2. Definitions.-
In these Rules, unless the context otherwise requires,
a. “Act” means the Information Technology Act, 2000 (21 of 2000);
b. “applicant” means Certifying Authority applicant;
c. “auditor” means any internationally accredited computer security professional or agency appointed by the Certifying Authority and recognized by the Controller for conducting technical audit of operation of Certifying Authority;
d. “Controller” means Controller of Certifying Authorities appointed under sub-section (1) of Section 17 of the Act;
e. “Digital Signature Certificate” means Digital Signature Certificate issued under sub-section (4) of section 35 of the Act;
f. “information asset” means all information resources utilized in the course of any organizations business and includes all information, applications (software developed or purchased), and technology (hardware, system software and networks);
g. “license” means a license granted to Certifying Authorities for the issue of Digital Signature Certificates under these rules;
h. “licensed Certifying Authority” means Certifying Authority who has been granted a license to issue Digital Signature Certificates;
i. “person” shall include an individual; or a company or association or body of individuals; whether incorporated or not; or Central Government or a State Government or any of the Ministries or Departments, Agencies or Authorities of such Governments;
j. “Schedule” means a schedule annexed to these rules;
k. “subscriber identity verification method” means the method used to verify and authenticate the identity of a subscriber;
l. trusted person” means any person who has:
(i) direct responsibilities for the day-to-day operations, security and performance of those business activities that are regulated under the Act or these Rules in respect of a Certifying Authority; or
(ii) duties directly involving the issuance, renewal, suspension, revocation of Digital Signature Certificates (including the identification of any person requesting a Digital Signature Certificate from a licensed Certifying Authority), creation of private keys or administration of a Certifying Authority’s computing facilities.
m. words and expressions used herein and not defined but defined in Schedule-IV shall have the meaning respectively assigned to them in that schedule.
