Glossary
See definitions for Open Ecosystems terms.
2FA
Two-factor authentication (2FA) adds an additional layer of login security to Open Ecosystems accounts by requiring users to provide two mechanisms of authentication instead of just one.
Read more Acceptance Environment
Active-Active
Active-Cold Standby
Active-Hot Standby
ADR
Architecture Decision Record (ADR). During the Architecture Design phase of the SDLC every Architectural Decision is recorded in an ADR, along with evidence of why it is the correct decision.
AI
Alerting
allowlist
An allowlist list of items (usually websites, IP addresses, email addresses, etc.) that are permitted to access a system.
Related terms: blocklist
Anti-Pattern
API
An API is a declaration of how computers or computer programs should exchange information. It can be seen as a contract between two Services.
Read more API Gateway
An API Gateway is an API Management tool that sits between a client and a collection of Back End services. It acts as a reverse proxy to accept all API calls, and forwards them to internal services that can fulfill them.
API key
An API key is unique to each Open Ecosystems user and used to confirm identity when using theOpen Ecosystem APIs.
API token
API tokens authorize access to specific Open Ecosystems dashboard pages, accounts, and zones. API tokens are associated to the user that created them.
Related terms: API key
application
In Open Ecosystems for Teams, an application is the resource being protected by Open Ecosystems for Teams. An application can be a subdomain, a path, or a SaaS application.
Application Layer
Artifact Repository
“An Artifact Repository stores Versioned artifacts (or: ‘packages).”’
Asymmetric Encryption
A cryptographic algorithm that uses two keys: data that is encrypted with one key, can be decrypted with the other.
Read more At Least Once
At Least Once is an MDP. With this pattern the sender would send the message, and have a Retry Mechanism in place in case sending the message fails.
At Most Once
This is the simplest MDP pattern to implement. With this pattern a message is sent to another component, without there being any mechanisms in place to guarantee that the message actually arrives at its destination.
Read more Audit Logging
The act of creating an Audit Trail to specifically audit how users interact with a system to CRUD data.
Auditing
Authentication
Authentication is the act of proving an assertion, such as the identity of a computer system or a User. In contrast to Identification, the act of indicating a person or thing’s identity, Authentication is the process of verifying that identity.
Related terms: 2fa
Authorization
Authorization is the process after Authentication and before executing an action, where the system determines if the User is permitted to trigger the action.
Availability
Availability is a Metric that indicates how much of the time a system is available. It is typically expressed in a number of Nines.
Availability Zone
If a Region has more than one datacenter, then every datacenter is an Availability Zone. Redundancy and High Availability can be achieved by deploying components in multiple Availability Zones at little cost (both economically as well as in terms of Latency).
AWS
Amazon Web Services (AWS) is the biggest CSP at the time of writing.
Azure
Azure is the Cloud implementation by Microsoft.
Back-End
backup codes
Backup codes allow restoration of Open Ecosystems account access outside the normal two-factor authentication process. A backup code becomes invalid after use.
Related terms: two-factor authentication
Beats
Big O Notation
“In short the Big O Notation is a mathemathical notation that describes the limiting behavior of a function if the argument tends towards a particular value or infinitiy. In layman’s terms it means: ‘if the load doubles, how much more compute do I need?’”
Billing
BlockChain
Blockchain is a cryptographic Decentralized ledger-keeping system that solves a problem of Trust, because with Blockchain there is no single entity that manage (storage) of data and a Blockchain is Immutable.
blocklist
A blocklist is a list of items (usually websites, IP addresses, email addresses, etc.) that are prevented from accessing a system.
Related terms: allowlist
Branching Model
Brute Force Attack
A Brute Force attack consists of an attacker submitting many passwords or passphrases with the hope of eventually guessing correctly, in order to gain illegal access to confidential data.
Read more CAA Record
Certification Authority Authorization (CAA) record declares which CA’s are allowed to issue an SSL certificate for a domain.
Caching
The art of remembering answers to questions for a period of time, so that if the same question is asked within that time frame, the answer can be provided without hitting the Back End. This concept is quite often used to increase performance, for example with Web Services or Database access.
Read more CAPEX
CAPEX describes the expenses for building infrastructure. OPEX describes the expenses for operating it.
