Glossary of Terms
Mortimer Adler wrote a book on how to read books. I highly recommend reading it. This book completely changed how I read. In this book, Adler explains convincingly why terms are so important. Terms need to be defined because they are highly contextual. This is even more important in the worlds of digital transformation and digital disruption because there are no universal definitions in those worlds. Having a shared understanding of the meaning of key terms helps the conversation be produtive. It is for that reason that I wrote this Glossary.
If you would like to suggest alternate definitions or nuances, please drop me a line, I want to hear from you!
Note: If the definition is not attributed, I am the author.
Certification Authority & Public Key Infrastructure
Certification Authorities ("CA") are organizations that operate one or several Public Key Infrastructures. They attest to the veracity of specific information contained in the certificates they issue.
Public Key Infrastructures are the sum of technological and human processes covering the lifecycle of digital certificates: their issuance, use, recuperation, renewal and revocation. They leverage Public Key Cryptography.
Public Key Cryptography is a branch of Cryptography. As an applied subject of mathematics, its main area of interest is algorithms that create robust key pairs - a private key and a public key, each working with one another. A fundamental tenet of Public Key Cryptography is that the private key cannot be derived from the public key.
Digital certificates are cryptographic artifacts making possible a variety of digital operations requiring security and/or reliability:
- Digital Signing Certificates bind information about the signer, asserted by the signer or certified to be true by the CA, to an electronic document, file or set of files.
- Digital Encryption Certificates allow the ciphering or deciphering of information to protect the confidentiality of information.
- SSL Certificates allow secure connections from a browser to a web server.
Note: there are other kinds of digital certificates. The above three categories are the most common categories.
Digital Change Agents
Digital change agents are individuals in business, government, politics and academia who exert considerable influence (from inside or outside an organization or industry) and therefore are in the position to transform.
They are conference organizers, entrepreneurs, investors, professors, policy advisors, executives, and other professionals who work in technology and digital focused roles across various fields, who have a say in decision-making and may also be considered thought leaders in their space.
Digital disruption is the unforeseen change of business models, governing structures or social paradigms caused by novel uses of information technologies.
Digital transformation is a deliberate set of efforts aiming to improve the lives of people, the thriving of organizations and the maturity of nations by evolving their use of information technology.
Documents are stable sets of information that can be read in a linear fashion by human beings.
Electronic documents are documents that rest on electronic media according to software specifications. They are displayed by visual devices.
Technological documents are defined in some statutes with a scope exceeding what is intuitively understood by most as electronic documents - for example, technological documents may include databases. For an example of such a definition, see Act to Establish a Legal Framework for Information Technology, R.S.Q., c. C-1.1, s. 3.
Document reliability is the extent to which a document possesses these four qualities in the opinion of relying parties (readers of the document):
- Certainty of Identity. Can the reader be sure of the origin of signers - including their names, date and time of signatures and, if applicable, professional or employment affiliations?
- Assurance of Integrity. Can the reader be sure the document has not been modified in any unauthorized manner?
- Proof of Authenticity. Is the proof of origin and integrity included in the document itself? Or must the reader resort to an external audit trail or systems log? When the document itself possesses proof of origin and integrity, it is said to be authentic and would be called, in a paper world, an "original".
- Guarantee of Longevity. Can the document be opened, read and authenticated over long periods of time? For electronic documents with a lifecycle of over 12 years, one must take special care in ensuring the longevity of documents, typically by safeguarding them in long-term formats such as PDF/A-1,2,3 (ISO 19005) for example.
Document security is the extent to which a document possesses these three qualities in the opinion of the document custodian:
- Confidentiality. Is the document protected against unauthorized access and leakage?
- Integrity. Is the document protected against unauthorized modifications?
- Availability. Is access to the document protected so that authorized readers may retrieve it when needed?
Electronic & Digital Seals
I recommend reading the definitions of electronic & digital signatures before reading the following definitions on seals.
Seals are used to assert a professional affiliation (such as the engineer's seal) or an organizational endorsement (such as company seals).
