|Administration to Administration|
|A2B||Administration to Business|
|A2C||Administration to Citizen|
|ABB||Architectural Building Block in CEF|
|Access control||Access control is a term that includes both authentication and authorisation and refers to the policies and measures used to restrict access to data, tools, and physical locations.|
|ADR||Alternative Dispute Resolution|
|AMB||Architecture Board Meeting|
|Anonymous information||The information does not relate to an identified or identifiable natural person.|
An Access Point is defined as an implementation of the AS4 data exchange protocol. In particular, the profile of AS4 developed by eSENS and now maintained by the CEF eDelivery Building Block:
The Access Point must comply with this profile because several options of the original technical specifications were narrowed down in order to increase consistency, interoperability and to simplify deployment.
An open source services framework.
Application Programming Interface
A set of routines, protocols and tools for building software applications.
Applicability Statement 1
Based on SMTP and S/MIME. It was the first AS protocol developed, implementing signing, encryption and MDN conventions.
Files are encoded as attachments in a standardised S/MIME message (an AS1 message).
Applicability Statement 2
The AS2 profile is a predecessor of the AS4 profile of eDelivery.
Files are encoded as attachments in a standardised S/MIME message (an AS2 message).
|Applicability Statement 3|
A standard by which vendor applications communicate over the internet using FTP. AS3 is an EDI protocol.
Applicability Statement 4
The AS4 profile of eDelivery is the AS4 Usage Profile defined by eSENS based on the AS4 Profile of ebMS3 OASIS Standard. AS4 itself is based on other standards, in particular on OASIS ebXML Messaging Services, which in turn is based on various Web Service specifications.
|Assurance level||Helps a party to determine, with some level of certainty, that an electronic credential representing an entity (human or a machine) with which it interacts to effect a transaction, can be trusted to actually belong to the entity. There are three levels - 'Low', 'Substantial' and 'High'.|
Automated TranslationCEF building block to allow European and national public administrations to exchange information across language barriers in the EU. The main purpose of AT is to make all DSIs multilingual. For example, users of an e-Procurement system or the Open Data Portal will be able to access information and communicate with their counterparts using their own language. While AT is mainly intended to be integrated into other digital services, it also offers useful stand-alone services for translating documents or snippets of text.
|At-Most-Once||Each message will be delivered to the Application Destination at most once. It's possible that a Message will not be delivered to the Application Destination at all, but the Application Destination will never get duplicate messages.|
|Authentication||The process in which one party convinces another party that she/he/it has the properties she/he/it claims to have. It is a subpart of access control and typically precedes authorisation.|
|Authorisation||The process of being assigned rights. It is part of access control and typically succeeds in the authentication process.|
|Business to Administration|
|B2B||Business to Business|
|B2C||Business to Citizen|
Business Document Metadata Service Location
|binary||A binary file is computer‑readable but not human‑readable. All executable programs are stored in binary files, as are most numeric data files.|
Business Interoperability Specifications
|Blockchain||An append-only, sequential, chained distributed ledger, composed of an ever-growing sequence of blocks of transactions.|
Business Registers Interconnection System
|BUSDOX||Business Document Exchange Network|
Corner 1 in the Four-Corner Model.
An end entity which exchanges messages with the other end entity (C4) via Access Point intermediaries (C2 and C3).
Corner 2 in the Four-Corner Model.
An Access Point intermediary which via Access Point intermediaries C3 facilitates the exchange of messages from its end entity (C1) with the other end entity (C4).
|C2A||Citizen to Administration|
|C2B||Citizen to Business|
|C2C||Citizen to Citizen|
Corner 3 in the Four-Corner Model.
An Access Point intermediary which via Access Point intermediaries C2 facilitates the exchange of messages from its end entity (C4) with the other end entity (C1).
Corner 4 in the Four-Corner Model.
An ABB which offers a technical service to accommodate a dynamic and flexible interoperability community.
