3 Terms, definitions, and abbreviations
3.1 Terms and definitions
For the purposes of this document, the terms and definitions given in Part 1 as well as the following apply.
3.1.1 Application Instance
individual installation of a program running on one computer.
Note 1 to entry: There can be several Application Instances of the same application running at the same time on several computers or possibly the same computer.
3.1.2 Application Instance Certificate
Digital Certificate of an individual Application Instance that has been installed in an individual host.
Note 1 to entry: Different installations of one software product would have different Application Instance Certificates.
3.1.3 Asymmetric Cryptography
Cryptography method that uses a pair of keys, one that is designated the Private Key and kept secret, the other called the Public Key that is generally made available.
Note 1 to entry: ‘Asymmetric Cryptography, also known as "public-key cryptography". In an Asymmetric Encryption algorithm when an entity “A” requires Confidentiality for data sent to entity “B”, then entity “A” encrypts the data with a Public Key provided by entity “B”. Only entity “B” has the matching Private Key that is needed to decrypt the data. In an asymmetric Digital Signature algorithm when an entity “A” requires message Integrity or to provide Authentication for data sent to entity “B”, entity A uses its Private Key to sign the data. To verify the signature, entity B uses the matching Public Key that entity A has provided. In an asymmetric key agreement algorithm, entity A and entity B each send their own Public Key to the other entity. Then each uses their own Private Key and the other's Public Key to compute the new key value.’ according to IS Glossary.
3.1.4 Asymmetric Encryption
the mechanism used by Asymmetric Cryptography for encrypting data with the Public Key of an entity and for decrypting data with the associated Private Key
3.1.5 Asymmetric Signature
the mechanism used by Asymmetric Cryptography for signing data with the Private Key of an entity and for verifying the data’s signature with the associated Public Key
3.1.6 Auditability
security objective that assures that any actions or activities in a system can be recorded
3.1.7 Auditing
the tracking of actions and activities in the system, including security related activities where Audit records can be used to review and verify system operations
3.1.8 Authentication
security objective that assures that the identity of an entity such as a Client, Server, or user can be verified
3.1.9 Authorization
the ability to grant access to a system resource
3.1.10 Availability
security objective that assures that the system is running normally. That is, no services have been compromised in such a way to become unavailable or severely degraded
3.1.11 Certificate Authority
entity that can issue Digital Certificates, also known as a CA
Note 1 to entry: The Digital Certificate certifies the ownership of a Public Key by the named subject of the Certificate. This allows others (relying parties) to rely upon signatures or assertions made by the Private Key that corresponds to the Public Key that is certified. In this model of trust relationships, a CA is a trusted third party that is trusted by both the subject (owner) of the Certificate and the party relying upon the Certificate. CA s are characteristic of many Public Key infrastructure (PKI) schemes
3.1.12 CertificateStore
persistent location where Certificates and Certificate revocation lists (CRLs) are stored
Note 1 to entry: It may be a disk resident file structure or on Windows platforms it may be a Windows registry location.
3.1.13 Confidentiality
security objective that assures the protection of data from being read by unintended parties
3.1.14 Cryptography
transforming clear, meaningful information into an enciphered, unintelligible form using an algorithm and a key
3.1.15 Cyber Security Management System CSMS
program designed by an organization to maintain the security of the entire organization’s assets to an established level of Confidentiality, Integrity, and Availability, whether they are on the business side or the industrial automation and control systems side of the organization
3.1.16 Digital Certificate
structure that associates an identity with an entity such as a user, a product or an Application Instance where the Certificate has an associated asymmetric key pair which can be used to authenticate that the entity does, indeed, possess the Private Key
3.1.17 Digital Signature
value computed with a cryptographic algorithm and appended to data in such a way that any recipient of the data can use the signature to verify the data’s origin and Integrity
3.1.18 Hash Function
algorithm such as SHA-1 for which it is computationally infeasible to find either a data object that maps to a given hash result (the "one-way" property) or two data objects that map to the same hash result (the "collision-free" property) , see IS Glossary
3.1.19 Hashed Message Authentication Code HMAC
MAC that has been generated using an iterative Hash Function
3.1.20 Integrity
security objective that assures that information has not been modified or destroyed in an unauthorized manner, see IS Glossary
3.1.21 Key Exchange Algorithm
protocol used for establishing a secure communication path between two entities in an unsecured environment whereby both entities apply a specific algorithm to securely exchange secret keys that are used for securing the communication between them
Note 1 to entry: A typical example of a Key Exchange Algorithm is the SSL Handshake Protocol specified in SSL/TLS.
