- One-Time Passwords (OTPs) A temporary password that is only valid for a single use. It is often used as an additional layer of security in authentication processes. Examples include a one-time password sent to a user's email or mobile phone or a token generated by a hardware device.
- One-Way Function In cryptography, a one-way function is a function that is easy to compute in the forward direction but significantly harder to reverse or invert the computation. It is fundamental in various cryptographic operations such as hashing, where the one-way property ensures that even if the output is known, it remains infeasible to recover the original input. The one-way function underpins the concept of cryptographic hashes used to secure passwords and other sensitive data.
- One-way hash A type of cryptographic hash function that takes an input and produces a fixed-size output, called a hash value or digest. It is designed to be one-way, meaning that it is computationally infeasible to determine the original input from the hash value. Examples include the SHA-256 and MD5 algorithms.
- ONF (Organizational Normative Framework) A structured set of guidelines and procedures that defines how an organization should operate and make decisions. In a data security context, this can involve rules about how data should be handled, stored, or transmitted, as well as policies for identifying and mitigating potential threats and vulnerabilities. The framework also outlines roles and responsibilities within the organization to ensure that every individual understands their duties in maintaining security and privacy.
- Online Certificate Status Protocol (OCSP)A protocol used to check the revocation status of digital certificates. It allows a relying party, such as a web server, to verify the status of a certificate in real-time without relying on a local cache of revocation information. Examples of OCSP responders include certificate authorities and OCSP servers.
- On-Premises (On-Prem) The deployment and hosting of solutions directly within an organization's physical infrastructure. Unlike cloud services, which are hosted by a third party and accessed over the Internet, on-prem solutions are managed in-house. This typically provides the organization greater control over its data and systems but also requires the organization to handle its own maintenance, upgrades, and security.
- Open Authorization (OAuth) An open-standard protocol for granting access to resources without sharing the user's credentials. It is used to securely authenticate and authorize users to access online services and applications. Examples of where it is used include in the login process for social media platforms and in the access to third-party applications through a user's Google or Facebook account.
- OpenID Connect (OIDC) An authentication layer on top of the OAuth 2.0 protocol that allows clients to verify the identity of an end-user based on the authentication performed by an authorization server, as well as to obtain basic profile information about the user in an interoperable and REST-like manner. OpenID Connect allows clients of all types, including web-based, mobile, and JavaScript clients, to request and receive information about authenticated sessions and end-users. It is widely used as a way for users to sign into third-party websites without having to create new passwords, instead using their existing identities from providers like Google, Facebook, or Microsoft. OIDC is designed to be extensible, allowing participants to use it in conjunction with other existing or future authentication and authorization mechanisms.
- Open Shortest Path First (OSPF)A routing protocol used in internet protocol networks to find the shortest path between devices. It is used in large enterprise networks to improve routing efficiency and fault tolerance. Examples include Cisco routers, Juniper routers, and Microsoft Azure virtual networks.
- Open-source intelligence (OSINT) The practice of gathering, analyzing, and disseminating information from publicly available sources. It is used by law enforcement, intelligence agencies, and businesses to gather information about potential threats or targets. Examples include social media monitoring, web scraping, and public records research.
Share our FREE glossary with your friends and study buddies.
Disclaimer: The glossary is for informational purposes only, we are not liable for any errors or omissions, if you find errors please contact us.