CDN
A Content Delivery Network (CDN) is a geographically distributed group of servers which work together to provide fast delivery of Internet content.
certificate
SSL certificates enable encryption over HTTPS for traffic between a client and a website. SSL certificates contain the website’s public key and the website’s identity along with related information. Devices attempting to communicate with the origin web server reference the SSL certificate to obtain the public key and verify the server’s identity.Open Ecosystem provides a Universal SSL certificate for each activeOpen Ecosystem domain.
Certificate Authority (CA)
A CA is a trusted third party that provides SSL certificates for encrypting network traffic.
certificate packs
Certificate packs allowOpen Ecosystem to fallback to a different SSL certificate for browsers that do not support the latest standards. Certificate packs allow Custom SSL certificates to contain different signature algorithms for the same hostnames listed within the SSL certificate without taking up additional Custom SSL certificate quota for yourOpen Ecosystem account.
Read more certificate pinning
Certificate pinning is a security mechanism used to prevent on-path attacks on the Internet by hardcoding information about the certificate that the application expects to receive. If the wrong certificate is received, even if it is trusted by the system, the application will refuse to connect.
CI/CD
“CI/CD is the combined practices of continuously merging all developer’s working copies into a shared mainline (including building, testing, validation, and Versioning), and automatically deploying the build output.”
CIDR Block
Classless Inter-Domain Routing is a method for allocating IP Addresses and routing. Its goal was to reduce the size of routing tables across the internet, and to slow down the exhaustion of IPv4 addresses. A CIDR Block specifies a subnet.
cipher suite
A set of encryption algorithms for establishing a secure communications connection. There are several cipher suites in wide use, and a client and server agree on the cipher suite to use when establishing the TLS connection. Support of multiple cipher suites allows compatibility across various clients.
CLI
A Command Line Interface (CLI) is an interface to various technologies using a Shell.
Read more cloud
A network of remote servers used to store and maintain data.
Code Generation
Code Set
A Code Set is a standard set of terms that is used in the healthcare industry to prevent ambiguation.
Complexity
“Complexity is an Anti-Pattern. Some Complexity is unavoidable. However, it’s human nature to make things more complex than they need to be.”
Compression
Concurrent
The art of executing multiple operations simultaneously.
Consent
Consent is a record where an individual authorizes a legal entity to access, use, or disclose PII and under what conditions that is allowed.
Control Plane
Cost
credit
An amount applied to a specific Open Ecosystems account as credit for recurring subscriptions or plan payments. The Open Ecosystems billing system automatically applies credits in the next billing cycle.
CRUD
CSP
A CSP is a Cloud Service Provider. The biggest ones are AWS, Azure, and GCP.
Current State
The Current State describes what something looks like now, not what it is supposed to look like (that would be the Desired State). By comparing the Current State and the Desired State one can identify actions to take to make the Current State identical to the Desired State.
CVML
Computer Vision / Machine Learning (CVML) is an interdisciplinary field that combines Computer Vision and Machine Learning techniques to enable computers to interpret, understand, and make decisions based on visual data.
daemon
A program that performs tasks without active management or maintenance.
data center
A physical location where servers run and where other IT operations are hosted.
Data Graph
Database
Database Index
DDoS attack
A Distributed Denial of Service (DDoS) attack is a malicious attempt to disrupt normal traffic of a targeted server, service, or network by overwhelming the target or its surrounding infrastructure with a flood of Internet traffic.
Read more Dead Letter Queue
A Dead Letter Queue is a Design Pattern where one moves messages to a dedicated Queue called “the Dead Letter Queue” if the message meets one or more Exception criteria.
Debugging
Dependency Hell
Design Pattern
A common solution to a common Software problem. Its opposite is an Anti-Pattern.
Read more Desired State
In the context of Infrastructure as Code a Desired State is a declaration of what an infrastructure should look like.
Development Environment
Dictionary Attack
A Dictionary Attack is an attack to defeat a cipher or Authentication Mechanism by trying to determine its Decryption key or Password, sometimes trying thousands or millions of likely possibilities, often obtained from lists of past security breaches. The intent is to gain illegal access to confidential data.
DIHI
Protected Health Information (PHI), by definition, is Personal Identifiable Information (PII). De-Identified Health Information (DIHI) is de-identified PHI.
