Following options are activeVocabulary

An alphabetical list of terms used in SeaCat documentation.


Application is a computer program. It could be a mobile, IoT or M2M application running on an endpoint device (e.g. mobile phones, smart IoT/M2M devices, handhelds, tablets and computers).

Application Backend

Application Backend provides services (e.g. web services/pages, APIs) for Application (e.g. SOAP Web Service, DB Access, etc.). Every provided service uses one or multiple ports and different protocols such as HTTP, HTTPS, Oracle RPC, ESB, etc. It is the point from/to where Clients receive/send the data. It is installed on Host.

Application Instance

Application Instance is one particular Application running on a particular device.

Application ID

Application ID is a unique identifier of Application. Android Application uses package name as Application ID, iOS Application uses bundle ID. Both package name and bundle IP should look like


Client is any Application with integrated SeaCat SDK (e.g. mobile device, IoT/M2M device or server). Client is identified by Client Certificate.

Client Certificate

Client Certificate is a X.509 v3 digital certificate for Client identification.

Client Certificate Signing Request (CSR)

Client Certificate Signing Request - PKCS #10 is a signing request to Certificate Authority. At the end of the Certificate Authority signing process, Client has Client Certificate.

Client Connection

Client Connection is a network link over Public Networks between Application and SeaCat Gateway.

Concurrent Client Connection

Concurrent Client Connection is the number of currently established Client Connections between Client and SeaCat Gateway. Knowing the expected maximum Concurrent Client Connections is necessary for sizing the hardware performance of on-premise SeaCat Gateway Host.

Demilitarized Zone (DMZ)

Demilitarized Zone is a logical or physical network directly connected to both Public and Private Networks. Firewalls are typically installed on both sides of Demilitarized Zone to control and grant/refuse access. Every network connection from Public and Private Network has to be terminated inside Demilitarized Zone to protect local resources from cyber threats.

Discover Service

Discover Service is a DNS-based authority that pairs Applications to desired SeaCat Gateway based on Application ID.

External Host

External Host is any Host connected via Public Network (e.g. payment gateway API).


Host represents a virtualized or a physical server appliance with installed Application Backend. The Application Backend is installed on Host.

Host Connection

Host Connection is a network link, typically in Private Network, between SeaCat Gateway and Host. Its encryption level and used protocol are up to the ability of Application Backend.

Permanent Storage

Permanent Storage is a secure space used by SeaCat SDK to store operational information, file-based data or databases.

Public Key Infrastructure (PKI)

PKI is a set of assets that create, manage, distribute, use, store, and revoke digital certificates in addition to managing public-key encryption.

Public Network

Public Network is any data network accessible by guests or not under administration (e.g. the Internet, Internet service provider’s networks).

Public Network Interface

Public Network interface is used for communication over unsecured Public Networks such as the Internet or Internet service providers’ networks.

Private Network

Private network is any data network with known devices and configurations. Private Network is accessible only to authorized users.

Private Network Interface

Private Network interface is used for communication between SeaCat Gateway and Application backends.


SeaCat is an application security platform for mobile, IoT and M2M applications.

SeaCat CA Tool

SeaCat CA Tool offers a command-line interface for manipulating Certificate Signing Requests and Client Certificates. By default, SeaCat CA Tool is detached from SeaCat Gateway. In Simplified Certificate Authority scenario, SeaCat CA Tool is installed on the same server as SeaCat Gateway. SeaCat CA Tool is distributed together with SeaCat Gateway in the distribution archive.

SeaCat Gateway

SeaCat Gateway is a server software that acts as a security gate between Host (application backend) and Client (client’s application).

SeaCat Gateway Certificate

SeaCat Gateway Certificate is an X.509 v3 digital certificate that uniquely identifies SeaCat Gateway. It is used for Client Certificate Signing Request signing in simplified CA Scenario.

SeaCat SDK

SeaCat SDK is a library of functions included in Client Application. SeaCat SDK is responsible for establishing Client Connection between Client and SeaCat Gateway. It has access to Permanent Storage.


User represents the particular person who works with Application.