Building peace in the minds of men and women

Internet Governance Glossary - 2. Infrastructure and standardization

2.1 World Wide Web / WWW / Web

The most popular of all Internet services and applications (often used interchangeably with the Internet) that provides users with the ability:
•to access information and services while connected to the Internet,
•to publish information, and
•to offer services that can be accessed by anybody else in the Internet.


The World Wide Web is one of the biggest services running on the Internet. The multitude of other services implemented over the Internet includes e-mail, file transfer, voice over IP (VOIP), digital TV, remote computer control, newsgroups, and online games.

2.2 Telecommunication infrastructure

System of transmission media – such as telephone wires, fibre-optic cables, satellites, microwaves, and wireless links – on which communication services can be set up thus facilitating today’s convergence of Internet, telecommunication and multimedia technology and applications.


The key international organisations involved in the regulation of telecommunications and telecommunication infrastructures include the International Telecommunication Union (ITU), and the World Trade Organisation (WTO). In addition to legal and economic regulations there are numerous technical standards.

2.3 Technical standard

Authoritative document with technical regulations necessary to ensure the smooth technical interoperability of the Internet.


The technical standards of the Internet include many interdependent technical rules, specifications or guidelines covering also aspects of interoperability, accessibility and. The most important software standards for the Internet are comprised in the Internet Protocol Suite (TCP/IP).

2.4 Critical Internet infrastructure

Collective term for all hardware and software systems that constitute essential components in the operation of the Internet.


Physical transmission lines of all types, such as wired, fiber optic and microwave links, along with routing equipment, the accompanying critical software services like the Domain Name System (DNS), e-mail, website hosting, authentication and authorization, storage systems, and database servers are considered critical Internet components. If any of these systems and services were to be interrupted for a significant period of time … [t]he we know it would collapse

2.5 Internet access

Access to the Internet comprising at least three main aspects:

  • technically speaking referring to the bandwidth of the access (which may be narrowband or broadband)
  • socio-economically speaking referring to the access by passive users (e.g. households) or active users (e.g. businesses, etc.),
  • eAccessibility, i.e. access by persons with disabilities (PwD).

In connection with Internet access, universal access is a major policy issue aiming at facilitating or even guaranteeing access for everybody to the Internet and information and communication technology (ICT).

2.6 Mobile Web / Mobile Internet

Refers to access to the World Wide Web (WWW) by means of the use of browser-based Internet services, from a handheld mobile device (such as a smartphone or a feature phone), a notebook or a tablet computer etc., connected to a mobile network or other wireless network.

2.7 Critical Internet resources / CIR

Collective term for all main technical, information and service resources accessible through or constituting the Internet.


Under a legitimate “Internet for all” aspiration linked to the prospects of development and democratic citizenship the Internet has become a critical resource of its own to be managed with a maximum of rights and services subject to a minimum of restrictions and a level of security which users are entitled to expect, which make the lives of people, communities and groups more fulfilling.

2.8 Broadband

Bandwidth for high-speed access to the public Internet at downstream speed equal to, or greater than 256 kbit/s


Fixed or wired broadband can include for example cable modem, DSL, fibre-to-the-home/building and other fixed broadband subscriptions. Wireless broadband can include satellite Internet, terrestrial fixed wireless and fixed WiMax and fixed wireless access; it also includes broadband terrestrial mobile wireless access. All of the above are based on technical standards.

2.9 Bandwidth management

Traffic management process of measuring and controlling the communications (traffic, packets etc.) on a network link, to avoid filling the link to capacity or overfilling the link, which would result in network congestion and poor performance of the Internet.


One of the main aspects of bandwidth management is routing.

2.10 Routing

Bandwidth management process designed to send a data packet over multiple networks using packet switching technology and routing information to make decisions.


Generally speaking traffic management is becoming increasingly sophisticated with respect to routing Internet traffic in the most optimal way in order to provide quality of service.

2.11 Quality of service / QoS

Measure of overall network performance that reflects the quality and reliability of a connection commonly seen as the guaranteed minimum level of performance by the users of the network.


In packet-switched networks like the Internet with its abounding multimedia content and delay-sensitive applications, QoS is affected by various ‘human’ or ‘technical’ factors, resulting among others in the following problems as seen from the point of view of the sender and receiver:

  • Low throughput,
  • Dropped packets,
  • Errors,
  • Latency,
  • Jitter,
  • Out-of-order delivery.
2.12 Content delivery network / Content distribution network / CDN

Large distributed system of servers deployed in multiple data centers across the Internet.


The goal of a CDN is to serve content to end-users with high availability and high performance. CDNs serve a large fraction of the Internet content today, including web objects (text, graphics and scripts), downloadable objects (media files, software, documents), applications (e-commerce, portals), live streaming media, on-demand streaming media, and social networks.

