API安全中英文术语对应
2024-08-05
API安全常用术语中英文对应:
英文 | 中文 | 简称 |
---|---|---|
access control decision function | 访问控制判决功能 | ADF |
access control decision information | 访问控制判决信息 | ADI |
access control enforcement function | 访问控制实施功能 | AEF |
access control entries | 访问控制入口 | ACE |
access control information | 访问控制信息 | |
access control list | 访问控制列表 | ACL |
account security | 账户安全 | |
advance persistent threat | 高级持续性威胁 | APT |
agile development | 敏捷开发 | |
anti-phishing project | 反钓鱼项目 | |
api security | 接口安全 | |
application programming interface | 应用编程接口 | API |
artificial intelligent | 人工智能 | AI |
assets management | 资产管理 | |
asynchronous transfer mode | 异步传输模式 | |
attribute-based access control | 基于属性的访问控制模型 | ABAC |
authentication authorization accounting | 认证、授权、计帐 | 3A |
authentication authorization accounting audit | 统一安全管理平台解决方案 | 4A |
back-end system | 后端系统 | |
border gateway protocol | 边界网关协议 | BGP |
bring your own device | 携带自己的办公设备 | BYOD |
business assessment | 业务评估 | BA |
business continuity institute | 业务持续性协会 | BCI |
business continuity management | 业务连续性管理 | BCM |
business continuity planning | 业务连续性计划 | BCP |
business email compromise | 商业邮件失陷 | |
business impact assessment | 业务影响评估 | BIA |
business security | 业务安全 | |
captcha security | 验证码安全 | |
capture the flag | 夺旗赛 | CTF |
certificate | 证书 | CA |
chain of blocks | 区块链 | |
cloud access security broker | 云访问安全代理 | CASB |
cloud security | 云安全 | |
cloud security posture management | 云安全配置管理 | CSPM |
cloud workload protection platforms | 云工作负载保护平台 | CWPP |
code audit | 代码审计 | |
common body of knowledge | 通用知识协议 | CBK |
complex event process | 复杂事件驱动 | CEP |
confidentiality integrity availability | 保密性 完整性 可用性 | CIA |
container security | 容器安全 | |
content disarm and reconstruction | 内容拆解与重建 | |
continuous delivery or development | 持续交付或部署 | CD |
continuous integration | 持续集成 | CI |
cryptography | 密码学 | |
cyber security | 网络空间安全 | |
data encryption standard | 数据加密标准 | DES |
data lifecycle management | 数据生命周期管理 | DLM |
data loss prevention | 数据丢失保护 | DLP |
data mining | 数据挖掘 | |
data security | 数据安全 | |
denial of service | 拒绝服务 | DoS |
deception | 欺骗技术 | |
development security operations | DevSecOps | |
disaster recovery planning | 灾难恢复计划 | DRP |
discretionary access control | 自主访问控制 | DAC |
distributed denial of service | 分布式拒绝服务 | DDoS |
domain name system | 域名服务 | DNS |
elastic and scalable | 弹性可伸缩 | |
elastic computing | 弹性计算 | |
endpoint detection and response | 终端检测与响应 | EDR |
endpoint protection platform | 终端防护平台 | EPP |
endpoint security | 终端安全 | |
enterprise mobility management | 企业移动管理 | EMM |
enterprise resource planning | 企业资源计划 | ERP |
enterprise risk management | 企业风险管理 | ERM |
extraction transformation loading | 提取 转化 加载 | ETL |
file transfer protocol | 文件传输协议 | FTP |
firewall | 防火墙 | |
free computing | 自由计算 | |
front-end system | 前端系统 | |
general data protection regulation | 一般数据保护条例 | GDPR |
governance risk and compliance | 治理风险与合规性 | |
high availability | 高可用性 | HA |
human computer interaction | 人机交互 | HCI |
human machine interface | 人机界面 | HMI |
identify access management | 身份识别与访问控制 | IAM |
incident response | 事件响应 | |