3.1.22 Message Authentication Code MAC
short piece of data that results from an algorithm that uses a secret key (see Symmetric Cryptography) to hash a Message whereby the receiver of the Message can check against alteration of the Message by computing a MAC that should be identical using the same Message and secret key
3.1.23 Message Signature
Digital Signature used to ensure the Integrity of Messages that are sent between two entities
Note 1 to entry: There are several ways to generate and verify Message Signatures however they can be categorized as symmetric (See Clause 3.1.34) and asymmetric (See Clause 3.1.5) approaches.
3.1.24 Non-Repudiation
strong and substantial evidence of the identity of the signer of a Message and of Message Integrity, sufficient to prevent a party from successfully denying the original submission or delivery of the Message and the Integrity of its contents
3.1.25 Nonce
random number that is used once typically by algorithms that generate security keys
3.1.26 OPC UA Application
OPC UA Client, which calls OPC UA services, or an OPC UA Server, which performs those services
3.1.27 Private Key
the secret component of a pair of cryptographic keys used for Asymmetric Cryptography
note: Public Key and Private Key are always generated as a pair, if either is updated the other must also be updated
3.1.28 Public Key
the publicly-disclosed component of a pair of cryptographic keys used for Asymmetric Cryptography, see IS Glossary
note: Public Key and Private Key are always generated as a pair, if either is updated the other must also be updated
3.1.29
Public Key Infrastructure PKI the set of hardware, software, people, policies, and procedures needed to create, manage, store, distribute, and revoke Digital Certificates based on Asymmetric Cryptography
Note 1 to entry: The core PKI functions are to register users and issue their public-key Certificates, to revoke Certificates when required, and to archive data needed to validate Certificates at a much later time. Key pairs for data Confidentiality may be generated by a Certificate authority (CA); it is a good idea to require a Private Key owner to generate their own key pair as it improves security because the Private Key would never be transmitted according to IS Glossary. See PKI and X509 PKI for more details on Public Key Infrastructures.
3.1.30 Rivest-Shamir-Adleman RSA
algorithm for Asymmetric Cryptography, invented in 1977 by Ron Rivest, Adi Shamir, and Leonard Adleman, see IS Glossary
3.1.31 Secure Channel
in OPC UA, a communication path established between an OPC UA Client and Server that have authenticated each other using certain OPC UA services and for which security parameters have been negotiated and applied
3.1.32 Symmetric Cryptography
branch of cryptography involving algorithms that use the same key for two different steps of the algorithm (such as encryption and decryption, or Signature creation and signature verification), see IS Glossary
3.1.33 Symmetric Encryption
the mechanism used by Symmetric Cryptography for encrypting and decrypting data with a cryptographic key shared by two entities
3.1.34 Symmetric Signature
the mechanism used by Symmetric Cryptography for signing data with a cryptographic key shared by two entities
Note 1 to entry: The signature is then validated by generating the signature for the data again and comparing these two signatures. If they are the same then the signature is valid, otherwise either the key or the data is different from the two entities.
3.1.35 TrustList
list of Certificates that an application has been configured to trust
3.1.36 Transport Layer Security TLS
standard protocol for creating Secure Channels over IP based networks
3.1.37 X.509 Certificate
Digital Certificate in one of the formats defined by X.509 v1, 2, or 3
Note 1 to entry: An X.509 Certificate contains a sequence of data items and has a Digital Signature computed on that sequence.
3.2 Abbreviations
AES Advanced Encryption Standard CA Certificate Authority CRL Certificate Revocation List CSMS Cyber Security Management System DNS Domain Name System DSA Digital Signature Algorithm ECDH Elliptic Curve Diffie-Hellman ECDSA Elliptic Curve Digital Signature Algorithm HMAC Hash-based Message Authentication Code NIST National Institute of Standard and Technology PKI Public Key Infrastructure RSA public key algorithm for signing or encryption, Rivest, Shamir, Adleman SHA Secure Hash Algorithm (Multiple versions exist SHA1, SHA256,...) SOAP Simple Object Access Protocol SSL Secure Sockets Layer TLS Transport Layer Security UA Unified Architecture URI Uniform Resource Identifier XML Extensible Mark-up Language
3.3 Conventions for security model figures
The figures in this document do not use any special conventions. Any conventions used in a particular figure are explained for that figure.