• AUSkey Terms and Conditions glossary

    Acronym Definition

    ABN

    See 'Australian Business Number'.

    ABR

    See 'Australian Business Register'.

    ABR CA

    The Certification Authority (CA) in the AUSkey System. The ABR CA issues and digitally signs AUSkey certificates.

    ABR RA

    The Registration Authority (RA) in the AUSkey System. The ABR RA digitally signs relevant requests for AUSkey Certificates, and forwards them to the ABR CA.

    ABR RCA

    The Root Certification Authority (RCA) in the AUSkey System. It:

    • generates its own Authentication Key
    • creates and signs its own Certificate, and the ABR CA’s Certificate, using that Key.

    Administrator

    The Certificate Holder of an AUSkey Standard Certificate who has administrator level privileges in relation to that certificate (see 'AUSkey Manager').

    Agency

    An Agency means:

    • a Department of State or of the Parliament of
    • a body established or constituted for a public purpose under the laws of
    • a body established by the Governor General, the Governor, or a Minister of State of
    • an incorporated company, the controlling interest in which is held by,

    the Commonwealth of Australia, or an Australian State or Territory.

    Approved Documents

    The documents that describe the operations of an Organisation that have been approved by the Gatekeeper Competent Authority in the course of it granting Gatekeeper Accreditation to that Organisation (and changes to those documents as subsequently approved by the Gatekeeper Competent Authority).

    AUSkey

    See 'AUSkey Certificate'.

    AUSkey Certificate

    A Digital Certificate issued by the ABR Certification Authority. Known colloquially as 'AUSkey'.

    AUSkey Device Certificate

    An AUSkey Certificate that identifies a Device in its Subject Distinguished Name field (that is the certificate is issued in the name of a device).

    AUSkey Holder

    The Certificate Holder of an AUSkey Certificate. For an AUSkey Standard Certificate, the Certificate Holder is the individual identified in the Subject Distinguished Name field of that Certificate. For an AUSkey Device Certificate, the Certificate Holder is the Device Custodian associated with that Certificate.

    AUSkey PMA

    See 'AUSkey Policy Management Authority'

    AUSkey Policy Management Authority

    This is the governing body of the AUSkey system. It sets the strategic direction for the AUSkey system and approves all changes of policy.

    AUSkey Standard Certificate

    An AUSkey Certificate that identifies an individual in its Subject Distinguished Name field.

    AUSkey System

    The Public Key Infrastructure for the creation, management and distribution of AUSkey Certificates. This includes the functions and facilities of the ABR CA, the ABR RA, the ABR RCA and the AUSkey Manager.

    AUSkey Manager

    An online web interface through which AUSkey Certificates and associated Keys are requested and managed. Administrator level privileges allow the Certificate Holder to authorise applications for AUSkey Certificates and to appoint Certificate Holders as Device Custodians (as described in the Certificate Policies for AUSkey Standard Certificates and AUSkey Device Certificates).

    Australian Business Number (ABN)

    An Australian Business Number issued in accordance with the A New Tax System (Australian Business Number) Act 1999.

    Australian Business Register (ABR)

    The database register, established under the A New Tax System (Australian Business Number) Act 1999, of information provided by Business Entities for their ABN registration. The ABR is maintained by the ABR Registrar.

    Authentication

    The process of testing or verifying an assertion (usually as to identity), in order to establish a level of confidence in the assertion's reliability.

    Authentication Key

    The Private Key in a Key Pair associated with a Digital Certificate when used for the purposes of Digital Signature.

    Business Associate

    An individual who can exercise the powers of the relevant Business Entity to (and to authorise others to) carry out electronic transactions with Agencies, including providing that Business Entity's information to, and receiving that Business Entity's information from, those Agencies. The Business Associate approves a Certificate for the first AUSkey Holder in the Business. They may have an AUSkey Certificate issued in their own name, which may or may not have administrator privileges attached.

    Business Entity

    An entity that has, or is entitled to have, an ABN.

    CA

    See 'Certification Authority'.

    Certificate

    See 'Digital Certificate'.

    Certificate Directory

    The published directory which lists Digital Certificates issued by a given Certification Authority that are currently in force.