2.13 Cloud computing

Information and communication technology (ICT) service of delivering application software, services or content to end users via network access to a scalable and elastic pool of shareable physical or virtual resources with on-demand self-service provisioning and administration.

2.14 Internet architecture

Model communications infrastructure consisting – besides its telecommunication infrastructure – of a layered system of protocols that control various aspects of the Internet architecture.


The Internet architecture comprises the following layers of protocols:

  • Application layer,
  • Transport layer,
  • Internet layer,
  • Network access layer.

At each layer various technical protocols are working based on rigorously developed technical standards dividing methods into a layered system of protocols. The Internet Protocol Suite (TCP/IP) is the most important set of protocols of this layered system of protocols.

2.15 Internet backbone

High-speed transmission lines that connect Internet service providers (ISP) to each other, allowing them to offer their customers Internet access

2.16 Internet backbone provider / Internet bandwidth provider / IBP

Organization that supplies the bandwidth capacities to other information and communication technologies (ICT) service providers.


These high-speed transmission lines are known as Internet Backbone.

2.17 Internet service provider / ISP

Organization which provides Internet access to organizations and/or individuals and is interconnected to other ISPs by high-speed transmission lines supplied by Internet backbone providers (IBP).


Internet service providers’ services may include web hosting, email, VoIP (voice over IP), and support for many other applications. In order to guarantee quality of service (QoS), ISPs are using various broadband management techniques prioritizing certain traffic.

2.18 Internet exchange point / IXP

Physical infrastructure through which Internet service providers (ISP) exchange Internet traffic between their networks (autonomous systems).


Internet exchange points (IXP) reduce the traffic portion of an Internet service providers’ (ISP) which must be delivered via their upstream transit providers, thereby reducing the average per-bit delivery cost of their service. Furthermore, the increased number of paths learned through the IXP improves routing efficiency and fault-tolerance.

2.19 Internet Protocol Suite

Computer networking model and communication protocols combining numerous technical standards used in the Internet and other networks based on the Internet Protocol Suite.


The Internet Protocol Suite is the most important set of protocols of the Internet (collectively called Transmission Control Protocol and Internet Protocol Suite – TCP/IP) and allows large, geographically diverse networks of computers to communicate with each other quickly and economically over a variety of physical links. It is maintained and developed by the Internet Engineering Task Force (IETF).

2.20 Internet Protocol / IP

Main internetworking technical standard underlying the Internet that specifies how data is moved through it based on three principles: packet-switching, end-to-end networking, and robustness.


The IP is implemented in two versions, IPv4 and IPv6 both based on technical standards of which different implementations exist. It is often used interchangeably to the Transmission Control Protocol and Internet Protocol Suite (TCP/IP).

2.21 IPv4 / Internet Protocol version 4

Connectionless internetworking protocol version 4 in the Internet’s Internet Layer supporting 32-bit IP addresses which allows for approximately 4 billion unique IP addresses.


IPv4 as used on packet-switched networks operating on a best effort delivery model is still dominantly in use today, the number 4 is the protocol version number carried in every IP datagram.

2.22 IPv6 / Internet Protocol version 6

Version 6 of the internetworking protocol that provides an identification and location system for computers on networks and routes traffic across the Internet.


IPv6 is IPv4’s successor protocol for 128-bit IP addresses, allowing 2128, or more than 7.9×1028 times as many IP addresses as IPv4.

2.23 IP address / Internet Protocol address

Unique numerical address for every computer by which a location in the Internet is identified.


Computers on the Internet use IP addresses to route traffic and establish connections among themselves; people generally use the human-friendly domain names made possible by the Domain Name System.

2.24 Regional Internet Registry / RIR

Internet registry responsible for the allocation of IP address resources within a particular region.


There are five RIRs, to whom network operators apply to get IP address blocks allocated: Europe: RIPE NCC, Africa: AFRINIC, Asia: APNIC, North America: ARIN, and Latin America: LACNIC.

2.25 Local Internet Registry / LIR

Internet registry (IR) that primarily assigns address space to the users of the network services that it provides.


LIRs are generally Internet service providers (ISP) receiving IP numbers – to be used as IP addresses – from a regional Internet registry (RIR); their customers are primarily end users and possibly other ISPs.

2.26 National Internet Registry / NIR

Internet registry (IR) that distributes IP numbers – to be used as IP addresses – received from a RIR to smaller Internet service providers (ISP), companies, and individuals.

2.28 Registrars

Entity or individual holding a domain name.

2.29 Registrant

Organization which handles the registration of domain names for entities or individuals.

2.30 Domain Name System / DNS

System allowing a familiar string of letters (the domain name) to be used in addition to the IP address thus helping users to find their way around the Internet.


