AUSkey Terms and Conditions glossary

Acronym Definition


See 'Australian Business Number'.


See 'Australian Business Register'.


The Certification Authority (CA) in the AUSkey System. The ABR CA issues and digitally signs AUSkey certificates.


The Registration Authority (RA) in the AUSkey System. The ABR RA digitally signs relevant requests for AUSkey Certificates, and forwards them to the ABR CA.


The Root Certification Authority (RCA) in the AUSkey System. It:

  • generates its own Authentication Key
  • creates and signs its own Certificate, and the ABR CA’s Certificate, using that Key.


The Certificate Holder of an AUSkey Standard Certificate who has administrator level privileges in relation to that certificate (see 'AUSkey Manager').


An Agency means:

  • a Department of State or of the Parliament of
  • a body established or constituted for a public purpose under the laws of
  • a body established by the Governor General, the Governor, or a Minister of State of
  • an incorporated company, the controlling interest in which is held by,

the Commonwealth of Australia, or an Australian State or Territory.

Approved Documents

The documents that describe the operations of an Organisation that have been approved by the Gatekeeper Competent Authority in the course of it granting Gatekeeper Accreditation to that Organisation (and changes to those documents as subsequently approved by the Gatekeeper Competent Authority).


See 'AUSkey Certificate'.

AUSkey Certificate

A Digital Certificate issued by the ABR Certification Authority. Known colloquially as 'AUSkey'.

AUSkey Device Certificate

An AUSkey Certificate that identifies a Device in its Subject Distinguished Name field (that is the certificate is issued in the name of a device).

AUSkey Holder

The Certificate Holder of an AUSkey Certificate. For an AUSkey Standard Certificate, the Certificate Holder is the individual identified in the Subject Distinguished Name field of that Certificate. For an AUSkey Device Certificate, the Certificate Holder is the Device Custodian associated with that Certificate.


See 'AUSkey Policy Management Authority'

AUSkey Policy Management Authority

This is the governing body of the AUSkey system. It sets the strategic direction for the AUSkey system and approves all changes of policy.

AUSkey Standard Certificate

An AUSkey Certificate that identifies an individual in its Subject Distinguished Name field.

AUSkey System

The Public Key Infrastructure for the creation, management and distribution of AUSkey Certificates. This includes the functions and facilities of the ABR CA, the ABR RA, the ABR RCA and the AUSkey Manager.

AUSkey Manager

An online web interface through which AUSkey Certificates and associated Keys are requested and managed. Administrator level privileges allow the Certificate Holder to authorise applications for AUSkey Certificates and to appoint Certificate Holders as Device Custodians (as described in the Certificate Policies for AUSkey Standard Certificates and AUSkey Device Certificates).

Australian Business Number (ABN)

An Australian Business Number issued in accordance with the A New Tax System (Australian Business Number) Act 1999.

Australian Business Register (ABR)

The database register, established under the A New Tax System (Australian Business Number) Act 1999, of information provided by Business Entities for their ABN registration. The ABR is maintained by the ABR Registrar.


The process of testing or verifying an assertion (usually as to identity), in order to establish a level of confidence in the assertion's reliability.

Authentication Key

The Private Key in a Key Pair associated with a Digital Certificate when used for the purposes of Digital Signature.

Business Associate

An individual who can exercise the powers of the relevant Business Entity to (and to authorise others to) carry out electronic transactions with Agencies, including providing that Business Entity's information to, and receiving that Business Entity's information from, those Agencies. The Business Associate approves a Certificate for the first AUSkey Holder in the Business. They may have an AUSkey Certificate issued in their own name, which may or may not have administrator privileges attached.

Business Entity

An entity that has, or is entitled to have, an ABN.


See 'Certification Authority'.


See 'Digital Certificate'.

Certificate Directory

The published directory which lists Digital Certificates issued by a given Certification Authority that are currently in force.

Certificate Holder

The individual who manages the use of a Digital Certificate on behalf of the Business Entity identified in that certificate.

Certificate Information

Information needed to generate a Digital Certificate as required by its Certificate Profile.

Certificate Policy

A set of rules applying to, and providing policy and operational guidance on the deployment of, a particular type of Digital Certificate issued by a Certification Authority.

Certificate Profile

The specification (in the Certificate Policy for a Digital Certificate) of the fields to be included in that Digital Certificate and the contents of each field.

Certificate Revocation List

The published directory that lists Digital Certificates issued by a given Certification Authority that have been revoked. The CRL may form part of the Certificate Directory or may be published separately.

Certification Authority

An Organisation that issues, and digitally signs, X.509 v3 Digital Certificates (which may or may not include Key Generation) using its Private Key.

Certification Practice Statement

A statement of the practices that a Certification Authority employs in issuing, managing, revoking, and renewing (and that a Registration Authority employs in conducting registration activities for) particular classes of Digital Certificates.


The Commonwealth of Australia.


A violation (or suspected violation) of a system (includes a CA's or Certificate Holder's Private Keys) such that unauthorised disclosure of sensitive information may have occurred.


See 'Certificate Policy'.


See 'Certification Practice Statement'.


See 'Certificate Revocation List'.


See 'Device Custodian'.


Computer hardware onto which a Device Certificate may be installed.

Device Certificate

A Digital Certificate that identifies a Device in its Subject Distinguished Name field.

Device Custodian

The individual responsible for managing the use of a given AUSkey Device Certificate on behalf of the Business Entity identified in that certificate. To be a Device Custodian the individual must be the Certificate Holder of an AUSkey Standard Certificate.