industrial control system | 工业控制系统 | ICS |
information technology infrastructural library | IT基础结构 | ITIL |
infrastructure security | 基础设施安全 | |
internet of things | 物联网 | IOT |
intrusion detection system | 入侵检测系统 | IDS |
intrusion prevention system | 入侵防御系统 | IPS |
load balancing | 负载均衡 | |
log analysis | 日志分析 | |
managed detection and response | 可管理检测与响应 | MDR |
mandatory access control | 强制访问控制 | MAC |
maximum tolerable downtime | 最长停机时间 | MTD |
maximum tolerable period disruption | 最长中断时间 | MTPD |
mean time between failure | 平均故障时间间隔 | MTBF |
mean time to repair | 平均修复时间 | MTTR |
mobile application management | 移动应用管理 | MAM |
mobile content management | 移动内容管理 | MCM |
mobile device management | 移动设备管理 | MDM |
monitoring | 监控 | |
multi factor authentication | 多因素认证 | MFA |
network access control | 网络准入控制 | NAC |
network security | 网络安全 | |
network traffic analysis | 网络流量分析 | NTA |
one-time password | 一次性密码 | OTP |
open source security information management | 开源安全信息管理 | OSSIM |
open web application security project | Web应用程序安全项目 | OWASP |
optical character recognition | 文字识别 | OCR |
penetration testing | 渗透测试 | |
personal identifiable information | 个人身份信息 | PII |
personal identification number | 个人识别号 | PIN |
privileged account management | 特权账户管理 | PAM |
proof of concept | 概念验证 | POC |
proxies | 代理 | |
public key infrastructure | 公钥基础设施 | PKI |
recovery point objective | 恢复点目标 | RPO |
recovery time objective | 恢复时间目标 | RTO |
return on investment | 投资回报率 | ROI |
risk assessment | 风险评估 | |
risk and vulnerability assessment | 风险与漏洞评估 | |
risk management | 风险管理 | |
risk management framework | 风险管理框架 | RMF |
role-based access control | 基于角色的访问控制 | RBAC |
routers | 路由器 | |
runtime application self protection | 程序运行自我保护 | RASP |
search processing language | 搜索处理语言 | SPL |
security domain | 安全域 | |
secure email gateway | 安全邮件网关 | SEG |
security awareness | 态势感知 | SA |
security development lifecycle | 安全开发生命周期 | SDL |
security event management | 安全事件管理 | SEM |
security incident | 安全事故 | |
security information and event management | 安全信息与事件管理 | SIEM |
security information management | 安全信息管理 | SIM |
security isolation | 安全隔离 | |
security operation center | 安全运营中心 | SOC |
security orchestration automation and response | 安全编排和自动化响应 | SOAR |
security response center | 安全响应中心 | SRC |
security testing | 安全测试 | |
service leve agreement | 服务界别协议 | SLA |
service oriented architecture | 面向服务的体系结构 | SOA |
single sign on | 单点登录 | SSO |
software composition analysis | 软件成分分析 | SCA |
software defined network | 软件定义网络 | SDN |
software defined perimeter | 软件定义边界 | SDP |
software defined security | 软件定义安全 | SDS |
switches | 交换机 | |
threat intelligence | 威胁情报 | TI |
total cost of ownship | 总拥有成本 | TCO |
trojan horse | 特洛伊木马 | |
trusted computing base | 可信计算基 | |
trusted third stamp | 可信第三方 | |
two factor authentication | 双因素认证 | |
unified endpoint management | 统一端点管理 | UEM |
unified identity management | 统一身份管理 | UIM |
unified threat management | 统一威胁管理 | UTM |
user and entity behavior analytics | 用户和事件行为分析 | UEBA |
virtual private network | 虚拟专用网络 | VPN |
wireless access point | 无线访问接入点 | WAP |
work recovery time | 工作恢复时间 | WRT |
zero trust | 零信任 |