Wednesday, September 03, 2014

Information Technology Simple knowledge base

AES - Advanced Encryption Standard (AES) specifies the FIPS approved cryptographic algorithm that can be used to protect electronic data.

API - An Application Programming Interface (API) is a set of procedure calls that an operating system, library or service provides to support requests made by computer programs.

Asymmetric key - A form of cryptography in which the key used to encrypt a message differs from the key used to decrypt it. It actually means Public-key cryptography.

Baud Rate - A baud rate is the measurement of the data transmission between computers and other devices.

CCID - CCID stands for Chip/Smart Card Interface Devices. Chip Card Interface Device (CCID) specification is an approach to smart card reader communication and it defines a standard communication protocol for smart card readers that connect to a computer via USB, allowing the same host-side driver to communicate with any CCID-compliant smart card reader.

CE - CE is a European standard according to which marking is mandatory for certain product groups to indicate conformity with the essential health and safety requirements set out in European Directives.

CSP - Cryptographic Service Provider (CSP) is a software library that implements the Cryptographic Application Programming Interface (CAPI). CSPs implement encoding and decoding functions, which computer's application programs may use.

Certificate authority - A certificate authority (CA) is an authority in a network that issues and manages security credentials and public key for message encryption.

Certificate revocation list - In PKI, Certificate Revocation List (CRL) is a list of serial numbers for certificates which are no longer valid.

Challenge and Response - Challenge and Response authentication includes a group of protocols in which one party asks question ("Challenge") and the other party has to provide valid answer ("Response") for authentication.

Contact Connector - Smart card connector having a special spring switch to detect full insertion of a smart card with small deformation

Cryptography - Cryptography is the study of ways to convert information from its normal, comprehensible form into an obscured guise, unreadable without special knowledge.

DES - The Data Encryption Standard (DES) is a method for encrypting information It is based on a Symmetric-key algorithm that uses a 56-bit key. It was selected as an official Federal Information Processing Standard (FIPS) for the Unites States.

Decryption - Decryption is the process of converting encrypted data i.e. ciphertext back into its original form, into its orginal, intelligible form.

Digital signature - Information encrypted with an entity's private key, which is appended to a message to assure the recipient of the authenticity and integrity of the message.

EEPROM - Electrically Erasable Programmable Read-Only Memory (EEPROM) is user-modifiable read-only memory (ROM) that can be reprogrammed and erased.

EMV - EMV is a standard for interoperation of IC cards and IC card processing devices, for financial transaction. The name EMV comes from the initial letters of Europay, MasterCard and VISA, the three companies which originally cooperated to develop the standard. A portion of the standard is also included in ISO 7816 which is based on IC Chip card interface

Encryption - Encryption is the conversion of data into a form, called a ciphertext by using algorithms to ensure secure transmission.

FCC - The Federal Communications Commission (FCC) is an independent United States government agency. FCC in charge with regulating interstate and international communications by radio, television, wire, satellite and cable.

FIPS - Federal Information Processing Standards (FIPS) are set by the Federal government which should be followed by all non-military government agencies and by government contractors. It is a numeric coding system that identifies States by a 2-digit code and counties by a 3-digit code.

Firmware - Firmware is software that is embedded in a piece of hardware. You can think of firmware simply as "software for hardware." It is created from source code, but it is closely tied to the hardware it runs on.

GSM - Global System for Mobile communications (GSM) is the most popular standard for mobile phones in the world. Both signaling and speech channels in GSM are digital, and thus is considered a second generation (2G) mobile phone system.

HID - Human interface device (HID) is a type of computer device that interacts directly with, and most often takes input from, humans and may deliver output to humans.

Hash function - In cryptography, Hash function is a procedure in which the any arbitrary block of data is converted into fixed size bit string called the hash value, and any change to the data will result in change in the hash value.

IC - The Certification and Engineering Bureau of Industry Canada provides a certification service for both radio and terminal equipment in Canada. Testing of either radio or terminal equipment, to establish compliance with Industry Canada standards, is performed in private sector laboratories.

ISO 18092 - ISO18092 is an international standard that defines communication modes for Near Field Communication Interface and Protocol (NFCIP-1) using inductive coupled devices operating at the centre frequency of 13.56 MHz for interconnection of computer peripherals. It also defines both the Active and the Passive communication modes of NFCIP-1 to realize a communication network using Near Field Communication devices for networked products and also for consumer equipment.

ISO 7816 - ISO/IEC 7816 is an international standard related to contact type smart cards, managed jointly by the International Organization for Standardization (ISO) and the International Electro technical Commission (IEC). It includes physical characteristics, dimension and location of contacts and the interface and transmission protocols

ISO14443 - ISO 14443 is an international standard related to smart cards for contactless smart cards operating at 13.56 MHz in close proximity with a reader antenna. This ISO standard sets communication standards and transmission protocols between card and reader to create interoperability for contactless smart card products.


LCD - Liquid crystal display (LCD) is an electro-optical amplitude modulator realized as a thin, flat display device made up of any number of color or monochrome pixels arrayed in front of a light source or reflector. It is often utilized in battery-powered electronic devices because it uses very small amounts of electric power.

LED - Light Emitting Diode (LED) is a semiconductor light source that emits visible light when an electric current is applied in the forward direction of it.

Landing Type Card acceptor - Smart card acceptor for the card reader that allows minimal contact between the contact pads on the Card and the acceptor

MAC - Message Authentication Code (MAC) is a short piece of information used to authenticate a message. A MAC algorithm accepts as input a secret key and an arbitrary-length message to be authenticated, and generates a MAC.

