Glossary of terms

The 3GPP was formed in December 1998 as a collaboration agreement bringing together a number of telecommunication standards bodies. These standards bodies are referred to as Organizational Partners. The original aim of the 3GPP was to produce globally applicable technical specifications for third generation mobile systems based on evolved GSM core networks and the radio access technology UTRA (Universal Terrestrial Radio Access). This was subsequently amended to include the maintenance and development of the GSM standards including GPRS and EDGE (Enhanced Data rates for Global Evolution).Further network developments attributed to the 3GPP included evolution of service management through IMS, increased data rates in the UTRA via HSUPA /HSDPA and most recently, a new access and core network commonly termed LTE.

Designation for a cryptographic algorithm used in GSM for encrypting data on the air interface between the mobile station and the base station or background system. A5 is the same for the entire GSM system.

There are several variants of A5 (A5/0 to A5/7).

AA enables an inspection system to not prevent copying & cloning (of MRTD chip).It verifies that the chip content is not a copy and the authentic chip is in the document.

Founded in 1933, AAMVA represents the state and provincial officials in the United States and Canada who administer and enforce motor vehicle laws AAMVA is a tax-exempt, nonprofit organization developing model programs in motor vehicle administration, law enforcement and highway safety. The association also serves as an information clearinghouse in these areas, and acts as the international spokesman for these interests.

Automated Biometric Identification System. Such a system compares captured biometric samples to a database of records in order to determine the identify of an individual.

A list of entities, together with their access rights, which are authorized to have access to a resource.

Has two definitions according to circumstances:

• The procedure for accepting an IT system for use within a particular environment
• An administrative process whereby authority is granted for the operation of an IT product (or collection thereof) in its full operational environment including all of its non-IT parts. The results of the evaluation process are an input to the accreditation process. However, as other techniques are more appropriate for the assessments of non-IT related properties and their relationship to the IT security parts, accreditors should make separate provisions for those aspects.

A Payment System member that has a contractual relationship with a merchant or that disburses currency to a cardholder in a cash disbursement, and directly or indirectly enters the resulting transaction into interchange.

The entity that has a level of trust with respect to all policies implemented by the TSF (Target of Evaluation Security Function).

Automated Fingerprint Identification System. Automated Biometric System that compares a submitted fingerprint record (single or multiple) to a database of records in order to determine the identify of an individual.

Agence Nationale de la Securite des Systemes d'Information In French or the FNISA in English standing for French Network and Information Security Agency (web site) officially created as July 8, 2009 replaces the present Central Directorate for Information System Security (DCSSI), and is assigned wider resources and missions

• To detect and early react to cyber attacks, thanks to the creation of a strong operational center for cyber defense, working round-the-clock and being in charge of the continuous surveillance of sensitive Governmental networks, as well as the implementation of appropriate defense mechanisms;
• To prevent threats by supporting the development of trusted products and services for Governmental entities and economic actors;
• To provide reliable advice and support to Governmental entities and operators of Critical Infrastructure;
• To keep companies and the general public informed about information security threats and the related means of protection through an active communication policy. As such FNISA (ANSSI) operates the French CC Evaluation & Certification scheme.

The protocol between the card and the terminal and its related set of data or for a card a program and associated data that reside on an integrated circuit chip and satisfy a business function. Examples of

applications include payment, stored value, and loyalty. [EMV]

Advanced Research and Technologies for Embedded Intelligence and Systems. The ARTEMIS European Technology Platform represents the field of Advanced Research & Technology for Embedded Intelligence and Systems. The ARTEMIS ETP started in 2004 and produced a Strategic Research Agenda (SRA) in 2006. The ARTEMIS ETP-SRA gives a vision, mission, goals and strategy, as a Pan-European guideline for the research, technology and innovation in the field of ARTEMIS. See: www.artemis.eu.

The specification of an identified parameter in a component (of the CC) or requirement. [CC]

This type of cryptographic operations uses one key, known as the recipient's public key for encryption of a plain text by any user and another key, which is secretly own by the recipient, for decryption of associated cipher text. These two keys are related to each other and are called a key pair.

Character-by-character or cell-by-cell or data unit-by-data unit transfer. Data units from any one source need not be periodically spaced within the overall data unit stream.

A cryptographic process that validates the claimed origin of data or an identity [EMV]. In biometric technique the authentication process compares the captured biometric sample with the biometric information’s previously stored on a smart secure device (epassport, smart card, ...).

A key pair used in a public key system.

A user who may, in accordance with the SFRs, perform an operation. [CC]

B2B describes commerce transactions between businesses, such as between a manufacturer and a wholesaler, or between a wholesaler and a retailer. Contrasting terms are business-to-consumer (B2C) which describes activities of businesses serving end consumers with products and/or services, and business-to-government (B2G) which encompasses marketing products and services to government agencies through integrated marketing communications techniques such as strategic public relations, branding, marcom, advertising, and web-based communications.

See B2B (Business to Business)

Basic access control with Active Authentication

The BIG is the technical group working under the authority of the Article 6 Committee of the European Commission for Its prime mission is to act as the focal point for resolving all technical issues that arise from the development, implementation and application for EAC (ePassport) including a Certificate Policy. BIG is an organization open to all the EU and Schengen Member States on a voluntary basis. BIG is also open to Government and European Commission representatives.

A general term used to refer to any computer data that is created during a biometric process. More precisely two kinds of biometrics data can be used:

• Collected Biometric Data: raw data get out of the sensors named Biometric Samples
• Compressed or computed Biometric Data: in order to accelerate the automated biometric process or reduce size needed by the records in memory, raw Data are “compiled” or “compressed” by dedicated algorithms that keep accuracy while decreasing drastically size of records.

Representations of a fingerprint or other biometrics using series of numbers and letters.