A capability lookup can provide metadata about the communication partner’s interoperability capabilities on all levels defined in the EIF (Legall, Organisational, Process, Semantic and Technical interoperability levels). The metadata can be used to dynamically set interoperability parameters and ambitions between the sender and receiver.
|CEF.AT||A platform funded by CEF to be the core building block used by CEF DSIs for operating in a multilingual way. It includes Machine Translation as a service it offers.|
Connecting Europe Facility
|CEF AO||CEF Architect Office|
Common Entry Gate
|CEN||European Committee for Standardisation|
|Chaincode||See 'smart contract'.|
|CIP||Competitiveness and Innovation Framework Programme|
Common Infrastructure for Public Administrations
Provides a generic solution for public administrations to exchange documents in a secure and reliable way
|COD||Component Offering Description|
|Company||A business organisation that creates profit by selling goods or services.|
|CONNECT (DG)||European Commission's Directorate-General for Communication Networks, Content and Technology|
Large and structured sets of text or speech audio files used in linguistic
The term Commercial off-the-shelf product (hardware or software) refers to readily available products that can be acquired from the market (instead of being developed in-house)
|CPA||Collaboration Protocol Agreement|
|Credential issuer||A role that an entity, a person, or a thing might perform by creating a verifiable credential, associating it with a specific subject, and transmitting it to a holder. Example issuers include corporations, non-profit organisations, trade associations, governments, and individuals.|
|CRL||Certificate Revocation List|
|Cryptography||The use of mathematical techniques to ensure security-related properties such as data confidentiality, data integrity and data authentication.|
|CSAD||Component Software Architecture Document|
|CSP||Certification Service Provider|
|Disciplined Agile Delivery|
|DES||Data Encryption Standard|
|DGT||European Commission's Directorate-General for Translation|
|DID custodian||A DID custodian would be a party that allows a subject to register its DID (and keys) at a custodian in order to retrieve its DID (and keys) in case of loss.|
European Commission's Directorate-General for Informatics
|Distributed ledger||A data structure replicated over multiple entities in a peer-to-peer network, whereby a consensus mechanism guarantees the consistency of the different copies of this data structure, without the need for a central authority.|
|DNN||Deep Neural Net|
|DNS||Domain Name System|
ebMS3 Access Point based on the AS4 profile.
Digital Service Infrastructure
|DSL||Dynamic Service Location|
|ebXML Business Process Specification Schema|
ebXML Messaging Service Specification
|EBSI||European Blockchain Services Infrastructure|
Electronic Business XML
Project to use XML to standardise the secure exchange of business data.
|Eclipse||A platform for developing software applications. It can be downloaded at http://www.eclipse.org/|
|ECMA||European Computer Manufacturers Association|
e-Justice domain enabling citizens and businesses to have cross-border access of legal means in Europe.
|ECP||European Central Platform|
CEF building block to allow public administrations to exchange electronic data and documents with other public administrations, businesses and citizens, in an interoperable, secure, reliable and trusted way.
eDelivery is based on the concept of a four corner model, where the end entities (corners one and four) exchange messages via Access Point intermediaries (corners two and three). eDelivery standardises the communication only between these Access Point intermediaries. Communication between Access Points and end entities may use any communication protocol.
Electronic Data Interchange
The transfer of data from one computer system to another by standardised message formatting, without the need for human intervention.
|EDIFACT||Electronic Data Interchange For Administration, Commerce and Transport|
|EDIG@s||Electronic Data Interchange Gas|
EDIG@s is an Electronic Data Interchange (EDI) standard for the buying, selling, transporting and storage of gas. It is an official subset of the UN EDIFACT standard.
|EDIINT||Electronic Data Interchange-Internet Integration|
|EEA||European Economic Area|
Electronic Identification and Trust Services
The Regulation (EU) N°910/2014 on electronic identification and trust services for electronic transactions in the internal market.
The eIDAS Regulation does the following:
|EIF||European Interoperability Framework|
|eInvoicing||CEF building block to allow public administrations to implement electronic invoicing in compliance with the eInvoicing Directive of the European Parliament and the Council.|
|Employer||A person or organisation that employs people.|
|Encryption||The application of cryptographic techniques to protect data confidentiality. Encryption is a subpart of cryptography.|
A party which receives messages is an endpoint.
|Enrolement||Act of enrolling at a learning institution or in a class/course.|
|ENTSOG||European Network of Transmission System Operators for Gas|
|EPO||European Payment Order|
|ERDS||Electronic Registered Delivery Service|
|ESB||Enterprise Service Bus|
Electronic Simple European Networked Services
Large-scale pilot project with the aim of consolidating, improving, and extending technical solutions based around the building block DSIs to foster digital interaction with public administrations across the EU.
