Definitions and Concepts


This chapter is about explaining definitions and concepts used by SBOM Central. Some are common software development concepts, some have a SBOM Central flavor, and others are SBOM Central specific.

Name Topic Description
Active user WebApp A user belonging to a team is automatically set to Active.
Approved License A license can be approved per software component/version.
Artifacts WebApp An artifact is an instance of a component.
Artifact status tags Component The update/version status for individual artifacts.
Component Component A component is a collection of files in a repository, or a collection of other components.
CVE Security Common Vulnerabilities and Exposures
CVSS Security Common Vulnerability Scoring System (external link)
CWE Security Common Weakness Enumeration (external link)
Dependency component. Component or an External component. The dependency/external component is represented with a cloud icon.
Diff License Making a comparison between the license text and the template text.
Exploit Security An exploit is a piece of software, a chunk of data, or a sequence of commands that takes advantage of a bug or vulnerability in an application or a system to cause unintended or unanticipated behavior to occur
Favorites WebApp Favorite pages selected in the user interface.
History WebApp List of events registered in the WebApp.
Index page WebApp Webpage containing a list of pages associated with a topic.
License License A software license is a contract between the entity that created/supplied an application, source code, etc and its end-user. A license has a Name, a Type, and an identifying Text.
License approval License License management: Evaluation and approval for use.
License name License A common name of the license
License source License The source of the license information
License template text License The standard license text for a license type.
License type License A license type is a software license shared by multiple software components.
WebApp WebApp SBOM Central Web application is the core part containing business logic, user interface, data storage, and communications.
Modes of operation WebApp MAIA can operate in Normal or Maintenance mode.
Multitenant WebApp The single instance of the application serves multiple tenants with a common app but where data and configurations are separated (individual databases).
Notifications WebApp A list of real-time notifications to be registered and confirmed.
Outdated WebApp A Delivery report becomes outdated if data related to the report is modified without any changes in the executable code.
Permissions Security A users permissions decides the functionality currently provided to that user.
Permissiveness License A description of how permitting the license is
Recommendation License A general guidance can be set per license type: Approve/Internal use only/Deny
SBOM Dependencies Software Bill-of-Materials. SBOM Central supports the OWASP CycloneDX (external link) standard.
SemVer WebApp Artifact versioning system acknowledged by MAIA (see SemVer)) (external link)
Show page WebApp Webpage containing details about a topic.
Single component Component A component containing a collection of files in a repository. The single component is represented with a cube icon.
SPDX License is a standard identifier for the license type (see SPDX) (external link)
Tags WebApp
Teams WebApp A user belongs to, at least, one team.
Token Security An access token containing the security credentials for a login session and identifies the user, the user's groups, a particular application, etc.
Top component Component
Versioning WebApp SemVer is the artifact versioning system acknowledged by MAIA (see SemVer)) (external link)