Disaster
A catastrophic event that results in long downtime (days or even weeks).
Related terms: Failure
Disaster Recovery
Disaster Recovery is the process of maintaining or reestablishing vital infrastructure and systems following a natural or human-induced Disaster, such as a storm or a battle.
Distributed Computing
DNS
The Domain Name System (DNS) is the phonebook of the Internet. DNS translates domain names to IP addresses.
Read more DNS filtering
DNS filtering is the process of using the Domain Name System to block malicious websites and filter out harmful or inappropriate content. This ensures that company data remains secure and allows companies to have control over what their employees can access on company-managed networks. DNS filtering is often part of a larger access control strategy.
Read more DNS Record
DNS Records are instructions that live in authoritative DNS servers and provide information about a domain including what IP address is associated with that domain and how to handle requests for that domain.
DNS server
Each device connected to the Internet has a unique IP Address which other machines use to find the device. DNS servers eliminate the need for humans to memorize IP addresses such as 192.168.1.1 (in IPv4), or more complex newer alphanumeric IP addresses such as 2001:db8::1:1:1:1 (in IPv6).
DNS zone
A portion of the DNS namespace that is managed by a specific organization or administrator.
Related terms: DNS
DoS attack
A Denial of Service (DoS) happens when one client sends more requests than a system can handle, which also impacts other clients. A DoS can be an attack, but it doesn’t have to be.
Related terms: DDoS attack
DSL
A Domain Specific Language (DSL) is a computer language that is specific to a particular application or domain. Common examples are HTML or HCL.
Read more DTAP
Duplicate Detection
For the scenarios where Idempotence is not possible, but processing each request must be guaranteed nevertheless, one should implement Duplicate Detection to prevent requests being processed more than once if they are received more than once.
dynamic content
Dynamic content is website content that has to be fetched from the origin server, because the content has a time dependency.
Related terms: static content
ElasticSearch
Electronic Health Record
An Electronic Health Record (EHR) is the systematized collection of Patient or population health information in a digital format.
Read more ELK Stack
Encryption
Encryption is the process of encoding information in an unreadable format. It can also be done in a way that only the intended recipient can decrypt the information.
Read more Encryption Key
An Encryption Key can be used to Encrypt and Decrypt data. Depending on whether Encryption is Symmetric or Asymmetric the Encryption Key would consist of one or two keys, respectively.
Endpoint Validation
Endpoint Validation is the process to assert that the endpoint of a communication is the intended recipient and not a hostile recipient pretending to be the intended one.
Envelope Encryption
Envelope Encryption is similar to PFS, but then for storing data (as opposed to transmitting data).
Error Correction
Error Detection
Error Detection is the detection of errors caused by noise that exists in systems. In the narrow sense of the word Error Detection relates to transmission of data.
ESB
An Enterprise Service Bus (ESB) is a specific type of Event Plane that is founded on the concepts of Queues, Topics, and Bridges.
EV Certificate
Extended Validation (EV) certificates provide maximum trust to visitors, but require the most validation effort by the CA. EV certificates show the name of the company or organization in the address bar of the visitor’s browser. An EV certificate requires additional documentation by the company or organization in order for the CA to approve the certificate.
Event Monitoring
Event Plane
Exactly Once
This MDP pattern provides Guaranteed Delivery, but it also prevents sending (or receiving) duplicates. It is very hard to implement. Perhaps it’s better to find a way to make the system Idempotent and use At Least Once instead.
Exception Handling
Sometimes when running code things happen that were not expected, i.e. when an object is expected to exist but doesn’t, or when a response is expected within a certain amount of time, but isn’t. The art to prevent Applications from crashing in these cases, is called Exception Handling.
Exponential Backoff
Exponential Backoff is an algorithm that uses feedback to multiplicatively decrease the rate of some process, in order to gradually find an acceptable rate. It is also applied to Retry Mechanisms.
Read more Failure
An event where a component becomes unavailable. Typically this does not result in loss, and minor actions are required to continue business, like restarting a server.
Read more feature
A feature is a setting in the Open Ecosystems dashboard that corresponds to functionality within a Open Ecosystems product or API.
