The Australian Government Information Management Office Archive
The content on this page and other AGIMO archive pages is provided to assist research and may contain references to activities or policies that have no current application. See the full archive disclaimer.
Glossary
Terms
Agency
(a) a Department of State, or a Department of the Parliament, of the Commonwealth, a State or a Territory;
(b) a body corporate or an unincorporated body established or constituted for a public purpose by Commonwealth, State or Territory legislation, or an instrument made under that legislation (including a local authority);
(c) a body established by the Governor-General, a State Governor, or by a Minister of State of the Commonwealth, a State or a Territory; or
(d) any incorporated company, other than the Contractor, over which the Commonwealth, a State or a Territory exercises control. Applicant
A person who has applied to become a key holder, prior to the time at which keys and certificates are issued to and accepted by them.
Australian Business Number (ABN)
A new single identifier for dealings with the Australian Taxation Office (ATO) and for future dealings with other government departments and agencies.
Australian Business Register (ABR)
Contains all the publicly available information provided by businesses when they register for an Australian Business Number (ABN). The Australian Business Register was established under s.24 of the A New Tax System (Australian Business Number) Act 1999.
Authorised officer
An authorised applicant who has been issued with, and accepted, keys and certificates and is authorised by a business entity to nominate additional key holders to the CA.
Authoriser
A class of persons with a clear capacity to commit the business entity. Persons who are members of this class include (but are not limited to):
· chief executive officer
· company director
· trustee
· partner
· company owner
Business entity
An entity entitled to have an ABN within the meaning of s.8 of the A New Tax System (Australian Business Number) Act 1999.
Business to business (B2B)
Denotes online communication between business entities.
Business to consumer (B2C)
Denotes online communication between business entities and consumers/individuals.
Business to government (B2G)
Denotes online communication between business entities and government.
Certificate
An electronic document signed by the CA which:
(1) identifies a key holder and the business entity he or she represents;
(2) binds the key holder to a key pair by specifying the public key of that key pair; and
(3) contains the information required by the certificate profile.
Certificate directory
The published directory listing digital certificates currently in force.
Certificate information
Information needed to complete a certificate as required by the certificate profile.
Certificate profile
The specification of the fields to be included in a certificate and the contents of each.
Certificate Revocation List (CRL)
The published directory that lists revoked and/or suspended certificates. The CRL may form part of the certificate directory or may be published separately.
Certification authority (CA)
A Gatekeeper accredited entity that verifies the identity of a user, allocates a distinguished name to that user, and verifies the correctness of information concerning that user by signing the data that constitutes the digital signature for that user.
Certification Authority Revocation List
A list of certification authorities that have had their Gatekeeper accreditation status revoked.
Commonwealth
The Commonwealth of Australia and its agencies, employees, servants and agents.
Community of Interest
The group of entities which are eligible to apply for the issue of keys and certificates.
Competent authority
The entity which approves the CA's infrastructure and practices (including the accredited documents and any changes to them) as meeting the criteria for Gatekeeper accreditation.
Compromise
A situation in which the secrecy of a private key cannot be relied on, e.g. if there has been unauthorised access to the cryptographic module in which the private key is stored or used, or unauthorised access to or loss or theft of media on which the private key is stored.
Correspond
A public key and a private key correspond if they belong to the same key pair. A private key corresponds to a certificate if it corresponds to the Subject public key specified in the certificate.
Defence Signals Directorate (DSD)
The Defence Signals Directorate is Australia's national authority for signals intelligence and information security. Part of its role is to assess and provide information security products for the Australian Government. It is a central source of information on authentication products and technologies.
Digital signature
An electronic signature created using a private signature key.
Digital certificate
An electronic document signed by the CA which:
(1) identifies a key holder and the business entity he or she represents;
(2) binds the key holder to a key pair by specifying the public key of that key pair; and
(3) should contain any other information required by the certificate Profile.
Distinguished name
A unique identifier assigned to each key holder, having the structure required by the certificate Profile.
Electronic signature
A data element associated with a message that identifies a person and indicates his or her approval of the contents of the message. (See Digital signature)
End Entity
An entity that uses keys and certificates for creating or verifying digital signatures or for confidentiality. End Entities are key holders, organisations or relying parties.
Evaluated product
A hardware or software product which is on the EPL.
