Key Terms and Definitions

The Pomerium Glossary

From Access Control to Zero Trust, refer to this glossary for network and information security terms.

2FA Authenticator
A 2FA (Two-Factor Authentication) authenticator is a software-based security tool that generates one-time codes for use in two-factor authentication processes. 2FA authenticators are typically used in conjunction with passwords to provide an additional layer of security and protection against unauthorized access to online accounts and systems. 2FA authenticators work by generating unique codes tha
Access Control
Access control in cybersecurity refers to the methods and technologies used to regulate who or what is allowed to access sensitive information and resources in a computer system or network. The goal of access control in cybersecurity is to ensure that sensitive information and resources are protected against unauthorized access, misuse, or modification. Access control in cybersecurity can be imple
Access Token
An access token is a string of characters that represents authorization to access a particular resource, such as an API or a specific piece of content in a system. Access tokens are generated by an authentication server and are then passed to the client application, which uses them to access the authorized resources. Access tokens are typically short-lived, and may need to be refreshed after a cer
Attack Surface
The attack surface of a system refers to the total number of potential entry points that an attacker could use to gain unauthorized access to the system or the data it contains. The attack surface can include anything from well-known vulnerabilities in software to physical access to the system or its components. The larger the attack surface, the more potential entry points there are for an attack
Attribute-Based Access Control (ABAC)
ABAC (Attribute-Based Access Control) is a type of access control that defines access policies based on attributes (such as user role, location, time, and device) rather than roles or permissions. In ABAC, access decisions are made based on the evaluation of multiple attributes, rather than relying on a single factor (such as a user's role). The main advantage of ABAC is its flexibility. Because A
Authentication refers to the process of verifying the identity of a user, device, or system before allowing access to sensitive information or systems. This process typically involves a combination of one or more factors, such as something the user knows (e.g., a password or PIN), something the user has (e.g., a smart card or security token), or something the user is (e.g., a biometric factor such
Authorization refers to the process of determining what actions an authenticated user, device, or system is allowed to perform on a particular resource (e.g. files, data, systems). This process helps to ensure that users are only able to access the resources that they need to perform their work, and that sensitive information and systems are protected from unauthorized access and modification. Aut
Back-channel logout
Back-channel logout is a security mechanism used in Single Sign-On (SSO) and Identity and Access Management (IAM) systems to ensure that when a user logs out of one application or service, they are also automatically logged out of all related applications and services without relying on the user's browser for communication. It is related to front-channel logout . Here's how back-channel logout wor

Your Security

Embrace Seamless Resource Access, Robust Zero Trust Integration, and Streamlined Compliance with Our App.

Pomerium logo
© 2024 Pomerium. All rights reserved