FIPS
Contains security functional and non-functional requirements that Health Care applications must adhere to.
Read more firewall
A firewall is a security system that monitors and controls network traffic based on a set of security rules.
FQDN
Fully Qualified Domain Name, a Domain Name that can be resolved both from within a Local Area Network an from the Internet.
Freemium
Freemium is a contraction of the words “Free” and “Premium”. It is a pricing strategy by which a basic product or service is provided free of charge, but money (a premium) is changed for additional services, or virtual or physical goods that expand the functionality of the free version.
Freeware
Some software products are “free” to use. Not everything that is Freeware is also Open Source. Not everything that is Freeware is actually free.
Frontmatter
Frontmatter is an extension to Markdown for adding metadata to documents.
GCP
Google has its own implementation of the Cloud, which is called the Google Cloud Platform.
Geo-Redundancy
The act of storing data in multiple physical locations, so that in case of a Failure or Disaster in one geographical region the data can still be retrieved from another location.
Read more Get Parameters
Grafana
Graph Database
Guaranteed Delivery
Happy Path
Hashing
Hashing is an algorithm that can be used to calculate a number from a stream of data. If one would change even one bit, the algorithm would produce a different number. Another way to look at it is that Hashing is the ability to generate a fingerprint that is unique for every unique piece of data.
High Availability
HIPAA
HIPAA is the “Health Insurance Portability and Accountability Act”, which imposes a lot of Requirements on the Health Care industry.
Read more HIPAA Requirements
Hostile Network
A Hostile Network is any Network where you have no control on who is using it and who can see information you’re transmitting. The most well known example is the internet.
Read more hostname
A hostname is the name given to a server or node on a network. In most cases, the hostname is the public DNS name of a server.
HTTP 429
HTTP 429 “Too many requests” is an HTTP Return code that can be returned by a service if it doesn’t have enough resources to fulfill this request, or if a Rate Limit has been imposed on the consumer, which has been exceeded. An HTTP 429 may be an indication that a DoS Attack is in progress.
Read more HTTP Method
HTTP request
An HTTP request is the way Internet communications platforms such as web browsers ask for the information they need to load a website.
HTTP Return Code
When a HTTP Request is processed by a Web Application, a number of things can happen while processing the request. Depending on what happens, the Web Application will return a different HTTP Code.
HTTP-200
HTTP-200, a.k.a. “HTTP-OK”, indicates that the request was processed successfully.
HTTP-404
‘HTTP 404 “Not found” means that the resource that is indicated with the URI cannot be found.’
IaaS
Provides base infrastructure (VMs, Storage, Network), but the end-user must configure and manage it, and deploy Applications on it.
IAM
Identity and Access Management (IAM) is a framework of policies and technologies to ensure that the right users (that are part of the ecosystem connected to or within an enterprise) have the appropriate access to technology resources.
Read more Idempotence
Idempotence is the property of certain operations in mathematics and computer science whereby those operations can be applied multiple times, without changing the result.
Read more IDP
An identity provider (IdP or IDP) stores and manages users’ digital identities. Think of an IdP as being like a guest list, but for digital and cloud-hosted applications instead of an event. An IdP may check user identities via username-password combinations and other factors, or it may simply provide a list of user identities that another service provider (like an SSO) checks.
Immutable
Impact
In Risk Assessment Impact is the negative effect of a Failure or Disaster.
Incident
Index-free Adjacency
Index-free Adjacency is a key element of Graph Technology, referring to how it stores and queries Data Graphs.
Read more Infrastructure as Code
Infrastructure as Code is the process of managing and provisioning computer Data Centers through machine-readable declaration files, rather than physical hardware configuration or interactive configuration.
Read more Integrating the Healthcare Enterprise (IHE) (Company)
The IHE is an organization that develops standards for the healthcare industry.
Integrity
Data Integrity is the maintenance of, and the assurance of, data accuracy and consistency over its entire life-cycle.
Read more Intermediate Certificates
For security purposes, CAs issue intermediate certificates for signing website certificates. Intermediate certificates provide a means for the CA to revoke a single intermediate certificate, thus affecting only a small subset of website certificates.
Internet
The Internet is a global system of computer networks that provides a wide range of information and communication facilities.