It improves the cross-border access of citizens and businesses in the different areas of eGovernment.
|ESI||Electronic Signatures and Infrastructures|
|eSignature||CEF building block to allow public administrations and businesses to accelerate the creation and verification of electronic signatures. The introduction of eSignature serves to significantly reduce the time required to conduct business and legal transactions, whilst also reducing the use of paper documents and therefore contributing to the sustainable economy|
|EESSI||Electronic Exchange of Social Security Information. EESSI is owned by DG EMPL. It aims at improving the cross border communication between the national social security institutions of 32 countries (EU+EFTA Member States), by introducing an electronic communication platform for efficient exchange of information|
European Language Resource Coordination. Manages, maintains and coordinates the relevant language resources in all official languages of the EU and CEF associated countries. Is the brand name given to SMART 2015 1091 Lot 2 selected tender
European Commission's Directorate-General for Employment, Social Affairs and Inclusion
|ESSIF digital ID||A “digital identity” (and corresponding identifier) allowing to uniquely identify an entity within the ESSIF eco-system.|
|ESSIF DID-card||A DID-card is a way to officially "register" a DID and link it in a secured/protected way (depending on the LoA) to an entity.|
|ESSIF ecosystem||The totality of the actors and systems within the context of ESSIF (which interact according to the rules and standards of the ESSIF-ecosystem).|
|ESSIF trust framework||The totality of all policies, principals, guidelines, standards, processes, … which form the "terms and conditions" of membership and/or usage of ESSIF-services and as such ensure for all parties involved the trust levels parties can count on, in the context of ESSIF.|
|ESSIF architecture||The definition of ESSIF and all related actors and building blocks at a functional level, at the level of concepts, at the level or resilience/trust requirements, at the level of interactions (including all corresponding technical and operational standards)|
|ESSIF infrastructure||All supporting capabilities/services which support the functioning of ESSIF and all its members and framework-abiding relying parties, issuers and users.|
|eTG||eCom Technology Group|
electronic Trust Services
|ETSI||European Telecommunications Standards Institute|
|ETSI ESI||The committee dealing with digital signatures (signature format, certificates, CSPs, trusted list) and ancillary services (Registered e-mail, Registered e-delivery, Time-Stamping, Long-term data preservation).|
|EU-CEG||European Common Entry Gate|
|EUP||Enterprise Unified Process|
DGT’s internal translation memory database; complement definition with DGT's input if needed. A clone of DGT’s internal translation memory database, Euramis also exists; complement definition with DGT's input if needed
|European Blockchain Services Infrastructure (EBSI)|
CEF building block to deliver EU-wide cross-border public services using blockchain technology. EBSI materialises as a network of distributed nodes across Europe (the blockchain), leveraging an increasing number of applications focused on specific use cases. Dedicated glossary can be found here.
Earned Value Managementaka EVPM
Earned Value Project/Performance Managementaka EVM
Future Internet wareA middleware platform, driven by the European Union, for the development and global deployment of applications for Future Internet.
|FTP||File Transfer Protocol|
|General Data Protection Regulation (GDPR)||The General Data Protection Regulation 2016/679 is a regulation in EU law on data protection and privacy in the European Union and the European Economic Area. It also addresses the transfer of personal data outside the EU and EEA areas.|
|Global Location Number|
A recursive acronym for "GNU's Not Unix!".
|GS1||Global Language for Business|
A file format and a software application used for file compression and decompression.
A set of international standards for the transfer of clinical and administrative data between software applications used by various healthcare providers. These standards focus on the application layer, which is layer 7 in the OSI model.
