forked from decentralized-identity/edv-spec
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathterms.html
98 lines (94 loc) · 4.12 KB
/
terms.html
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
<p>
The following terms are used to describe concepts in this specification.
</p>
<dl class="termlist">
<dt><dfn data-lt="entities|entity's">entity</dfn></dt>
<dd>
A thing with distinct and independent existence, such as a person,
organization, or device that performs one or more roles in the ecosystem.
</dd>
<dt><dfn>user agent</dfn></dt>
<dd>
A program, such as a browser or other Web client, that mediates the
communication between the various roles in this specification.
</dd>
<dt><dfn data-lt="URI|URIs">URI</dfn></dt>
<dd>
An identifier as defined by [[RFC3986]].
</dd>
<dt><dfn>instance</dfn></dt>
<dd>
A Secure Data Storage <em>instance</em> is a deployment of software meeting the
interface requirements for an EDV and/or Hub.
</dd>
<dt><dfn>controller</dfn></dt>
<dd>
The controller of an encrypted data vault instance (specified in the vault
configuration object upon vault creation) is the entity that controls that
instance. The controller, typically expressed as a Decentralized Identifier
(DID), has the root authorization for all encrypted resources in the vault,
including for the vault configuration object, and can delegate authorization
to other entities (storage agents).
</dd>
<dt><dfn>encrypted resource</dfn></dt>
<dd>
An encrypted object (unstructured text, structured document, or binary blob) stored
in an EDV instance. JSON objects under 10MiB in size are stored in Structured Document
resources. Binary objects, or JSON objects larger than the maximum size, are stored
in Stream Resources.
</dd>
<dt><dfn data-lt="replication|replication's">replication</dfn></dt>
<dd>
The process of copying the contents of an instance (stored encrypted objects
and indexes) to another instance. Replication can be configured to be either
unidirectional or bidirectional, and can operate in several modes (realtime,
full-sync, or both).
</dd>
<dt><dfn data-lt="synchronization|synchronization's">synchronization</dfn></dt>
<dd>
A combination of replication and conflict resolution.
</dd>
<dt><dfn data-lt="conflict resolution">conflict resolution</dfn></dt>
<dd>
The process of resolving edit conflicts, which occur if different changes to
the same resource are made concurrently by different clients. These edits can
occur either on the same instance, or on different instances that are set up to
replicate to each other. The resolution can be either automatic (for example, a
Git merge), or manual (the user might need to intervene and pick which edit to
keep and which to overwrite).
</dd>
<dt><dfn data-lt="bidirectional">bidirectional replication</dfn></dt>
<dd>
A configuration property of the replication setup between two instances. With
bidirectional replication, two instances synchronize all changes to either of
their contents.
</dd>
<dt><dfn data-lt="unidirectional">unidirectional replication</dfn></dt>
<dd>
A configuration property of the replication setup between two instances. With
unidirectional (one-way) replication, only changes to one instance (the
<em>source</em>) get propagated to the other (the <em>target</em>), but not
vice versa.
</dd>
<dt><dfn data-lt="realtime">realtime replication</dfn></dt>
<dd>
A replication mode in which as soon as changes are made to an object on a
source instance, they are propagated "immediately" (within limitations of the
network connection) to the target instance.
</dd>
<dt><dfn data-lt="full-sync">full-sync replication</dfn></dt>
<dd>
A replication mode which is complementary to realtime, and is usually required
when the connection between the source and the target instance has been
interrupted. With full-sync replication, instances compare their contents to
see what changes have occurred while they were disconnected, and then
replicate all of those changes to each other.
</dd>
<dt><dfn data-lt="filtered">filtered replication</dfn></dt>
<dd>
A replication mode in which only a <em>subset</em> of a source instance's
contents to be replicated to the target instance, based on some filter or
criteria. For example, a rule that says "Only replicate Encrypted Documents
with the index tag <em>X</em>" would be filtered replication.
</dd>
</dl>