MasterCard CAP - MasterCard CAP (MasterCard Chip Authentication Programme). MasterCard International has developed the MasterCard SecureCode program to offer flexible, robust and easy to implement solutions for cardholder authentication for electronic commerce. This program provides issuers a choice of a broad array of security solutions for authenticating cardholders. These solutions include the PC authentication program, chip authentication program and MasterCard's implementation of 3-D Secure.

Microprocessor - A microprocessor incorporates most or all of the functions of a central processing unit (CPU) on a single integrated circuit (IC). It is a central processing unit to control device or a system

Multi-factor authentication - Multi-factor authentication (MFA) is a security procedure in which the user has to authenticate more than one time using different authentication methods.

NFC - Near Field Communication (NFC) is a short-range high frequency wireless connectivity technology which enables the exchange of data between devices over about a 10 cm (around 4 inches) distance.

OTP - One time password (OTP) is a one-time PIN that is generated by reader. There are basically three types of one-time passwords: (1.) Uses a mathematical algorithm to generate a new password based on the previous, (2.) Based on time-synchronization between the authentication server and the client providing the password, (3.) Third type that is again using a mathematical algorithm, but the new password is based on a challenge and a counter instead of being based on the previous password.

PC/SC - PC/SC is a specification for smart card integration in computing environment which is a communication protocol between the smart card reader and smart card. It offers interoperability of the products from different vendors by providing a standard high level programming interface which increases the flexibility and independence of PC-based software.

PCMCIA - PCMCIA i.e. Personal Computer Memory Card International Association is an international standards body with over 100 member companies which was founded in 1989 to establish standards for Integrated Circuit cards and to promote interchangeability among mobile computers.

PIN - Personal identification number (PIN) is an unique combination of numbers which separates one user from others in the group. It helps in doing secure transactions and commonly issued by banks to its customers.

PKCS#11 - PKCS#11 is one of the family of standards called Public-Key Cryptography Standards (PKCS). It defines a platform-independent API to cryptographic tokens. PKCS#11 API defines most commonly used cryptographic object types (RSA keys, X.509 Certificates, DES/Triple DES keys, etc.) and all the functions needed to use, create/generate, modify and delete those objects.

PKI - In cryptography, public key infrastructure (PKI) is an arrangement of creating a secure chain of trust for Internet-based communication

Private key - A unique secret key used by one or more parties to encrypt/ decrypt the data sent to each other.

Public key - A specific key that is published and available to anyone.

ROHS - Reduction of Hazardous Substances(RoHS), is a directive from the European Union (EU) that restricts the use of electrical and electronic equipment. The banned substance are lead (pb), cadmium (Cd), mercury (Hg), hexavalent chromium (Cr (VI)), polybrominated biphenyls (PBB's), and polybrominated diphenyl ethers (PBDE's).

RSA - RSA (initials of Ron Rivest, Adi Shamir, and Leonard Adleman)is an algorithm used in public-key cryptography. It is the first algorithm which was adopted universally for signing as well as encryption. It can be used for encrypting messages and making digital signatures.

SAM - Secure Access Module (SAM) is an additional feature in a Smart Card Reader that can enhance the level of security in your Smart Card based application. Normally card authentication is implemented in PC or application level. However with the presence of a SAM, mutual authentication can be implemented between card and reader which means that the PC will not perform the authentication but it will be done via card to reader and reader to card authentication making your system more secure and less prone to hacking.

SIM - A subscriber identity module (a SIM Card) is a smart card technology used exclusively with GSM-based networks. It is a smart card that securely stores the key identifying a mobile phone service subscriber, as well as subscription information, preferences and text messages.

SPE (Secure PIN Entry) - It is a part 10 of PC/SC 2.0 standard stated in "Interoperability specification for ICCs and Personal Computer Systems." The Secure Pin Entry allows the user to enter the PIN from the card reader PIN PAD which the reader sends it directly to the card for authentication in order to eliminate the possibility of exposing the PIN. The PIN is neither stored on the pc nor pc/reader connection but remains in the card/reader

Sensor - Sensor is a device that measures a physical quantity and converts it into an electrical signal which can be read by an observer or by an instrument.

Smart Card - A smart card is a device that includes an embedded integrated circuit chip (ICC) that can be either a secure microcontroller or equivalent intelligence with internal memory or a memory chip alone.

Smart card reader - A smart card reader is an electronic device that is capable of communicating with smart cards and a host. Supports both read and write data on the card.

Symmetric keys - In symmetric key cryptography the sender and the receiver shares a common key to encrypt and decrypt the message sent or received.

Template - A template is a unique digital representation of key minutiae points obtained by special computer software from the fingerprint image.

Triple-DES - Triple DES is a block cipher formed from the Data Encryption Standard (DES) cipher by using it three times.


USB - Universal Serial Bus (USB) is a serial bus standard to interface devices to a host computer

USB Token - A user identity credential that one can connect to a standard computer interface such as a USB jack; often used in addition to or instead of a password.

VCCI - Voluntary Control Council for Interference (VCCI) by Information Technology Equipment or VCCI is the Japanese body governing RF emissions (i.e. electromagnetic interference) standards.

Visa DPA - Visa Dynamic Passcode Authentication (DPA) verifies the cardholder's identity and physical presence of the payment card through a calculator-sized smart card reader. When the correct PIN for the card and a "challenge" are entered the reader displays a unique one-time numeric response code that can be entered a web page or read a merchant over the phone. The response code is valid for that transaction only.

WEEE - The Waste Electrical and Electronic Equipment Directive (WEEE Directive) is the European Community that directs manufacturers for the disposal of waste electrical and electronic equipment.

WHQL - Windows Hardware Quality Labs (WHQL) is a Microsoft facility that tests and certifies third-party hardware and driver products for compatibility with Windows operating systems.