Hypertext Transfer Protocol
aka HTTP over SSLHypertext Transfer Protocol Secure
|Interface Control Document|
|IETF||Internet Engineering Task Force|
|Implementing Act||Once an EU law is passed, it can be necessary to update it to reflect developments in a particular sector or to ensure that it is implemented properly. Parliament and Council can authorise the Commission to adopt delegated or implementing acts, respectively, in order to do this. Primary responsibility for implementing EU law lies with EU countries. However, in areas where uniform conditions for implementation are needed (taxation, agriculture, the internal market, health and food safety, etc.), the Commission (or exceptionally the Council) adopts an implementing act.|
|INEA||Innovation and Networks Executive Agency|
|IPR||Intellectual Property Right|
|ISA||Interoperability Solutions for European Public Administrations|
|ISO||International Organization for Standardization|
The Information System Security Policy developed by DG ADMIN/DS
|ITIL||Information Technology Infrastructure Library|
|ITTO||Input, Output, Tools and Techniques|
|Previous name for Java EE.|
A package file format typically used to aggregate many Java class files and associated metadata and resources (text, images, ...) into one file in order to distribute application software or libraries on the Java platform.
Java Enterprise Edition
Java EE provides an API and runtime environment for developing and running enterprise software, including network and web services, and other large-scale, multi-tiered, scalable, reliable, and secure network applications.
A high-level, dynamic, untyped, and interpreted programming language, which has been standardised in the ECMAScript language specification.
Java Architecture for XML Binding
A Java API that makes it easier to access XML documents from applications written in the Java programming language.
J2EE application server for developing and deploying enterprise Java applications, Web applications and services, and portals.
JBoss is now known as WildFly.
Java Message Service
A messaging standard that allows Java EE application components to create, send, receive and read messages.
|JPA||Java Persistence API|
Open-standard format using human-readable text to transmit data objects consisting of attribute–value pairs. It is the most common data format used for asynchronous browser/server communication (AJAJ) where it has largely replaced XML, which is used by AJAX.
European Commission's Directorate-General for Justice and consumers
|The eSENS generic AS4 Conformance & Interoperability bridge that achieves connectivity between the testing system (Minder Testbed) and the AS4-compliant Gateways.|
|KPI||Key Performance Indicator|
|Legal Assurance and Accountability|
|Ledger||Ledgers are places where Issuers can write relevant information, and where relying parties can have access to verify certain elements.|
Large Scale Pilot
|Machine to Machine|
Service Management is a set of specialized organizational capabilities for providing value to customers in the form of services.
A service is a means of delivering value to customers by facilitating outcomes customers want to achieve without the ownership of specific costs and risks.
The Message Consumer is an entity that interacts with a Receiving MSH (i.e. an MSH in the Receiving role) to consume data from a received user message.
Some examples are:
The Consumer is always an MSH endpoint.
Message Disposition Notification
The acknowledgment sent in response to an AS2 message.
Message Exchange Pattern
A Message Exchange Pattern describes the pattern of messages required by a communications protocol to establish or use a communication channel.
Multipurpose Internet Mail Extensions
An internet e-mail standard, on whose format is used by most e-mail transmitted over SMTP.
|Minder||An OSS generic testing environment, checking the technical conformance and interoperability of CEF building blocks.|
|MLA||Mutual Legal Assistance|
The Message Producer is an entity that interacts with a Sending MSH (i.e. an MSH in the Sending role) to initiate the sending of a user message.
Some examples are:
But not another MSH!The Producer is always an MSH endpoint.
Message Partition Channel
Different MPCs can exist, each defined as a Container.
An MPC allows the flow of messages from a Sending MSH to a Receiving MSH to be partitioned into several flows, each of which is controlled separately.
An MPC also allows flows from several Sending MSHs to be merged into a single unique flow that will be treated as such by a Receiving MSH.
|MSA||Master Service Arragement|
Message Service Handler
The MSH is an entity that is able to generate or process messages that conform to the ebMS specification, and which act in at least one of the two ebMS roles: Sender and Receiver.
In terms of SOAP processing, an MSH is either a SOAP processor or a chain of SOAP processors. In either case, an MSH has to be able to understand the eb:Messaging header (qualified with the ebMS namespace).
Message Transfer Optimisation Mechanism
Message Transmission Optimisation Mechanism
The Machine Translation service of the European Commission
|NIST||A Taxonomic Approach to Understanding Emerging Blockchain Identity Management Systems.|
Natural language processing
|A number or bit string used only once in security engineering.|
|NRR||Non-Repudiation of Receipt|
Advancing open standards for the information society
Non-profit, international consortium creating interoperable industry specifications based on public standards.
|ODR||Online Dispute Resolution|
|OMB||Operational Management Board|
Open Systems Interconnection
The OSI model is a conceptual model that characterises and standardises the communication functions of a telecommunication or computing system without regard to their underlying internal structure and technology. Its goal is the interoperability of diverse communication systems with standard protocols. The model partitions a communication system into abstraction layers. The original version of the model defined seven layers.
