtaining information from a data storage device without the owner’s knowledge. Skimming is typically associated with magnetic stripe-based credit cards.

Smart card

A device that includes an embedded integrated circuit that can be either a secure microcontroller or equivalent intelligence with internal memory or a memory chip alone. The card connects to a reader with direct physical contact or with a remote contactless radio frequency interface. With an embedded microcontroller, smart cards have the unique ability to store large amounts of data, carry out their own on-card functions (e.g., encryption and mutual authentication) and interact intelligently with a smart card reader. Smart card technology conforms to international standards (ISO/IEC 7816 and ISO/IEC 14443) and is available in a variety of form factors, including plastic cards, subscriber identification modules used in GSM mobile phones, and USB-based tokens.

S/MIME

Secure Multipurpose Internet Mail Extensions. A protocol for exchanging digitally signed and/or encrypted mail.

Sniffing

The act of auditing or watching computer network traffic. Hackers may use sniffing programs to capture data that is being communicated on a network (e.g., usernames and passwords).

Specification

A set of documentation that reflects agreements on products, practices, or operations produced by one or more organizations (or groups of cooperating entities), some for internal usage only, others for use by groups of people, groups of companies, or an entire industry.

SSL

Secure Sockets Layer. SSL is a protocol used to transmit information on the Internet in encrypted form. SSL also ensures that the transmitted information is only accessible by the server that was intended to receive the information.

Standard

Specifications produced by accredited associations, such as ANSI, ISO, SIA, ETSI or NIST. In the United States the use of standards is typically optional and multiple standards can be developed on the same subject. In some countries, the use of existing standards may be required by law and the development of multiple standards on the same subject may be restricted.

Strong authentication

The use of two or more factors of authentication to prove an individual’s identity. Factors would include some combination of something you know (a password or personal identification number that only you know), something you have (a physical item or token in your possession) and something you are (a unique physical quality or behavior that differentiates you from all other individuals).

Subject

A person, system or object with associated attributes.

Symmetric cryptographic technique

A cryptographic technique using the same secret key for both the originator’s and the recipient’s operation. (Without the secret key, it is computationally infeasible to compute either operation.)

Symmetric keys

Keys that are used for symmetric (secret) key cryptography. In a symmetric cryptographic system, the same secret key is used to perform both the cryptographic operation and its inverse (for example to encrypt and decrypt, or to create a message authentication code and to verify the code).

BACK TO TOP

T

Template

Biometric data after it has been processed from its original representation (using a biometric feature extraction algorithm) into a form that can be used for automated matching purposes (using a biometric matching algorithm). Biometric data stored in a template format cannot be reconstructed into the original output image.

Token

A physical device that carries an individual’s credentials. The device is typically small (for easy transport) and usually employs a variety of physical and/or logical mechanisms to protect against modifying legitimate credentials or producing fraudulent credentials. Examples of tokens include picture ID cards (e.g., state driver’s licenses), smart cards, and USB devices.

Triple DES

A block cipher formed from the Data Encryption Standard (DES) cipher by using it three times.

Transitional products

As defined in NIST SP 800-73, products that meet the “Transitional” interface specification. Transitional products can be used as part of a migration strategy by Federal agencies that have already initiated a large-scale deployment of smart cards as identity badges.

Transponder

A wireless communications device that detects and responds to an RF signal.

BACK TO TOP

U

Ultra-high frequency (UHF)

Radio frequencies (RF) between 300 MHz and 3 GHz. When used in an RF-based identification system, the UHF frequency range is typically from 860 to 960 MHz.

Unique identifier

Any element or value which is guaranteed to be unique among a given group.

USB

Universal Serial Bus. A serial bus standard to interface devices.

BACK TO TOP

V

Validation

The process of demonstrating that the system under consideration meets in all respects the specification of that system.

Verification

The process by which the question “is this person who the person claims to be?” is answered. This function requires a one-to-one match between presented identity information and identity information that is known to a system. See identity verification.

Vetting

The process of inspection, evaluation and adjudication of claims ensuring that people are who they claim to be before giving them authorization or rights to do something.

Vicinity card

See ISO/IEC 15693.

BACK TO TOP

W

Web access management (WAM)

Systems that replace the sign-on process on various web applications, typically using a plug-in on a front-end web server. The systems authenticate users once, and maintain that user’s authentication state even as the user navigates b