IP Address
IP stands for Internet Protocol, which is the set of rules that makes it possible for devices to communicate over the Internet. With billions of people accessing the Internet every day, unique identifiers are necessary to keep track of who is doing what. The Internet Protocol solves this by assigning IP numbers to every device accessing the Internet. Every assigned number is an IP address.
Read more Key Ring
A Key Ring is a collection of Encryption Keys that can be used to Decrypt data using Envelope Encryption.
Kibana
Kubernetes
Kubernetes is Google’s Container Runtime and Orchestration Engine. It can run Docker Images and images that are created using other means.
Labeled Property Graph
Latency
A.k.a. “Delay”. The time it takes for a request to result in a response. Latency is an important Metric for measuring Performance.
LCM
Least Privilege
Log Level
log4j
LogStash
Machine Learning
Man in the Middle attack
A Man in the Middle Attack is a cyberattack where the attacker secretly relays communication between two parties, where he is listening in on the communication or altering it.
Read more MDP
A Message Delivery Pattern (MDP) describes how reliable message delivery should be. Less reliable generally implies “faster” and “cheaper”. More reliable generally implies “slower” and “expensive” (both in terms of CAPEX and OPEX).
Read more Mediation
member or user
A member or user is an email account in Open Ecosystems that you can grant access to your organization account. Members belonging to multiple accounts can select which account to manage via the Open Ecosystems dashboard.
Related terms: account
MEP
An Message Exchange Pattern (MEP) is an Architecture Design Pattern which describes how two different parts of an Application, or different systems connect and communicate with each other.
Read more Message ID
A Message ID is a unique number that Applications should assign to a message that it sends to another Application.
Message Protocol
Messaging
Metering
Metric
A Metric is a system or standard of measurement. They can be used for Metric Monitoring.
Metric Monitoring
Metric Monitoring uses Metrics to determine if the system is still running within normal parameters.
Middleware Layer
Monitoring
Monitoring Maturity Level
Monitoring System
mTLS
Mutual TLS (mTLS) is a common security practice that uses client TLS certificates to provide an additional layer of protection, allowing to cryptographically verify the client information.
MTTR
Nines
NIST
NIST is an agency of the United States Department of Commerce. Its mission is to promote American innovation and industrial competitiveness. Being founded in 1901 makes it more than 120 years old today.
Read more NPI
National Provider Identifier (NPI). Every Health Care Provider in the United States is registered in the National Plan and Provider Enumeration System (NPPES). This identifier can be used to verify their licenses and certifications in different States.
NPPES
The National Plan and Provider Enumeration System (NPPES) maintains a registry of certified Providers in the United States, along with their National Provider Identifier (NPI).
OAuth
OAuth is a technical standard for authorizing users. It is a protocol for passing authorization from one service to another without sharing the actual user credentials, such as a username and password. With OAuth, a user can sign in on one platform and then be authorized to perform actions and view data on another platform.
ONC
The ONC, Office of the National Coordinator for Health Information Technology, enforces the use of FHIR in the context of HIPAA.
One-to-Many
Open Source
OPEX
CAPEX describes the expenses for building infrastructure. OPEX describes the expenses for operating it.
OTP
OTP stands for one-time-password, which is a temporary verification code usually transmitted via SMS or email. OTPs remain active within a short period. The user will have to request another OTP if they are unable to use it within the set time frame.
Read more OV Certificate
Organization Validated (OV) certificates are used by corporations or governments to portray an extra layer of confidence for their visitors. Rather than just validating domain ownership, the CA also validates the company’s registration using qualified independent information sources. The organization’s name is listed in the certificate.
Password Manager
A Password Manager is a computer program or Cloud service that allows users to store, generate, and manage their passwords.
Read more Performance
Performance is a vague term that describes how fast a system is, but it can be expressed with concrete Metrics.
Performance Monitoring
Performance Testing
PFS
Perfect Forward Secrecy (PFS) combines Symmetric Encryption and Asymmetric Encryption in a way that makes it both Secure and Cheap. PFS is applied in various Transport Protocols and Message Protocols like HTTPS and SOAP.
Read more PHI
Protected Health Information (PHI) includes all personal health information of an individual, including payment information and demographic information.