Open Source Software
Oxalis is a PEPPOL Access Point OSS implementation.
|Project and Architecture Office|
Processing Mode ConfigurationA text file with extension .pconf is used by an Eclipse plug-in to generate the PMode XML file.
|Portable Document Format|
Pan-European Public Procurement Online
This adjective is used to denote a distributed ledger network with an additional layer of access control.
Permissioned distributed ledger networks are not based on game theory, but on agreements between cooperating parties that know each other.
The permissioned aspect can be restricted to some elements of a distributed ledger, such as governance and the consensus mechanism. Hence, a permissioned distributed ledger may be public and partially open to everyone.
|Permissionless||Adjective used for distributed ledger networks where everyone can assume any role without enrolment procedure. Therefore, these distributed ledger networks are based on game-theoretic incentives and assumptions to function properly.|
Personal data is any information that relates to an identified or identifiable living individual. Different pieces of information, which collected together can lead to the identification of a particular person, also constitute personal data.
Personal data that has been de-identified, encrypted or pseudonymised but can be used to re-identify a person remains personal data and falls within the scope of the GDPR.
Public Key Infrastructure
A collection of parameters that determine how User Messages are exchanged between a pair of Access Points with respect to Quality of Service, Transmission Mode and Error Handling.
Point of Contact
Name of contact person.
|POJO||Plain Old Java Object|
|Profile (European Profile)||In standardization, a profile is a subset internal to a specification. Aspects of a complex technical specification may necessarily have more than one interpretation, and there are probably many optional features.|
Point of Single Contact
|Pseudonymisation||The processing of personal data in such a manner that the personal data can no longer be attributed to a specific data subject without the use of additional information, provided that such additional information is kept separately and is subject to technical and organisational measures to ensure that the personal data are not attributed to an identified or identifiable natural person.|
|PSP||Policy Support Programme|
|Quality of Service|
|Relying parties||Relying Parties are Parties which through there actors/agents rely on any verifiable credential they will receive.|
|RSP||Reliable Secure Profile|
|RUP||Rational Unified Process|
Secure/Multipurpose Internet Mail Extensions
A standard for public key encryption and signing of MIME data.
|SAD||Software Architecture Document|
|SAD||Solution Architecture Document|
Security Assertion Markup Language
SAML is an XML standard that allows secure web domains to exchange user authentication and authorisation data.
|Sample implementation/software||Software developed by CEF that may be used to get familiar with the technical specifications in a test environment or as a working solution in a production environment|
|SANTE (DG)||European Commission's Directorate-General Health and Food Safety|
|SAT||Solution Architecture Template|
|SBB||Solution Building Block|
Standard Business Document Header
|ScP||Scalability and Performance|
|SDD||Service Delivery Document|
|SDD||Solutions Delivery Document|
|SDO||Standards Developing Organisation|
|Self-Sovereign Identity (SSI)|
Self-sovereign identity (SSI) is the next step beyond user-centric identity. Both concepts are based on the idea that a user must be central to the administration of his/her digital identity, which requires not only a user’s ability to use an identity across multiple locations but also to have true control over that digital identity, creating user autonomy. To accomplish this, a self-sovereign identity must be transportable; it can’t be locked into to a single site or locale.
A self-sovereign identity must also allow users to make claims, which could include personal data or attributes, and can even contain information about the user that was asserted by others. In the creation of a self-sovereign identity, we must be careful to protect the individual, defend them against financial and other losses and support human rights, such as the right to be oneself and to freely associate.
It must be easy for public administration and other organisations to provide services that are legally binding and fully compliant with regulations.
|SLA||Service Level Agreement|
|Smart contract||In the DLT context, a smart contract (or chaincode) is a computer code published on a distributed ledger and executed by multiple nodes in the distributed ledger network. Due to the consensus mechanism of the ledger, no one should be able to unilaterally affect the correct execution of the smart contract code.|
|SML||Service Metadata Locator|
|SMO||Stakeholder Management Office|
|SMP||Service Metadata Publisher|
|SMTP||Simple Mail Transfer Protocol|
The Submit Operation occurs at the endpoints and only once per message lifetime.Any Actions performed by an intermediary will be defined in different terms.
