Glossary
Availability
State of information (or resources of an information system) whereby persons with the appropriate access rights have unobstructed access to the specific information or resource.
Certificate
Data structure with a digital signature containing a public encryption key and the ID of the client or server.
Certificate chain
Combination of any number of intermediate certificates between the end-entity certificate and the root certificate.
Client
Participant of client-server interaction that sends requests to the server and receives responses to those requests.
Confidentiality
Property of information meaning that it cannot be accessed by unauthorized users and/or processes.
Cyberimmune information system
A system that guarantees the fulfillment of specific security objectives in all possible scenarios of system usage as stipulated by the developers.
Data node
Structural element of an OPC UA information model containing data and metadata.
Data source
Standalone data source for exchanging messages between devices on the internet of things. For example, a data source could be an OPC UA server at the management controller of an industrial machine.
Digital signature
A value calculated with an encryption algorithm and added to data in such a way that any data recipient can use the signature to verify the origin and integrity of the data.
Encryption
Conversion of data from readable format to encoded format. Encrypted data can be read or processed only after decryption.
Encryption key
Component of a pair of encryption keys used for asymmetric encryption. Keys can be public or private.
End-entity certificate
Certificate containing a public encryption key that can be used to verify or validate an end-entity, such as an MQTT client.
Integrity
State of information (or resources of an information system) whereby changes can be made only by persons who have the permissions to make such a change.
Internet of things (IoT)
A network of interrelated electronic devices ("things") that are equipped with built-in capabilities for interaction with the external environment or with each other without human involvement.
Internet of things (IoT) Secure Gateway
A system that ensures secure transmission of user traffic between sensors and an IoT platform.
Kaspersky IoT Secure Gateway 100
A software/hardware system based on the Siemens SIMATIC IOT2040 device for the industrial internet of things that has the KasperskyOS operating system and application software installed. Kaspersky IoT Secure Gateway 100 is designed to work as a secure gateway for the industrial internet of things.
KasperskyOS
A microkernel operating system for building secure solutions.
Message Queuing Telemetry Transport (MQTT)
A network protocol that works on top of the TCP/IP protocol stack to exchange messages between devices on the internet of things.
MQTT broker
A server that receives, filters, and forwards messages over the MQTT protocol.
MQTT topic
A hierarchical path to the data source used for sending messages over the MQTT protocol.
OPC UA client security settings
All security-related settings of Kaspersky IoT Secure Gateway 100. You can make changes to these settings by editing the configuration files on the microSD card.
OPC UA security policies
Set of mechanisms and characteristics, including signature and encryption algorithms and encryption key algorithm that can ensure the security of the connection between the OPC UA server and client.
Open Platform Communications Unified Architecture (OPC UA)
Specification defining the protocols and mechanism for data transfer in industrial networks as well as interaction between devices in these networks.
Root certificate
Certificate of the root Certification Authority.
Root Certification Authority
Top Certification Authority that is not subordinate to any higher Certification Authority.
Security constraints
Additional restrictions imposed on the system operating conditions that either simplify or complicate the fulfillment of security objectives.
Security mode
Mode in which the client and server agree on whether or not to use encryption and a digital signature for data transmission.
Security objectives
Requirements imposed on a cyberimmune information system that must be fulfilled to ensure that the system operates securely in any possible usage scenario with consideration of the necessary security constraints.
Server
Participant of client-server interaction that processes requests from the client.
TLS
Secure protocol that uses encryption to transfer data in local networks and on the internet. TLS is used in web applications to create secure connections between a client and a server.