Electronic seals can be defined in two ways:
- Professional Electronic Seals are one type of electronic signature. They are images of a professional association seal that can be freely copied and pasted on documents. Depending on the professional association practice guidelines, such seals may require, to be valid, a superimposed manuscript signature and a date. Electronic seals have no cryptographic protection.
- Organizational Electronic Seals are one type of electronic signature. They are images of an organizational seal that can be freely copied and pasted on documents. Depending on the organization guidelines for the use of the seal, such seals may require additional information added to the seal when affixed to documents, such as a manuscript signature or date. Electronic seals have no cryptographic protection. In a private sectore context, they could be called Corporate Electronic Seals. In a government context, they could be called Government Electronic Seals.
Digital Seals can similarly be defined in the same two contexts:
- Professional Digital Seals are digital signatures in which the identity of the professional is certified and the professional association affiliation is cryptographically asserted and controlled by the professional association.
- Organizational Digital Seals are digital signatures in which the identity of the organization is certified and the use of the organization seal is cryptographically asserted and controlled by the organization. In a private sectore context, they could be called Corporate Digital Seals. In a government context, they could be called Government Digital Seals.
Electronic & Digital Signatures
It's hard to define effectively what are electronic and digital signatures without first defining what signatures are.
Signatures are permanent marks bonded to stable information that are traceable and personal to persons. They constitute evidence of implicit or explicit intent. The robustness of any signature, or its probative value, is therefore a matter of degree of how well the signature accomplished these six goals:
- Permanent. Is the signature permanent or bound to fade away? Can it be authenticated over long periods of time?
- Binding. Is the signature well bound to the document signed or easily separated?
- Static information. Is the information signed (usually a document) final and free from ulterior changes?
- Traceable. Is it possible to ascertain who signed the document?
- Personal. Is the mark uniquely personal to the person that signed or is easily reproduced by another person.
- Intent. Is it reasonably possible to infer, explicitly or implicitly, the intent of the signature?
Electronic Signatures are signatures in the electronic medium. They cover a vast array of use cases and are of varying reliability. Examples include: images (e.g. .jpeg) of a manuscript signature, recording of one’s voice in which a person asks an upgrade to their monthly data plan, an email signature block and the recorded data underlying an amazon secure web session during which goods were purchased.
Digital signatures are electronic signatures in which one, several or all signature reliability characteristics (see previous six characteristics) have been reinforced with cryptography to create a non-repudiable link between the signer and the document signed.
Information, Data & Knowledge
Data is a series of facts or assertions.
Information is data sufficiently contextualized to allow a human reader to develop knowledge.
Knowledge is information internalized.
Strategy, Operations & Tactics
Strategy is the set of necessary and sufficient decisions to ensure Mission success, Vision delivery and upholding of Values.
Operations is the sum of programs, projects and initiatives coordinating the work of resources to produce specific results and outcomes.
Tactics are operational guidance, best practices and constraints meant to optimize the effectiveness and efficiency of operations.
Strategic Planning, Management & Maps
Strategic Planning is an analytical and collaborative effort encompassing:
- The completion of strategic research and of a Strengths - Weaknesses - Opportunities - Threats analysis;
- The crafting of Vision - Mission - Values Statements; and
- The implementation or refinement of a Strategic Map, Strategy and Balanced Scorecard.
Strategic Management is the planning, organizing, directing, controlling, evaluating and reporting on activities taking place during the five phases of Strategic Management: Research, Foundation, Definition, Linkages to Operational Planning and Performance Measurement.
Strategic Maps lay out the strategic perspectives, themes and objectives of the organization:
Perspectives are the 4-5 lenses used by the organization to layer its performance measurement. A classical for profit, bottom up layering would be “HR & Culture / Process & Ops / Customer / Financial”;
Themes are areas of strategic focus vertically cutting across perspectives. They are usually stable; and
Strategic Objectives, when met, directly realize one or several outcomes stated in the Vision.