    Certificate Holder

    The individual who manages the use of a Digital Certificate on behalf of the Business Entity identified in that certificate.

    Certificate Information

    Information needed to generate a Digital Certificate as required by its Certificate Profile.

    Certificate Policy

    A set of rules applying to, and providing policy and operational guidance on the deployment of, a particular type of Digital Certificate issued by a Certification Authority.

    Certificate Profile

    The specification (in the Certificate Policy for a Digital Certificate) of the fields to be included in that Digital Certificate and the contents of each field.

    Certificate Revocation List

    The published directory that lists Digital Certificates issued by a given Certification Authority that have been revoked. The CRL may form part of the Certificate Directory or may be published separately.

    Certification Authority

    An Organisation that issues, and digitally signs, X.509 v3 Digital Certificates (which may or may not include Key Generation) using its Private Key.

    Certification Practice Statement

    A statement of the practices that a Certification Authority employs in issuing, managing, revoking, and renewing (and that a Registration Authority employs in conducting registration activities for) particular classes of Digital Certificates.

    Commonwealth

    The Commonwealth of Australia.

    Compromise

    A violation (or suspected violation) of a system (includes a CA's or Certificate Holder's Private Keys) such that unauthorised disclosure of sensitive information may have occurred.

    CP

    See 'Certificate Policy'.

    CPS

    See 'Certification Practice Statement'.

    CRL

    See 'Certificate Revocation List'.

    Custodian

    See 'Device Custodian'.

    Device

    Computer hardware onto which a Device Certificate may be installed.

    Device Certificate

    A Digital Certificate that identifies a Device in its Subject Distinguished Name field.

    Device Custodian

    The individual responsible for managing the use of a given AUSkey Device Certificate on behalf of the Business Entity identified in that certificate. To be a Device Custodian the individual must be the Certificate Holder of an AUSkey Standard Certificate.

    Digital Certificate

    An electronic document, based on public key cryptographic technology, which:

    • identifies a Business Entity, and either an individual that represents that Business Entity or a Device owned, operated or controlled by the Business Entity
    • binds that individual or Device to a Key Pair by specifying the Public Key of that Key Pair
    • contains the other information required by the relevant Certificate Profile
    • is signed by the relevant Certification Authority.

    Digital Signature

    In relation to a Digital Certificate with a Key Usage extension including Digital Signature, the use of that Digital Certificate as (or as part of) an electronic signature.

    Distinguished Name

    A unique identifier having the structure required by the relevant Certificate Profile.

    DN

    See 'Distinguished Name'.

    DSOT

    Daily System Operability Tasks

    EOI

    See 'Evidence of Identity'.

    Evidence of Identity

    Evidence (for example, in the form of documents) provided to substantiate the identity of the presenting party.

    Gatekeeper

    The Commonwealth Government strategy to develop Public Key Infrastructure to facilitate Government online service delivery and e-procurement.

    Gatekeeper Accreditation / Gatekeeper Accredited

    Formal recognition of an Organisation that is granted by the Gatekeeper Competent Authority which signifies that the Organisation is competent to carry out the operations described in the Approved Documents.

    Gatekeeper Competent Authority

    The entity which approves an Organisation's application for Gatekeeper Accreditation (including the Approved Documents and any changes to them) as meeting the criteria for Gatekeeper Accreditation or Recognition. The Competent Authority for the Gatekeeper PKI is the Australian Government Chief Information Officer, AGIMO, Finance.

    Hardware Security Module

    A piece of hardware and associated software/firmware that usually attaches to the inside of a PC or server and provides cryptographic functions, for example, encryption, decryption, key generation, and hashing. The physical device offers some level of physical tamper-resistance and has a user interface and a programmable interface.

    HSM

    See 'Hardware Security Module'.

    HTTP

    See 'Hypertext Transfer Protocol'.

    Hypertext Transfer Protocol

    An application-level protocol for distributed, collaborative, hypermedia information systems. Its use for retrieving inter-linked resources led to the establishment of the World Wide Web.

    Issuer

    The CA that digitally signs a Digital Certificate (which may or may not include Key generation) using its Private Key.

    Key

    A string of characters used with a cryptographic algorithm to encrypt and decrypt.