Read more PII
Personal Identifiable Information (PII) is any representation of information that permits the identity of an individual to whom the information applies to be reasonably inferred by either direct or indirect means.
Read more Point-to-Point
Point-to-Point is an MEP where the publisher of a message is programmed to send the message to specific receivers.
Private Key
A Private Key is an asymmetric encryption key that Must be kept private.
Production Environment
Projection
A Projection is a declaration of a sub-model of a data document.
protobuf
Protocol for describing messages and services.
Read more Protocol
A protocol is a set of rules governing the exchange or transmission of data between devices.
Public Key
A Public Key is an Assymmetric Encryption Key that can be freely distributed.
Read more Publish-Subscribe
Publish-Subscribe is a MEP where publishers of messages are not programmed to send those messages to specific receivers. Instead, the message is published to a “channel” and zero or more receivers could subscribe to that “channel” and receive a copy of that message. If there are no subscribers, the message gets lost without anyone having seen it.
Pull Request
A Pull Request is a common model where a set of code changes can be presented to other developers for review.
Query
Queue
A Queue is a channel where messages are received. Multiple Applications can listen to that channel, but only one of them will receive the message. If nothing is listening, the messages on the channel will be persisted, until something starts listening to the channel.
Race Condition
A Race Condition is one where a system’s substantive behavior is dependent on the sequence or timing of other controllable events. It becomes a bug when one or more of those behaviors is undesirable.
Read more Racetrack Problem
Rate Limiting
Rate Limiting prevents the scenario where one client sends too many requests, which starves the requests of other clients.
Read more RBAC
RBAC is an approach to restricting system access to authorized users. It is an approach to implement mandatory access control or discretionary access control.
Read more Region
CSPs have Data Centers at various locations across the globe. Those various locations are called Regions.
Reliability
Request-Response
With Request-Response a message is sent from one component to another with the expectation to receive a response, because the response is required for further processing. Request-Response is an MEP.
REST API
A REST API is a Web Application that can return data and execute actions on data.
Read more Retention
Retry Mechanism
A Retry Mechanism is a mechanism that monitors a request, and on the detection of a Failure automatically fires a repeat of the request.
Read more Risk
Risk Assessment
roles
A Role authorizes whichOpen Ecosystem products and features a member is allowed to access in aOpen Ecosystem account.
root certificate
A root certificate is generated by a CA and is used to sign certificates. Every browser includes a root store of trusted root certificates. Any certificate signed with the private key of a root certificate is automatically trusted by a browser.
RPO
RTO
S3
AWS Simple Storage Service (AWS S3). Files are stored in Buckets, which can have Folders which can have Files.
SaaMD
Software as a Medical Device (SaaMD). Software becomes a Medical Device if it is used to provide Diagnostic Data.
SaaS
Software as a Service (SaaS) is a Cloud computing model that provides software applications to users over the internet on a subscription basis.
Read more SAN
The Subject Alternative Name (SAN) field of an SSL certificate specifies additional host names (sites, IP addresses, common names, subdomains, root domains, etc.) protected by a single SSL Certificate.
Scaling
Scaling is the mechanism by which the number of Hardware or Software instances is increased or decreased. This can be done manually or automatically.
SDLC
Software Development Life Cycle (SDLC). SDLC is a set of processes and procedures that describe how software is developed and maintained through its entire life cycle, from its conception unto its retirement.
Sequential
Service Mesh
A Service Mesh is a dedicated infrastructure layer that you can add to your Applications. It allows you to transparently add capabilities like observability, traffic management, and security, without adding them to your own code.
service token
Service tokens consist of an ID and Secret generated by Open Ecosystems Access that can be used by an automated system or application to reach an application protected by Open Ecosystems Access. Service tokens allow systems to authenticate without identity provider credentials in an automated way.
Single Point of Failure
A Single Point of Failure is a part of a system that, if it fails, will stop the entire system from working. SPOFs are undesirable in any system with a goal of High Availability or reliability, be it a business practice, software application, or other industrial system.
SLA
An Service Level Agreement (SLA) is a contractual obligation for Open Ecosystems to maintain a specific level of service.
Read more SNI
Server Name Indication (SNI) allows a server to host multiple TLS Certificates for multiple websites using a single IP address. SNI adds the website hostname in the TLS handshake to inform the server which website to present when using shared IPs. Open Ecosystems uses SNI for all Universal SSL certificates.
