| ACL |
Access Control List (ACL) is a security mechanism used in computer systems to define permissions and restrictions on who can access specific resources or perform certain actions. It is a list of rules that specifies which users or groups are allowed or denied access to a resource, like a LogisticsObject. |
| Authentication |
A process that validates the identity of a IoL participant |
| Authorization |
A process that determines whether a IoL participant is allowed to access a specific Logistics Object |
| Cargo Operations & Technology Board (COTB) |
Cargo Operations & Technology Board (COTB) reports to the Cargo Services Conference (CSC) at the International Air Transport Association. The COTB has authority over the ONE Record specifications. COTB decisions are formally endorsed by the CSC. |
| Hashed Message Authentication Code (HMAC) |
An authentication method to verify data integrity and authenticity of a message. |
| Identity & Authentication Provider (IAP) |
A service that allows ONE Record netwokr participants register and obtain an Public Key encrypted token identify themselves with ONE Record Servers and get access to Logistics Objects |
| JavaScript Object Notation for Linked Data (JSON-LD) |
JSON-LD is a lightweight Linked Data format. It is easy for humans to read and write. It is based on the already successful JSON format and provides a way to help JSON data interoperate at Web-scale. JSON-LD is an ideal data format for programming environments, REST Web services, and unstructured databases such as CouchDB and MongoDB. |
| JSON Web Key (JWK) |
A JSON object that represents a set of public cryptographic keys. The properties of the object represent properties of the key, including its value. A JWK is used to verify JSON Web Tokens (JWT) issued by the Authorization Server. |
| JSON Web Key Set (JWKS) |
A JSON object that contains a set of JWKs. The JSON object MUST have a keys property, which is an array of JWKs. |
| JSON Web Token (JWT) |
JSON specification for a token format that includes a user defined payload and the option for encryption. |
| Linked Data |
Linked Data empowers people that publish and use information on the Web. It is a way to create a network of standards-based, machine-readable data across Web sites. It allows an application to start at one piece of Linked Data and follow embedded links to other pieces of Linked Data that are hosted on different sites across the Web. |
| Logistics Object |
A data object that represents a meaningful entity in the logistics business. These may represent documents like air waybills but may also be more granular such as company details or a transport segment description. Logistics Objects are specified in a common data model by IATA and transport and logistics partners. |
| Open Authorization (OAuth) |
OAuth (Open Authorization) is an authorization framework that enables a user to grant a third-party application access to their resources on another API or service without giving them their credentials (delegation of access in a network of secure systems). It uses tokens to ensure secure and limited access to user data while protecting their privacy. see https://oauth.net/2/ |
| OpenID Connect (OIDC) |
OpenID Connect (OIDC) is a widely used authentication protocol that adds an identity layer on top of OAuth 2.0, allowing applications to verify the identities of users and obtain their basic profile information with user consent, enhancing security and user experience in modern web applications. |
| ONE Record Client |
A software program that sends ONE Record API requests to a ONE Record server. |
| ONE Record Server |
A software program that responses to ONE Record API requests from a ONE Record client on behalf of one or more participants in the network |
| ONE Record Notifications API |
A dedicated ONE Record API endpoint for receiving notifications about updates related to logistics objects. |
| Participant |
Server that access or shares data and that has registered with an Accredited Identity Provider and has possession of a valid certificate to prove this |
| Publisher |
The Party that makes their Logistics Objects available through a ONE Record Server |
| Subscriber |
The Party that subscribes to Logistics Objects in order to receive updates automatically |
| Uniform Resource Identifier (URI) |
A Uniform Resource Identifier (URI) is a URL that uniquely identifies a Logistics Object |
| WAC |
Web Access Control |