| Term/Abbreviation |
Definition |
| AAA |
Authentication, Authorisation and Accounting, a term used for describing a technical and legal environment for intelligently controlling access to computer resources, enforcing policies, auditing usage, and providing the information necessary to bill for services. |
| AAF Operator |
The entity contracted by AAF Inc to administer the day to day operations of the AAF in accordance with the AAF Operator Procedures. |
| Accounting |
The tracking of the consumption of resources by users. This information may be used for management, planning, billing, or other purposes. Real-time accounting refers to accounting information that is delivered concurrently with the consumption of the resources. Batch accounting refers to accounting information that is saved until it is delivered at a later time. Typical information that is gathered in accounting may include identity of the End User, the nature of the service delivered, when the service began, and when it ended. |
| Affiliate |
An organisation or institution which is registered by the Federation as an Affiliate. |
| Attribute |
Metadata describing either the End User or services provided under the AAF framework. Attributes are used by Service Providers for service provision, including Authentication, Authorisation and Accounting operations. Service Attributes can also be used by End User systems to assist in selecting appropriate Services. |
| Attribute Release |
The release of Attributes for transfer from an Identity Provider to a Service Provider |
| Australian Access Federation Incorporated |
The legal entity that governs the Federation, enters into agreements with AAF Participants, appoints the AAF Operator and determines subscription fees. |
| Authentication |
The process of establishing the digital identity of one entity to another entity. Commonly one entity is a client (an End User, a client computer, etc.) and the other entity is a server (computer). Authentication is accomplished via the presentation of an identity and its corresponding credentials. |
| Authentication Service |
Any activity where an Identity Provider performs the role of End User Authentication and, where relevant, releases the Attributes for its End Users. |
| Authorisation |
The granting of specific types of privileges (including “no privilege”) to an entity or an End User, based on their authentication, what privileges they are requesting, the current system state and authorisation rights previously granted by Service Provider the to the End User. Authorisation may be based on restrictions, for example time-of-day restrictions, or physical location restrictions, or restrictions against multiple logins by the same user. |
| Authorisation Service |
Any activity where a Service Provider grants access to End Users to services or resources made available by that Service Provider. |
| Constitution |
The document which describes the aims and objectives of the Federation, the requirements for governance of the Federation and the articles of association. |
| Core Attributes |
A set of Attributes selected by the Federation that all Identity Providers are required to support. |
| Data |
Digital objects including Attributes, Metadata and Logging information. |
| End User |
Any natural person who is a user of resources or services made available under the Australian Access Federation. An End User must have an association with an Identity Provider registered by the Federation, such that the Identity Provider is authorised by the End User to hold and pass attributes to a Service Provider in order that the End User may gain access to services. |
| Executive Committee |
The governance committee of AAF Inc made up of representatives of relevant stakeholders, in accordance with the AAF Constitution. |
| Federation |
The Australian Access Federation, or AAF. |
| Good Practice |
Good practice as generally accepted within the IT industry and determined by the Executive Committee from time to time in the context of the AAF’s required standard covering practices for identity management, authentication and authorisation of users of on-line resources and services. |
| Identity Provider |
Any organisation or institution which has been registered by the Federation and has a legal relationship with an End User to provide an authentication service for that End User. |
| Member |
A research or education organisation or institution which is registered by the Federation as a Member. |
| Metadata |
Structured facts that describe information, or information services as defined by the Federation from time to time. |
| Participant |
Any Member or Affiliate which has been registered by the Federation. |
| Rules |
The document updated from time to time which defines the Rules for AAF Participants. |
| Service Provider |
Any organisation or institution that is registered by the Federation and provides access to End Users to services and resources based on a set of Attributes that satisfy their particular authorisation requirements. |
| System |
Hardware, software and any other IT asset which when combined are used to process Data. |
| Working Day |
Any day of the week, other than Saturday, Sunday, Christmas Day, Boxing Day, New Year’s Day, Good Friday, and any Public Holiday given in lieu when any of the above days or other designated Public Holidays fall on a weekend. |
| 