    Key Pair

    A pair of asymmetric cryptographic Keys (for example, one decrypts messages which have been encrypted using the other) consisting of a Public Key and a Private Key.

    Key Usage

    The Key Usage extension defines the purpose (for example, encryption, signature etc) of the Key contained in the Digital Certificate.

    LDAP

    Lightweight Directory of Accessory Protocol

    Object Identifier (OID)

    A string of decimal numbers that uniquely identifies an object. These objects are typically an object class or an attribute. It serves to name almost every object type in X.509 Certificates, such as components of Distinguished Names and Certificate Policies.

    OID

    See 'Object Identifier'.

    Organisation

    Relates to an entity that has authorised one or more of its employees to hold and use Keys and Digital Certificates on its behalf. An Organisation may or may not be a Business Entity.

    Personal Information

    Information or an opinion (including information or an opinion forming part of a database), whether true or not, and whether recorded in a material form or not, about a natural person whose identity is apparent, or can reasonably be ascertained, from the information or opinion.

    PKCS

    See 'Public Key Cryptography Standards'.

    PKI

    See 'Public Key Infrastructure'.

    Private Key

    The Private Key in an asymmetric Key Pair that must be kept secret.

    Public Key

    The Key in an asymmetric Key Pair which may be made public.

    Public Key Cryptography Standards

    A set of standards for managing Digital Certificates, Keys and associated data.

    Public Key Infrastructure

    The combination of hardware, software, people, policies and procedures needed to create, manage, store and distribute Keys and Digital Certificates based on public Key cryptography.

    RA

    See 'Registration Authority'.

    RAID

    Redundant Array of Independent Disks

    RCA

    See 'Root Certification Authority'.

    Registration

    The process for collecting and processing applications for Digital Certificates.

    Registration Authority

    An Organisation that processes requests for the registration and revocation of X.509 v3 Digital Certificates. The Registration Authority digitally signs relevant requests, using its Private Key, and forwards them to the Certification Authority. The Registration Authority may also be responsible for the secure distribution of Digital Certificates to Certificate Holders.

    Relying Party

    An individual or entity to whom a Digital Certificate is presented and who acts in reliance on the Certificate presented.

    Renewal

    In relation to a Digital Certificate - the process whereby a Certificate is re-issued to the Certificate Holder prior to its expiry. AUSkey Certificates are generally renewed automatically, through the generation of a new Key Pair and issuing a new Certificate that certifies the new Public Key.

    Revoke

    In relation to a Digital Certificate - to terminate the Certificate prior to the end of its operational period.

    rfc3647

    Internet Engineering Task Force's Request for Comment 3647 Internet X.509 PKI Certificate Policy and Certification Practices Framework.

    Root Certification Authority (RCA)

    A Certification Authority that is the top most Certification Authority in a trust hierarchy.

    SaaS

    See 'Software as a Service'.

    SAML

    Security Assertion Mark-up Language

    SBR

    Standard Business Reporting (program)

    SBR-enabled business software

    A commercial software package that supports the secure lodgment of forms, using AUSkey Certificates, through the Trust Broker.

    SCEC

    Security Construction Equipment Committee

    Self-Signed Certificate

    A Digital Certificate where the Subject Distinguished Name identifies the Issuer of that Certificate.

    Software as a Service

    A software distribution model in which applications are hosted by a vendor or service provider and made available to customers over a network, typically the Internet.

    Subject Distinguished Name

    A field in a Digital Certificate that uniquely identifies the individual (or, in the case of a Device Certificate, the Device) associated with the Private Key for that certificate.

    Trust Broker

    An Organisation which provides a service that checks the validity status of a Digital Certificate and retrieves identity information relating to that certificate. For AUSkey, the Trust Broker is the Department of Industry.

    USB

    Universal Serial Bus

    User

    The Certificate Holder of an AUSkey Standard Certificate who does not have administrator level privileges in relation to that certificate (see 'AUSkey Manager').

    X.509 and X.509 v3

    The international standards for the framework for Public Key Certificates. It is part of wider group protocols from the International Telecommunication Union-T X500 Directory Services Standards.

    • Last modified: 08 Dec 2015QC 263