The service delivery team. Covers ITIL aspects.
Simple Object Access Protocol
|SOC||Service Offering Canvas|
|SOD||Service Offering Description|
Simple Procedure Online for Cross-Border Services
SPOCS was a CIP LSP project that was active between May 2009 and December 2012. SPOCS aimed to build the next generation of PSC online portals – which every European country now has in place – through the availability of high impact cross-border electronic procedures.
Secure Sockets Layer
SSL is the standard security technology for establishing an encrypted link between a web server and a browser. This link ensures that all data passed between the web server and browsers remains private and whole.
|SUT||System Under Test|
A testing environment is a setup of software and hardware for the testing teams to execute test cases. In other words, it supports test execution with hardware, software and network configured.
Test bed or test environment is configured as per the need of the Application Under Test. On a few occasion, test bed could be the combination of the test environment and the test data it operates.
Transport Layer Security
A protocol that ensures privacy and message integrity between communicating applications and their users on the internet.
TLS is the successor to SSL.
Responsible for components and software development.
|TPD||Tobacco Products Directive|
The trustworthiness of ESSIF (see "ESSIF") will stand (or fall) with the trustworthiness of the verifiable credentials, mandates/consents and/or claims.
This trustworthiness will be determined by the trustworthiness of the respective issuers and their issued VCs (which can be low, substantial, or high).
Transmission System Operators
ENTSOG is one such TSO.
|UN/CEFACT||United Nations Centre for Trade Facilitation and Electronic Business|
|URL||Uniform Resource Locator|
|Verifiable attestation||A verifiable attestation is is a special form of a "verifiable credential" that an entity can put forward as evidence of certain attributes/properties or as evidence of an permit/attestation/authorisation he/she/it has received.|
|Verifiable (digital) ID||A verifiable ID is a special form of a "verifiable credential" an entity can put forward as evidence of whom he/she/it is (comparable with a passport, physical IDcard, drivers-license, social security card, member-card, etc.)|
|Verifiable consent and mandate||A verifiable consent or mandate is a special form of a "verifiable credential" which allows the “holder” to present itself to a third party with a credential and a mandate (and claims regarding a corresponding subject).|
|Verifiable presentation||A verifiable presentation represents the data passed from an entity to a relying party (often also the verifier).|
|Verifiable supporting document||Verifiable supporting documents are any type of "annexes" to which verifiable credentials refer.|
World Wide Web Consortium
The main international standards organisation for the World Wide Web.
|W3C Standard||W3C standards define an Open Web Platform for application development that has the unprecedented potential to enable developers to build rich interactive experiences, powered by vast data stores, that are available on any device.|
|WAR||Web Application Archive|
|WildFly||Application Server formerly known as JBoss.|
|WLST||Weblogic Scripting Tool|
Web Services Description Language
The WSDL represents a contract for the web service, it defines what the web service does. It's largely created by copy & pasting from other places.
|WS-I||Web Service Interoperability organisation|
SOAP-based OASIS specification that fulfils reliable messaging requirements critical to some applications of web services.
N.B. WS-Reliability has been superseded by WS‑ReliableMessaging.
|WSRM||Web Service Reliable Messaging|
|WSS||Web Server Software|
|WSSE||WSSE is a family of open security specifications for SOAP web services. The basic premise of WSSE is that a request header is checked for encrypted credentials, verified using a timestamp and nonce, and authenticated for the requested user using a password digest.|
SOAP-based OASIS specification that applies security to Web Services.
|Cryptography standard for PKI.|
eXtensible Markup Language
A W3C markup language defining a set of rules for encoding documents in a format which is both human-readable and machine-readable.
|XMLDSIG||XML Digital Signature|
A stream-based XML output library for the Java programming language. Designed with the goals of speed and simplicity.
|XPath||A syntax for defining parts of an XML document.|
XML Schema Definition
W3C recommendation that specifies how to formally describe the elements in XML.
|An archive file format that supports lossless data compression.|