RHEMATI Glossary
The ontology of concepts governing our engineering culture, methodologies, and high-availability suite of services.
83 Conceptos
- Autonomous Agents
- Cognitive autonomous entities based on advanced language models operating under the Model Context Protocol (MCP) standard, executing deterministic logical workflows in enterprise environments via the Observe-Think-Act loop.
- ANCI (National Cybersecurity Agency)
- The regulatory cybersecurity governing body in Chile established by Framework Law No. 21,663, responsible for oversight, auditing, and sanctioning of essential and vital services.
- API-First
- A software development approach that prioritizes the design and specification of APIs as long-lived contracts before coding the business logic, facilitating seamless integration and parallel development.
- Enterprise Identity Management (IAM)
- A security and business process framework that manages and audits the lifecycle of identities, profiles, access levels, and permissions under the principle of least privilege across all corporate systems.
- CSP base-uri
- A Content Security Policy directive that restricts the endpoints to which the browser can send form submissions or other data flows via the HTML base element, preventing URI injection attacks.
- Enterprise Blockchain
- A corporate-grade distributed and decentralized ledger that records transactions and data immutably and transparently under robust cryptographic consensus mechanisms.
- Bulkhead Pattern
- A resilience pattern inspired by ship bulkheads that isolates system resources (such as thread pools or memory) to prevent a failure in a third-party service from exhausting other resource pools.
- Circuit Breaker
- A design pattern that temporarily halts requests to an external service experiencing recurring failures, preventing the saturation of the system's main execution threads and allowing graceful recovery.
- Clean Architecture
- A software design philosophy proposed by Robert C. Martin that promotes the strict separation of concerns in concentric layers, where source code dependencies only point inward, isolating the domain core from infrastructure details.
- Cloud Native
- An approach to designing, building, and operating applications optimized to run scalably and resiliently in cloud computing environments using containers, orchestrators, and microservices.
- CMEK (Customer-Managed Encryption Keys)
- A security mechanism enabling an organization to control and manage its own cryptographic keys used to encrypt and decrypt cloud data, ensuring absolute access control.
- Concurrency
- The ability of software systems to execute multiple tasks and process execution threads simultaneously, optimizing hardware resource utilization on multi-core processors.
- Content Security Policy (CSP)
- A security HTTP header that instructs the browser which resources (scripts, styles, images) the website is allowed to load and execute, radically mitigating Cross-Site Scripting (XSS) attacks.
- Core Loop (Value Cycle)
- A symmetrical three-step interactive cycle (represented by infinitively styled action verbs) governing the operational delivery of every RHEMATI service, allowing clients and teams to immediately grasp the workflow and its impact.
- Decentralized Applications (dApps)
- Software applications whose business logic and state run on distributed networks and cryptographic smart contracts, ensuring absolute immutability and transparency.
- Data Fabric
- A unified data architecture that intelligently connects multiple data sources and storage types, providing secure, real-time access to information through integrated metadata management.
- Data Sovereignty
- A legal and technical principle establishing that digital data stored and processed in a cloud infrastructure is subject to the privacy and security laws of the country where the hardware physically resides.
- Database Sharding
- A horizontal data partitioning pattern that splits a large database into smaller, distributed chunks across multiple physical servers, optimizing high-scale read and write operations.
- Domain-Driven Design (DDD)
- A design methodology focused on aligning the software model and architecture with the business domain semantics, establishing clear boundaries (Bounded Contexts) and a shared ubiquitous language between developers and domain experts.
- Decentralized Finance (DeFi)
- An ecosystem of financial services without intermediaries (banks) built on blockchain protocols and autonomous smart contracts, eliminating entry barriers and counterparty risks.
- DevSecOps
- An automation and software culture methodology that integrates automated cybersecurity checks and audits throughout the development and continuous delivery pipeline (Shift-Left).
- Distributed Cache
- A shared in-memory data storage layer spanning multiple servers or clusters, dramatically reducing API latency and database query workloads.
- DKIM (DomainKeys Identified Mail)
- An email authentication protocol that adds a cryptographic digital signature to emails, verifying they were sent by the domain owner and not altered in transit.
- DMARC (Domain-based Message Authentication)
- An email authentication policy and reporting protocol that determines how receivers handle emails failing SPF/DKIM validation under the domain owner's rules.
