The software designed to perform a specific function directly for the USER or, in some cases, for another application program. It may also be called an “application program.”
Application as a Service (Paas/aPaas)
A type of CLOUD-based information TECHNOLOGY PLATFORM in which the cloud service provider is largely responsible for managing application servers and operating systems on behalf of the client. Application as a Service platforms can launch application servers, install security patches and software updates, and spread an APPLICATION’s workload over multiple data centers to support scalability and provide backup in the event of a system failure.
Application Programing Interface (API)
A standard approach to exchanging data across APPLICATIONS and CLOUD environments using an API server and predefined interface and data formats. APIs can be used to bidirectionally migrate data between applications and data repositories.
The judgment or appraisal of a systematic collection of information about EDUCATION PROGRAMS, typically conducted for the purpose of evaluation or improvement.
The level of confidence in the process used to validate and establish the identity of a person attempting to ACCESS an information system. For more guidance on AUTHENTICATION assurance levels, see E-authentication Guidance for Federal Agencies (OMB M04-04) (https://georgewbush-whitehouse.archives.gov/omb/memoranda/fy04/m04-04.pdf) and Electronic Authentication Guideline (NIST SP 800-63-1) (http://csrc.nist.gov/publications/nistpubs/800-63-1/SP-800-63-1.pdf).
Defined by FERPA regulations to include, but not be limited to: (a) attendance in person or by paper correspondence, videoconference, satellite, Internet, or other electronic information and telecommunications technologies for STUDENTS who are not physically present in the classroom; and (b) the period during which a person is working under a work-study program. See also DATES OF ATTENDANCE.
DISCLOSURE occurring when data in a student-level file or aggregate data in tabulations reveal sensitive information about a STUDENT.
A personal or computerized review process that accounts for the adequacy, effectiveness, security, and overall functionality of a data activity. This use of “audit” varies from the audit and evaluation exception under FERPA.
Authentication (Single and Multifactor)
A mechanism that an electronic system uses to identify and validate the identity of USERS with the required degree of confidence that the user is who he or she purports to be. Authentication is accomplished through the use of one or more “factors,” which correspond to things that the user knows (like a password), something that they possess (like a SECURITY TOKEN), or something they are (like a fingerprint). Authentication should not be confused with AUTHORIZATION, which is the process of granting individuals ACCESS to system resources based on their identity. More guidance on identity credentials is available from the National Institute for Standards of Technology publication NIST SP 800-103 (http://csrc.nist.gov/publications/drafts/sp800-103-draft.pdf).
A “secret that creates the binding between credentials and its presenter,” as described in the National Standards of Technology publication NIST SP 800-103 (http://csrc.nist.gov/publications/drafts/sp800-103-draft.pdf). Authenticators can take the form of information, such as passwords or personal identification numbers (PINs); hardware, such as key fobs or smart cards; or some digital form, such as digital signatures and certificates.