Difference between revisions of "Terminology"
Jump to navigation
Jump to search
(add kompose) |
(add SemVer) |
||
Line 88: | Line 88: | ||
;SAST: Static Application Security Testing is to find security vulnerabilities in the application source code earlier in the software development life cycle. Because SAST can be automated in DevOps, it becomes part of SecDevOps | ;SAST: Static Application Security Testing is to find security vulnerabilities in the application source code earlier in the software development life cycle. Because SAST can be automated in DevOps, it becomes part of SecDevOps | ||
;SCM: Software Configuration Management | ;SCM: Software Configuration Management | ||
+ | ;SemVer: [https://semver.org/ Semantic Versioning] | ||
+ | : Given a version number MAJOR.MINOR.PATCH, increment the: | ||
+ | : | ||
+ | :MAJOR version when you make incompatible API changes | ||
+ | :MINOR version when you add functionality in a backward compatible manner | ||
+ | :PATCH version when you make backward compatible bug fixes | ||
+ | :Additional labels for pre-release and build metadata are available as extensions to the MAJOR.MINOR.PATCH format. | ||
+ | |||
;SEO: Search Engine Optimization | ;SEO: Search Engine Optimization | ||
;SIP: Session Initiation Protocol is a protocol used in VoIP communications allowing users to make voice and video calls, mostly for free. A SIP client is a program that you install on your computer or mobile device. | ;SIP: Session Initiation Protocol is a protocol used in VoIP communications allowing users to make voice and video calls, mostly for free. A SIP client is a program that you install on your computer or mobile device. |
Latest revision as of 09:47, 14 August 2024
See https://www.mediawiki.org/wiki/Extension:Lingo for info
- ABBR
- Abbreviation
- AJAX
- Asynchronous JavaScript and XML = A means to exchange data with a server without loading a whole new page.
- API
- Application Programming Interface
- APP
- short for Software Application.
- APT
- Advanced Package Tool. Created by the Debian project.
- ASP
- Application Service Provider
- Application Server Pages - an old technology by Microsoft
- ATM
- Automated Teller Machine (please don't call it an 'ATM Machine', that's redundant)
- BLU
- Boston Linux & Unix = a Linux User Group in Boston, MA, USA with roots that go back into the days of Unix before Linux was a thing
- BMW
- Bavarian Motor Works = German car company
- CIDR
- Classless Inter-Domain Routing
- coax
- coaxial cable
- CNCF
- Cloud Native Computing Foundation https://www.cncf.io/ - a sub-foundation of the Linux Foundation.
- CSS
- Cascading Style Sheets = A technology that deals with the presentation of content on the web
- DAST
- Dynamic Application Security Testing can find security vulnerabilities and weaknesses in a running application, typically web apps. It does that by employing fault injection techniques on an app, such as feeding malicious data to the software, to identify common security vulnerabilities, such as SQL injection and cross-site scripting (XSS). DAST can also cast a spotlight on runtime problems that can’t be identified by static analysis for example, authentication and server configuration issues, as well as flaws visible only when a known user logs in.
- DKIM
- DomainKeys Identified Mail = An IETF specification that combats SPAM on the Internet
- DNS
- Domain Name System. An Named Host to IP Address lookup system
- DPL
- Dynamic Page Lists = Like a Cuisinart food processor, it allows you to slice and dice the contents of your wiki.
- DRM
- Digital Restrictions Management = Electronic methods to control what you can and can't do.
- EFF
- Electronic Frontier Foundation https://eff.org
- FHIR
- Fast Healthcare Interoperability Resources is a standard for exchanging Healthcare data.
- FOSS
- Free Open Source Software. An attempt to communicate the 'freedom' aspect of free software de-emphasizing the price connotation of 'free'.
- FLOSS
- Free / Libre Open Source Software = Another attempt to de-emphasize the price connotation of 'free' and instead recognize that free means liberty.
- FSF
- Free Software Foundation. fsf.org
- FUBAR
- F*cked Up Beyond All Recognition
- FUSE
- Filesystem in User Space
- GAFYD
- Google Apps For Your Domain (now called Google Workspace)
- GDPR
- The General Data Protection Regulation (Regulation (EU) 2016/679, abbreviated GDPR) is a European Union regulation on Information privacy in the European Union (EU) and the European Economic Area (EEA). The GDPR is an important component of EU privacy law and human rights law, in particular Article 8(1) of the Charter of Fundamental Rights of the European Union. It also governs the transfer of personal data outside the EU and EEA. The GDPR's goals are to enhance individuals' control and rights over their personal information and to simplify the regulations for international business. It supersedes the Data Protection Directive 95/46/EC and, among other things, simplifies the terminology.