The IP address, being unique for every computer, is a rather complicated string of numbers hard to remember; therefore, the mnemonic device of the DNS makes using the Internet easier. So instead of typing, you can type

2.31 Country code top-level-domain / ccTLD

top-level-domain (TLD) which designates a specific country or special area of geographical interest, such as .uk (United Kingdom), .cn (China), .in (India).


ccTLD are managed according to the international standard ISO 3166 (multipart) “Codes for the representation of names of countries and their subdivisions”. Some ccTLD are still managed by a variety of institutions or individuals that received accreditation in the early days of the Internet, when some governments were not all that interested in such matters.

2.32 Generic top-level-domain / gTLD

top-level-domain (TLD) which includes domains that could be obtained by anyone, such as: .com, .info, .net, and .org.


For each gTLD there is one generic top-level-domain registry that maintains an address list. The salesman function of the registry is performed by registrars; for example, the .com gTLD is managed by VeriSign. ICANN provides overall coordination of the domain name system (DNS) by concluding agreements and accrediting registries and registrars.

2.33 Internationalized Domain Name / IDN

Domain name that includes characters used in the local representation of languages that are not written with the twenty-six letters of the basic Latin alphabet


An IDN can contain Latin letters with diacritical marks, as required by many European languages, or may consist of characters from non-Latin scripts such as Arabic or Chinese.

2.34 Domain Name System security extensions / DNSSEC

Suite of Internet Engineering Task Force (IETF) specifications for securing certain kinds of information provided by the Domain Name System (DNS) as used on the Internet and networks based on the Internet Protocol Suite.


The Domain Name System security extensions are a set of extensions to the Domain Name System (DNS) which provide to DNS clients (resolvers) origin authentication of DNS data, authenticated denial of existence, and data integrity, but not availability or confidentiality.

2.35 Cybersecurity

Collective for a broad range of issues from IT security, via information or content security, to security against Internet misuse and cybercrime.


As the Internet architecture was not designed with cybersecurity in mind, incorporating security protection requires substantial changes to the very basis of the Internet, the TCP/IP, including among others:

  • Security by design
  • Security architecture
  • Hardware mechanisms that protect computers and data
  • Secure operating systems
  • Secure coding
  • Capabilities and access control lists.

The balance between cybersecurity and human rights, especially the right to privacy, anonymity and freedom of expression, is in constant flux.

2.36 Information Security

Sum of the processes and technologies used to protect information assets from unauthorized acquisition, disclosure, manipulation, modification, or damage and loss.


Information security on the one hand refers to the act of ensuring that data is not lost when critical issues arise, such as: natural disasters, computer/server malfunction, physical theft, or any other instance where data has the potential of being lost. On the other hand it refers to unauthorized access, use, disclosure, disruption, modification, perusal, inspection, recording or destruction.

2.37 Security management

Identification of an organization information and communication technology (ICT) assets as well as information assets, followed by the development, documentation, and implementation of policies and procedures for protecting these assets.


Security might not bring monetary gain but it does prevent monetary loss and other damages. Organizations and states increasingly develop services capable of stimulating an economy by having a good cybersecurity approach. “Therefore, security management must be a dynamic process – one that is constantly evolving to counteract the evolution of security risks.

2.38 Authentication

Trust-based identity attribution, providing a codified assurance of the identity of one entity (viz. a person or an organization) to another.


Authentication of individuals on the Internet by means of eSignature affects many aspects, including jurisdiction, cybercrime, and eCommerce.

2.39 Encryption

Scrambling of electronic documents (for instance by using cryptography techniques) and communication into an unreadable format which can be read only through the use of a decryption software.


Traditionally, governments were the only players who had the power and the know-how to develop and deploy powerful encryption in their military and diplomatic communications.

2.40 Decryption

Inverse operation to encryption.

2.41 Cryptography

Refers to techniques for secure communication in the presence of third parties by constructing and analyzing protocols that overcome the influence of third parties.

2.42 public-key infrastructure / PKI

System supporting the implementation of asymmetric (public key) encryption, including, inter alia, management and distribution of encryption keys and digital certificates.


PKI is a maximalist approach specifying a framework and procedures for eSignatures, including cryptography and the use of public key identifiers. This approach usually specifies the establishment of dedicated digital certificate authorities, which can certify future users of eSignatures.

2.43 Digital certificate

Electronic document used to prove ownership of a public key including information about the key, its owner's identity, and the eSignature of an entity that has verified the certificate's contents are correct.

2.44 eSignature / Digital signature

Result of a cryptographic transformation of data that, when properly implemented with supporting infrastructure and policy, provides for a digital message or document the services of origin authentication, data integrity and signer non-repudiation.


A valid eSignature gives a recipient reason to believe that the message was created by a known sender, such that the sender cannot deny having sent the message (digital authentication and non-repudiation) and that the message was not altered in transit (data integrity).