The Secret Security Wiki
Cloud services, which play a key role in the authentication process, refer to any service that is provided over the internet.
FIDO2 refers to the combination of the FIDO Alliance’s specification for Client-to-Authenticator Protocols (CTAP) and the World Wide Web Consortium’s (W3C) Web Authentication (WebAuthn) specification, which together enable users to authenticate to online services from both mobile and desktop environments using an on-device or external authenticator. WebAuthn defines a standard web API that is implemented...
Shoulder surfing is the term used to describe one person observing another person’s computer or mobile device screen and keyboard to obtain sensitive information. Direct observation can be done by simply looking over someone’s shoulder – hence shoulder surfing – or using binoculars, video cameras (hidden or visible), and other optical devices. Typically the objective...
An old and trusted authentication mechanism that relies on passwords, but in a smarter way In computer systems, a token is an object or structure used to transfer data between applications. Tokens are primarily used by stateless applications as a vehicle for client-side storage of session data. For example, a shopping app may track things...
PGP (Pretty Good Privacy) can be used for signing, encrypting and decrypting almost anything, and it’s actually much better than “pretty good”! Pretty Good Privacy (PGP) is a data encryption protocol that uses a combination of symmetric and asymmetric encryption to allow two parties to confidentially exchange data. PGP also allows a receiver to authenticate...
Security as a service (SECaaS) is the provisioning of security controls/solutions as a managed service, typically over the internet. With SECaaS, security solutions are no longer delivered/deployed locally, IT administrators no longer have to install virus protection software, spam filtering software, and other security controls on each workstation, server or network, and they no longer...
Infrastructure as a Service (IaaS) provides customers with tools and an environment on which they can remotely provision processing, storage, networks, and other fundamental computing resources, and deploy arbitrary software, including an operating systems, middleware and applications. In other words, IaaS exposes a virtualization layer and an interface to manage the creation of virtual machines...