- GitOps
- GitOps is a DevOps practice that uses Git repositories to manage infrastructure and application code deployments. It's an evolution of Infrastructure as Code (IaC) that uses Git pull requests to verify and automatically deploy system infrastructure modifications. GitOps can help organizations: Improve efficiency and security, Improve the developer experience, Reduce costs, Speed up deployments, and Maintain consistency across all infrastructure.
- GNHLUG
- Greater New Hampshire Linux User Groups = an association of User Groups in and around the state of New Hampshire, USA of people interested in Linux technology and/or those who created it in the first place; and continue to this day.
- GNU
- Gnu's Not Unix, because Unix is proprietary software while Gnu is software that respects your freedom.
- GPL
- General Public License = A sane copyright license
- HHVM
- HipHop Virtual Machine = a PHP interpreter created at Facebook as an alternative to the Zend Engine interpreter. http://hhvm.com/
- HIPAA
- The Health Insurance Portability and Accountability Act is a 1996 federal statute that created standards for protecting patient health information. All healthcare organizations must follow cybersecurity practices and run risk assessments to comply with HIPAA.
- HTML
- HyperText Markup Language = structured text that uses logical links (hyperlinks) between nodes containing text.
- HTTP
- HyperText Transfer Protocol = the foundation of data communication for the World Wide Web. See HTML
- HTTPS
- HTTP Secure = HTTP using SSL or the newer TLS
- IANAL
- I Am Not A Lawyer (but I'll play one on the Internet ;-)) Because this acronym can be interpreted as crude, Heather Meeker suggests an alternative 'disclaimer' in online discussions: "If this were legal advice, it would have come with an invoice."
- IAST
- Interactive Application Security Testing. A technique employing an agent inside a running application capable of testing all libraries, frameworks, API endpoints and protocols for security vulnerabilities.
- IETF
- Internet Engineering Task Force = organization to make the Internet work better
- IP
- Internet Protocol. An IP Address is a host or device name in numeric form.
- IPv4
- Internet Protocol version 4
- IPv6
- Internet Protocal version 6
- IPR
- Intellectual Property Rights = A crazy idea that nonetheless is pervasive in the global legal system. See Also: GPL
- IRL
- In Real Life = A TLA used when 'virtual' was a thing. Now the virtual has permeated 'meat space' and so the two are not so distinct.
- ISBN
- International Standard Book Number = 10-digit or 13-digit codes used by the publishing industry to uniquely identify individual book titles and editions. Some 10-digit ISBNs may end with an "X" instead of a digit.
- ISO 27001
- ISO/IEC 27001 is an international standard to manage information security. The standard was originally published jointly by the International Organization for Standardization (ISO) and the International Electrotechnical Commission (IEC) in 2005, revised in 2013, and again most recently in 2022. There are also numerous recognized national variants of the standard. It details requirements for establishing, implementing, maintaining and continually improving an information security management system (ISMS) – the aim of which is to help organizations make the information assets they hold more secure. Organizations that meet the standard's requirements can choose to be certified by an accredited certification body following successful completion of an audit. The effectiveness of the ISO/IEC 27001 certification process and the overall standard has been addressed in a large-scale study conducted in 2020.
- JS
- JavaScript = A computer language.
- JSON
- JavaScript Object Notation = A data representation format in JavaScript
- KIO
- KDE Input/Output slaves
- Kompose
- kompose is a tool to help users who are familiar with docker-compose move to Kubernetes. kompose takes a Compose Specification file and translates it into Kubernetes resources.
- Kubectl
- (Kyoob' cuddle) a command line tool for communicating with a Kubernetes cluster's control plane, using the Kubernetes API.
- Kustomize
- Kubernetes native configuration management built into kubectl as
apply -k
. - LUG
- Linux User Group = a general term whereas a specific LUG will often have a geographic focus
- LXC
- is a userspace interface for the Linux kernel containment features. Through a powerful API and simple tools, it lets Linux users easily create and manage system or application containers.
- LXD
- is a next generation system container manager. It offers a user experience similar to virtual machines but using Linux containers instead.
- MOTD
- Message Of The Day = MOTD
- NIST
- (the US) National Institute of Standards and Technology
- NIST Cybersecurity Framework
- NIST Cybersecurity Framework is a set of guidelines for mitigating organizational cybersecurity risks, published by NIST based on existing standards, guidelines, and practices. The framework "provides a high level taxonomy of cybersecurity outcomes and a methodology to assess and manage those outcomes", in addition to guidance on the protection of privacy and civil liberties in a cybersecurity context. It has been translated to many languages, and is used by several governments and a wide range of businesses and organizations.