Digital Certificate

An electronic document, based on public key cryptographic technology, which:

  • identifies a Business Entity, and either an individual that represents that Business Entity or a Device owned, operated or controlled by the Business Entity
  • binds that individual or Device to a Key Pair by specifying the Public Key of that Key Pair
  • contains the other information required by the relevant Certificate Profile
  • is signed by the relevant Certification Authority.

Digital Signature

In relation to a Digital Certificate with a Key Usage extension including Digital Signature, the use of that Digital Certificate as (or as part of) an electronic signature.

Distinguished Name

A unique identifier having the structure required by the relevant Certificate Profile.


See 'Distinguished Name'.


Daily System Operability Tasks


See 'Evidence of Identity'.

Evidence of Identity

Evidence (for example, in the form of documents) provided to substantiate the identity of the presenting party.


The Commonwealth Government strategy to develop Public Key Infrastructure to facilitate Government online service delivery and e-procurement.

Gatekeeper Accreditation / Gatekeeper Accredited

Formal recognition of an Organisation that is granted by the Gatekeeper Competent Authority which signifies that the Organisation is competent to carry out the operations described in the Approved Documents.

Gatekeeper Competent Authority

The entity which approves an Organisation's application for Gatekeeper Accreditation (including the Approved Documents and any changes to them) as meeting the criteria for Gatekeeper Accreditation or Recognition. The Competent Authority for the Gatekeeper PKI is the Australian Government Chief Information Officer, AGIMO, Finance.

Hardware Security Module

A piece of hardware and associated software/firmware that usually attaches to the inside of a PC or server and provides cryptographic functions, for example, encryption, decryption, key generation, and hashing. The physical device offers some level of physical tamper-resistance and has a user interface and a programmable interface.


See 'Hardware Security Module'.


See 'Hypertext Transfer Protocol'.

Hypertext Transfer Protocol

An application-level protocol for distributed, collaborative, hypermedia information systems. Its use for retrieving inter-linked resources led to the establishment of the World Wide Web.


The CA that digitally signs a Digital Certificate (which may or may not include Key generation) using its Private Key.


A string of characters used with a cryptographic algorithm to encrypt and decrypt.

Key Pair

A pair of asymmetric cryptographic Keys (for example, one decrypts messages which have been encrypted using the other) consisting of a Public Key and a Private Key.

Key Usage

The Key Usage extension defines the purpose (for example, encryption, signature etc) of the Key contained in the Digital Certificate.


Lightweight Directory of Accessory Protocol

Object Identifier (OID)

A string of decimal numbers that uniquely identifies an object. These objects are typically an object class or an attribute. It serves to name almost every object type in X.509 Certificates, such as components of Distinguished Names and Certificate Policies.


See 'Object Identifier'.


Relates to an entity that has authorised one or more of its employees to hold and use Keys and Digital Certificates on its behalf. An Organisation may or may not be a Business Entity.

Personal Information

Information or an opinion (including information or an opinion forming part of a database), whether true or not, and whether recorded in a material form or not, about a natural person whose identity is apparent, or can reasonably be ascertained, from the information or opinion.


See 'Public Key Cryptography Standards'.


See 'Public Key Infrastructure'.

Private Key

The Private Key in an asymmetric Key Pair that must be kept secret.

Public Key

The Key in an asymmetric Key Pair which may be made public.

Public Key Cryptography Standards

A set of standards for managing Digital Certificates, Keys and associated data.

Public Key Infrastructure

The combination of hardware, software, people, policies and procedures needed to create, manage, store and distribute Keys and Digital Certificates based on public Key cryptography.


See 'Registration Authority'.


Redundant Array of Independent Disks


See 'Root Certification Authority'.


The process for collecting and processing applications for Digital Certificates.

Registration Authority

An Organisation that processes requests for the registration and revocation of X.509 v3 Digital Certificates. The Registration Authority digitally signs relevant requests, using its Private Key, and forwards them to the Certification Authority. The Registration Authority may also be responsible for the secure distribution of Digital Certificates to Certificate Holders.

Relying Party

An individual or entity to whom a Digital Certificate is presented and who acts in reliance on the Certificate presented.


In relation to a Digital Certificate - the process whereby a Certificate is re-issued to the Certificate Holder prior to its expiry. AUSkey Certificates are generally renewed automatically, through the generation of a new Key Pair and issuing a new Certificate that certifies the new Public Key.


In relation to a Digital Certificate - to terminate the Certificate prior to the end of its operational period.


Internet Engineering Task Force's Request for Comment 3647 Internet X.509 PKI Certificate Policy and Certification Practices Framework.

Root Certification Authority (RCA)

A Certification Authority that is the top most Certification Authority in a trust hierarchy.


See 'Software as a Service'.


Security Assertion Mark-up Language


Standard Business Reporting (program)

SBR-enabled business software

A commercial software package that supports the secure lodgment of forms, using AUSkey Certificates, through the Trust Broker.


Security Construction Equipment Committee

Self-Signed Certificate

A Digital Certificate where the Subject Distinguished Name identifies the Issuer of that Certificate.

Software as a Service

A software distribution model in which applications are hosted by a vendor or service provider and made available to customers over a network, typically the Internet.

Subject Distinguished Name

A field in a Digital Certificate that uniquely identifies the individual (or, in the case of a Device Certificate, the Device) associated with the Private Key for that certificate.

Trust Broker

An Organisation which provides a service that checks the validity status of a Digital Certificate and retrieves identity information relating to that certificate. For AUSkey, the Trust Broker is the Department of Industry.


Universal Serial Bus


The Certificate Holder of an AUSkey Standard Certificate who does not have administrator level privileges in relation to that certificate (see 'AUSkey Manager').

X.509 and X.509 v3

The international standards for the framework for Public Key Certificates. It is part of wider group protocols from the International Telecommunication Union-T X500 Directory Services Standards.

Last modified
19 Feb 2019