2. Definitions.-
In these Rules, unless the context otherwise require
a. Act” means the Information Technology Act, 2000 (21 of 2000);
b.”Applicant” means Certifying Authority applicant;
c.”Auditor” means any internationally accredited computer security professional or agency appointed by the Certifying Authority and recognized by the Controller for conducting technical audit of operation of Certifying Authority;
d.”Controller” means Controller of Certifying Authorities appointed under sub-section (1) of Section 17 of the Act;
e.”Digital Signature Certificate” means Digital Signature Certificate issued under sub-section (4) of section 35 of the Act;
f.”Information asset” means all information resources utilized in the course of any organizations business and includes all information, applications (software developed or purchased), and technology (hardware, system software and networks);
g.”Licence” means a license granted to Certifying Authorities for the issue of Digital Signature
Certificates under these rules;
h.”Licensed Certifying Authority” means Certifying Authority who has been granted a license to issue Digital Signature Certificates;
i.”Person” shall include an individual; or a company or association or body of individuals; whether incorporated or not; or Central Government or a State Government or any of the Ministries or Departments, Agencies or Authorities of such Governments;
j.”Schedule” means a schedule annexed to these rules;
k.”Subscriber identity verification method” means the method used to verify and authenticate the identity of a subscriber;
l.trusted person” means any person who has:
i.direct responsibilities for the day-to-day operations, security and performance of those business activities that are regulated under the Act or these Rules in respect of a Certifying Authority; or
ii.duties directly involving the issuance, renewal, suspension, revocation of Digital Signature Certificates (including the identification of any person requesting a Digital Signature Certificate from a licensed Certifying Authority), creation of private keys or administration of a Certifying Authority’s computing facilities.
m. words and expressions used herein and not defined but defined in Schedule-IV shall have the meaning respectively assigned to them in that schedule.