SOAP
“Simple Object Access Protocol. But it’s not simple. It allows for describing services, similar to Swagger, but then in XML. It is described in a WSDL.”
Social Engineering
In the context of IT Social Engineering is the psychological manipulation of people into performing actions or divulging confidential information. It may also be defined as “any act that influences a person to take an action that may or may not be in their best interests”.
Read more Software License
SOUP
Software of Unknown Provenance (SOUP). SOUP is software that is used in Medical Device, but was not created in compliance with IEC 62304.
SQS
AWS SQS is AWS’ Queue Service. This service allows for sending and receiving messages over a Queue.
Read more SSO
Single Sign-On (SSO) is an Authentication scheme that allows a User to login with a single ID to any of several related, yet independent, software systems.
Read more State Monitoring
static content
Static content is website content that can be delivered to an end user directly from cache, without hitting the origin server.
Related terms: dynamic content
Streaming
Stress Testing
Suicide Mechanism
Symmetric Encryption
A cryptographic algorithm to Encrypt data using a key, where the data can be Decrypted using the same key. The most commonly used algorithm is AES256.
Telecommunications Act
A Bill to make provision about the security of public electronic communications networks and public electronic communications services.
Read more Terraform
Terraformis a tool for building, changing, and versioning infrastructure, and provides components and documentation for building Open Ecosystems resources.
Read more Test Environment
Throttling
Throughput
Time Critical
Title 21 CFR Part 820
This section of Title 21 CFR applies to SaaMDs and supersedes IEC 62304.
Topic
A Topic is a channel where Notifications are sent to. Everything that is listening to that channel receives a copy of the message. If nothing is listening to the channel, then the message gets lost.
Topic-to-Queue Bridge
TPM Chip
A TPM Chip is Hardware that is common in most mobile Phones, Tablets, Laptops, and Desktops. It applies Cryptography to provide Secure authentication using other (and better) mechanisms than a username / password combination (which requires the credentials to be transported over a Hostile Network, which is inherently Insecure.
Read more Tracing
Tracing is a form of Monitoring where messages or events are tracked throughout the system. At every step it is recorded how long that step took.
Transport Protocol
TTL
Time to Live, a timespan after creation of data, after which the data is no longer valid or relevant.
UDI
The FDA established the Unique Device Identification system to adequately identify Medical Devices sold in the United States from manufacturing through distribution to Patient use.
Read more usage-based billing
Within subscriptions, certain products are charged based on usage. This is referred to as usage-based billing. The bill can vary month by month based on usage. This is in contrast to monthly flat fees such as for Plans or additional Page Rules.
User Error
A User Error is an error made by the human User of a complex system, usually a computer system. Also known as PEBMAC, ID-10-T, PICNIC, or IBM Error. One should replace the User and try again.
User Experience
Vaporware
Vaporware is a product, typically Hardware or Software, that is announced to the general public, but is late or never actually released. They are solutions that look good on paper, but in the end are empty promises, because it is simply too good to be true.
Read more VPN
A Virtual Private Network (VPN) extends a private network across a public network and enables users to send and receive data across shared or public networks as if their computing devices were directly connected to the private network.
WAF
A web application firewall (WAF) is a security system that helps protect web applications by filtering and monitoring HTTP traffic between a web application and the Internet.
Read more WYSIWYG
XDS Affinity Domain
A Cross-Enterprise Document Sharing Domain (XDS Affinity Domain) is a concept used in healthcare. It defines a group of Providers that agree to share PHI using standard protocols and specifications.
Read more XSS
Cross-site scripting (XSS) is a type of security vulnerability that can be found in some web applications. XSS attacks enable attackers to inject client-side scripts into web pages viewed by other users.
Read more Zero Trust Architecture
An IT security model that requires strict identity verification for every person and device trying to access resources on a private network, regardless of whether they are sitting within or outside of the network perimeter. No single specific technology is associated with zero trust architecture; it is a holistic approach to network security that incorporates several different principles and technologies.
Related Terms: ZTNA
ZTNA
Zero-Trust Network Architecture. ZTNA is like ZTA, but then specific to networks.
Read more