- node
- nodes
- A worker machine in a Kubernetes cluster.
- NPM
- Node Packaged Modules = a package manager for the Nodejs system
- NSFW
- Not Safe For Work
- OASIS
- Organization for the Advancement of Structured Information Standards = a global standards organization
- OOP
- Object Oriented Programming = hard to define. See OOP.
- OOUI
- Object Oriented User Interface mw:OOUI
- ORM
- Object Relational Mapping = a database approach
- PCI DSS
- The Payment Card Industry Data Security Standard was created in 2006 to ensure that all companies that accept, process, store, or transmit credit card information operate securely. The framework is primarily intended to keep cardholder information safe. All companies handling this information must comply with PCI DSS, regardless of size. The framework is administered and enforced by the Payment Card Industry Security Standards Council.
- PDCA
- Plan Do Check Act - PDCA is called the Deming Cycle or Deming Wheel https://deming.org/explore/pdsa/ https://www.lean.org/lexicon-terms/pdca/
- Portable Document Format = a widely used standard for representing documents electronically and print. PDF
- PEAR
- PHP Extension and Application Repository = a collection of code started in 1999 to enhance the utility of PHP.
- PHAR
- PHP Archive = a distribution format. See https://secure.php.net/manual/en/intro.phar.php
- Phishing
- attempt to acquire sensitive information such as passwords or credit card details by masquerading as a trusted party.
- PHP
- PHP is the HyperText Preprocessor = the most popular programming language for the web
- Pod
- Pods
- A Pod (as in a pod of whales or pea pod) is a group of one or more containers , with shared storage/network resources, and a specification for how to run the containers. https://kubernetes.io/docs/concepts/workloads/pods/
- POTS
- Plain Old Telephone Service is an acronym to describe the traditional telephone network served by copper wires strung on poles. (nb. There is a lot more infrastructure to POTS than just the poles and wires.)
- POTD
- Picture Of The Day
- POTY
- Picture Of The Year
- PRURL
- PRURLs
- Protocol Relative URL. Starts with '//' instead of 'HTTP(S)://'
- PSR-1
- PHP Standard Recommendation 1
- PSR-2
- PHP Standard Recommendation 2
- RASP
- Run-time Application Security Protection is similar to IAST, but rather than testing for vulnerabilities it acts like a watchdog that responds to live threats (e.g. terminating an attacker's session and alerting).
- Regex
- Regular Expression = a search and replace syntax that allows for powerful pattern matching
- RSS
- Really Simple Syndication = a syntax for sharing data across the web.
- SAST
- Static Application Security Testing is to find security vulnerabilities in the application source code earlier in the software development life cycle. Because SAST can be automated in DevOps, it becomes part of SecDevOps
- SCM
- Software Configuration Management
- SemVer
- Semantic Versioning
- Given a version number MAJOR.MINOR.PATCH, increment the:
- MAJOR version when you make incompatible API changes
- MINOR version when you add functionality in a backward compatible manner
- PATCH version when you make backward compatible bug fixes
- Additional labels for pre-release and build metadata are available as extensions to the MAJOR.MINOR.PATCH format.
- SEO
- Search Engine Optimization
- SIP
- Session Initiation Protocol is a protocol used in VoIP communications allowing users to make voice and video calls, mostly for free. A SIP client is a program that you install on your computer or mobile device.
- SOC 2
- Systems and Organization Controls (SOC) 2 is a set of compliance criteria developed by the American Institute of Certified Public Accountants (AICPA).
- SPAM
- unsolicited bulk email
- SPF
- Sender Policy Framework
- SME
- Subject Matter Expert
- SMW
- Semantic MediaWiki = See Metadata
- SRE
- Site Reliability Engineer
- SSL
- Secure Sockets Layer = secure (encrypted) underpinning for HTTP
- TLA
- Three-Letter Acronym
- TLS
- Transport Layer Security
- UOP
- User Operation Prohibition = things you're not allowed to do with a DVD, like skip the FBI warning w:User operation prohibition
- UPO
- User Preference Option = things that you can set in your "preferences". Special:Preferences
- URL
- URLs
- Uniform Resource Locator = an address of a web page or other component, including the protocol.
- VCS
- Version Control System
- VE
- Visual Editor
- VoIP
- Voice over Internet Protocol, or commonly "Voice over IP", is the Internet alternative to POTS.
- WMF
- WikiMedia Foundation = the organization which runs various projects including Wikipedia.org
- WOFF
- Web Open Font Format
- WWW
- World Wide Web = the part of the Internet where websites and documents can be found via HTTP or HTTPS.
- XML
- Extensible Markup Language = a system for markup such that you can create your own 'schema' of terms rather than a specific markup language.