![[Logo]](https://appassay.org/assets/appassay-logo-65x65.png){kind=logo}
We use the terms defined in this glossary. When used, a term is preceded with a ▹, Capitalized and linked to its definition.
- Anonymity
- A situtation in which an App User is non-identifiable, unreachable, and untrackable.
- API
- An Application Programming Interface
- App
- All aspects of an information/communication system built or used to help fight the pandemic.
- App Creator
- An individual or entity who contributes to developing, operating or funding an App.
- App Developer
- An individual or entity who contributes to writing, integrating or testing code for an App; who may create user experience, design, branding etc.
- App Funder
- The entity that has commissioned, funded, encouraged the use of, or required the use of an App for a certain set of App Users.
- App Instance
- The particular instance of the App, or a component of the App, that is running for a particular App User.
- App Operator
- An individual who helps running some aspect of an App on a day-to-day basis.
- App User
- An individual of the general public who uses, or considers using an App.
- App User Onboarding
- The process by which an App User can start using an App.
- Architecture
- The overall design and structure of the App.
- Attack
- An attempt, successful or not, to use any aspect of the App for a nefarious purpose.
- Attacker
- An individual or entity that attempts, or succeeds, to perform an Attack.
- Audit
- An examination of all aspects of an App's development, operation and governance by an independent, trustworthy entity with full cooperation by the App Creators.
- Audit Trail
- A log that records all events that occurred with respect to a particular App or App Component.
- Backup
- The copying of data for the purpose of being able to restore the original when a data loss event occurs.
- Bluetooth Low Energy (BLE)
- A wireless short-range computer networking technology.
- Care Provider
- An physician, nurse or other medical care provider.
- Cloud Component
- A component of the App's software that runs on a server not under control of the App User.
- Contact ID
- The identifier(s) assigned to Exposure Contacts for the purposes of contact tracing.
- Data At Rest
- Data that is stored physically for some period of time in some location.
- Data In Motion
- Data that is in the process of being transmitted from one place to another.
- Data Poisoning
- An Attack in which the Attacker submits intentionally false data.
- Data Retention Period
- The period of time during which data is stored before it is deleted.
- Dead Code
- Code in the App that does not get executed.
- Debug Code
- Code in the App that is only helpful during programming.
- Exposure Contact
- A person who has been exposed to another person and should be recorded as a contact for the purposes of contact tracing.
- Federation
- Several Apps with similar goals communicating with each other.
- Firebase
- A software development platform and online service operated by Google.
- FIXME
- A marker for our own internal purposes that a section of this site needs more work.
- FOSS
- Free and Open-Source Software
- Inference
- A statement about any aspect of an App by a third party, based on available public information.
- Insider Attack
- An Attack where the Attacker is part of the team responsible for keeping the attacked system safe
- IP Address
- A unique identifier for each networked device on the internet.
- MAC Address
- A unique identifier for hardware of common wireless communication protocols.
- Peer Communication
- Communications between smartphones without the involvement of a third party.
- Personally Identifiable Information
- All information that is related to an identifiable person.
- Privacy Impact Assessment
- A process which enables organizations to identify and reduce the privacy risks from technology.
- Privacy Policy
- A published statement that discloses how an entity manages personal data.
- Production
- The deployment of code for real users, as opposed to for testing or development.
- Pseudonymity
- A situtation in which an App User is trackable but not identifiable.
- Public Health System
- All governmental and non-governmental entities involved in public health related to the pandemic.
- Re-identification
- A mechanism by which a previously anonymous or pseudonymous App User can be identified with high certainty.
- Replay Attack
- An Attack where an Attacker repeats a legitimate data transmission.
- Reproducible Build
- A method to prove that a compiled or downloaded App was built from a certain version/configuration of source code.
- Role
- The function of a particular individual with respect to an App.
- RSSI
- A measure of the strength of a received wireless signal.
- Secure hash
- A cryptographic function that is practically impossible to reverse
- Self-assertion
- A statement about any aspect of an App by its App Creator.
- Service Provider
- Any person or entity that provides a service to the App Creators, such as a cloud platform provider, third-party analytics provider, security monitoring service, and the like.
- Smartphone Component
- The component of the App's software that runs on an App User's mobile phone.
- Spoofing Attack
- An Attack where an Attacker invents a data transmission supposedly coming from somewhere else.
- State Machine
- A technical diagram to show the behavior of a system graphically.
- Web Service
- A software system that can be used over the internet by other software.