| Ability PKI | Ability PKI is a service that manages digital certificate life-cycle including (issuing, renewing and revoking certificates) for ABB devices. Ability Platform can only accept connections established from devices that have a valid X.509 certificate issued by the Ability PKI. Ability PKI consists of an ABB owned private Root CA. |
| BL | Business Line |
| CN | The Common Name (CN) is the value specified in the subject field of the X.509 certificate. The certificates issued for devices connected to the platform have this value set to their Object ID. Object ID is an identifier that uniquely represents each Object Model in the platform. |
| CSR | Certificate signing request. A request containing the public key and identifying information (subject name) which is sent to the certificate authority (CA) to issue the certificate |
| CRL | Certificate Revocation List. The CRL is a digitally signed data file containing details of each digital certificate that has been revoked. |
| CA | Certificate Authority. Ability PKI service is the Certificate Authority for solutions built using Ability Platform. |
| DPCM | Device Provisioning Certificate Management. It is an Ability Edge Security component, it is also responsible for enrollment of devices with Ability PKI. |
| DPS | Device Provisioning Service (Azure IoT cloud service) |
| Enrollment Code/Enrollment Password | An access code which acts as a password for a secured transaction between a client and the Ability PKI |
| GIG | Ability Platform Global ID generator is an HTTP service used to generate and record product IDs, ensuring they are unique |
| GUID/UUID | GUID (or UUID) is an acronym for 'Globally Unique Identifier' (or 'Universally Unique Identifier'). It is a 128-bit integer number used to identify resources. The term GUID is generally used by developers working with Microsoft technologies, while UUID is used everywhere else. |
| HBRoT | Hardware Based Root of Trust is a source that can always be trusted within a cryptographic system |
| OTP | A one-time password (OTP), is a password that is valid for only one login session or a single transaction, on a computer system or other digital device. In Ability, we use the term "Enrollment Code" in place of OTP to avoid any mis-understanding of the purpose. |
| PKI | Public Key Infrastructure |
| Private Key | The key that a user keeps secret in asymmetric encryption. It can encrypt or decrypt data for a single transaction but cannot do both. |
| Public Key | The key that a user allows the world to know in asymmetric encryption. It can encrypt or decrypt data for a single transaction but cannot do both. |
| Root Certificate | A self signed certificate issued from a root level Certificate Authority (CA). |
| RA | Registration Authority |
| SCEP | Simple Certificate Enrollment Protocol - protocol used by Ability PKI for certificate operations |
| SSL | Secure Sockets Layer (SSL) - a standard security technology for establishing an encrypted link between a server and a client. Nowadays, it is replaced by TLS |
| TLS | Transport Layer Security - web based encryption protocol |
| UID | An unique identifier (UID) is any identifier which is guaranteed to be unique among all identifiers used within a system for a specific purpose. In the context of the Ability Platform, this may refer to DeviceId/ObjectId which can be generated using the GIG service or any UUID generator. |