Evaluated Product List (EPL)
The Evaluated Products List (EPL) is produced to assist in the selection of products that will provide an appropriate level of information security. The EPL is published at: http://www.dsd.gov.au/infosec/
Evidence of Identity (EOI)
Documents that evidence the identity of an entity.
Gatekeeper accreditation
Accreditation by NOIE, granted on the basis that the CA or RA meets the criteria set out in the Gatekeeper report.
Government to consumer (G2C)
Denotes online communication between Government and consumer/individuals.
HIC
Health Insurance Commission, a Federal agency.
Intellectual property rights (IP rights)
Copyright and neighbouring rights, all rights in relation to inventions (including patent rights), plant varieties, registered and unregistered trademarks (including service marks), registered designs, confidential information (including trade secrets and know how), databases, circuit layouts, and all other rights resulting from intellectual activity in the industrial, scientific, literary or artistic fields.
Key
A data element used to encrypt or decrypt a message - includes both public keys and private keys.
Key pair
A pair of asymmetric cryptographic keys (i.e. one decrypts messages which have been encrypted using the other) consisting of a public key and a private key.
Key holder
An individual who holds and uses keys and certificates on behalf of a business entity (including an authorised officer), or in their own right in the case of individual certificates.
NOIE
The National Office for the Information Economy, an Executive agency of the Commonwealth of Australia.
PKI
See Public Key Infrastructure.
PKI Entity
A PKI Entity is one of the following:
(1) CA
(2) Subordinate Entity
(3) A Subscriber
(4) Relying Party
(5) RA
PKI Service provider
Any entity that has roles, functions, obligations or rights under the CP, other than an End Entity. PKI Service providers include Registration Authorities (RA) and Certification Authorities (CA).
Private certificate-signing key
The private key used by the CA to digitally sign certificates.
Private confidentiality decryption key
The private key used by the addressee to decrypt messages that have been encrypted using the corresponding public confidentiality encryption key.
Private key
The half of a key pair which must be kept secret to ensure confidentiality, integrity, authenticity and non-repudiation of messages.
Private signing key
The private key used by a key holder to digitally sign messages on behalf of an organisation.
Public certificate-verification key
The public key corresponding to the CA's Private certificate signing key.
Public confidentiality encryption key
A public key, corresponding to a private key held by the addressee, which may be used to encrypt a message to protect the confidentiality or privacy of its contents.
Public key
The half of a key pair which may be made public.
Public Key Infrastructure (PKI)
The combination of hardware, software, people, policies and procedures needed to create, manage, store, distribute and revoke public key certificates based on public key cryptography.
Public verification key
The public key corresponding to a private signing key used to verify a digital signature.
Registration
The process for receiving and processing applications for keys and certificates, including collection of Registration Information.
Registration Authority (RA)
An entity which registers applicants for keys and certificates (see Registration).
Registration information
Information about key holders or business entity which is reasonably required for the issue and use of keys and certificates, including information needed to:
- verify the identity of the key holder and if an organisational certificate, the business entity;
- confirm that the key holder (Authorised Officer) has authority to hold and use keys and certificates on behalf of the business entity; and
- confirm that the business entity is a member of the community of interest.
Relying party
An individual or entity, which receives a digitally signed message and wishes to rely on the contents of that message as binding the signer.
Repository
The entity (which could be the CA or another entity) which maintains the database of certification which is made accessible to users including the relying parties.
SSL (Secure Sockets Layer)
A set of rules governing authentication of, and encrypted communication between, servers and clients. The protocol was developed by Netscape to secure the transmission of data between client/server applications over the Internet.
Subordinate entity
An RA and any other entity which is subordinate to the CA and which performs functions or provides services necessary for issue and use of keys and certificates, or for reliance on digital signatures. A subordinate entity does not include the CA itself or an end entity.
Subscribers
In the case of an individual certificate, the key holder. In the case of the ABN-DSC, comprises the non-individual (e.g. business entity) and the individual who acts on behalf of the business entity, who is in possession or has control of the private authentication key and who uses that key to digitally sign messages.
Trustworthy systems
Systems that meet the system security requirements of the accredited documents.
Type 2 Grade 2
An organisational certificate which is issued to a non-individual user who satisfies certain identity requirements of 100 points.
X.509 version 3
The international standard for the framework for public key certificates and attribute certificates. It is part of wider group protocols from the International Telecommunications Union-T X.500 Directory Services Standards.