- DNSSEC
- A suite of security extensions to the Domain Name System (DNS) that cryptographically signs DNS records, guaranteeing the authenticity and integrity of IP resolution.
- Enterprise Document Manager
- A centralized platform for storing, semantically indexing, and versioning technical and corporate documentation, equipped with encryption at rest, strict retention policies, and fully audited access.
- eBPF (Extended Berkeley Packet Filter)
- A next-generation technology embedded in the Linux kernel that allows running isolated microprograms non-intrusively within the OS, providing real-time observability, telemetry, and security with zero impact on performance.
- eBPF Security Observability
- Using Linux kernel microprograms to monitor system calls and network operations asynchronously, enabling real-time intrusion detection with zero overhead.
- Event-Driven Architecture (EDA)
- A software architecture pattern where components of a distributed system communicate asynchronously by producing, detecting, and consuming discrete events, maximizing scalability and decoupling.
- Failover
- An automatic backup mechanism that transparently redirects user requests to secondary servers or data centers when the primary node experiences an outage or becomes unavailable.
- Fallback Pattern
- A design mechanism that provides a default or degraded response (such as cached or static data) when a primary backend service or external API fails to respond within a specified timeout limit.
- Framer Motion
- A declarative animation library for React interfaces that facilitates the creation of fluid and interactive micro-interactions for the user without overloading the CPU execution thread.
- GDPR / LGPD Compliance
- Strict adherence to personal data protection regulations of the European Union and Latin America, guaranteeing privacy rights, transparency, and information self-determination.
- GitOps
- An operational methodology that uses Git repositories as the single source of truth for declaratively defining and automatically reconciling the state of infrastructure and applications.
- GraphQL
- An API query language that allows clients to declare exactly the data structure they need from the server, eliminating overfetching and underfetching issues.
- gRPC
- An open-source, high-performance RPC (Remote Procedure Call) framework developed by Google that runs over HTTP/2 and uses Protocol Buffers for ultra-fast binary serialization.
- Harvester HCI
- An open-source hyperconverged infrastructure (HCI) platform built on Kubernetes that simplifies the unified orchestration of traditional virtual machines and native containers.
- Hexagonal Architecture
- A software architecture pattern (also known as Ports and Adapters) that strictly isolates core domain business rules from any dependency on infrastructure, databases, or external APIs, enabling long-term testability and maintainability.
- HIPAA Compliance
- The US Health Insurance Portability and Accountability Act defining strict privacy and security standards to protect sensitive health data (ePHI) from unauthorized access.
- Honeypot
- A defensive security technique that exposes dummy vulnerable components (such as form fields hidden from users) to attract, detect, and proactively block spambots and automated attacks.
- HSTS (HTTP Strict Transport Security)
- A cybersecurity HTTP header that forces browsers to interact with the domain exclusively over encrypted, secure HTTPS connections for the specified duration.
- Infrastructure as Code (IaC)
- The practice of provisioning and managing computing resources using versioned scripts and declarative files rather than manual, interactive configurations.
- ISO/IEC 27001
- The global standard for Information Security Management Systems (ISMS) defining structured policy frameworks to ensure data confidentiality, integrity, and availability.
- ISO/IEC 42001
- An international standard specifying requirements for establishing, implementing, and auditing an ethical, transparent, and secure Artificial Intelligence Management System (AIMS).
- Kubernetes (K8s)
- An industrial-grade container orchestrator that automates deployment, scaling, resource allocation, and management of containerized applications in multi-cloud environments.
- Largest Contentful Paint (LCP)
- A critical loading speed and user experience metric measuring the time required to render the largest visible element of the interface within the user's viewport.
- Framework Law on Cybersecurity (Law No. 21,663)
- Pioneering Chilean legislation establishing the National Cybersecurity Agency (ANCI) and defining operational incident reporting requirements for essential services.
- Data Protection Law (Law No. 21,719)
- Chilean legislation aligning privacy requirements with European standards (GDPR), enforcing ARCO rights and setting heavy penalties for data breaches.
- LLMOps
- A set of practices, tools, and automation workflows (CI/CD) applied to the deployment, monitoring, fine-tuning, and quality control of Large Language Models (LLMs) in scalable and secure enterprise infrastructures.
- Enterprise Logging & Auditing
- A structured observability ecosystem that records all business and system actions immutably and chronologically, ensuring forensic traceability, proactive threat detection, and global security compliance.
- Model Context Protocol (MCP)
- An open standard protocol that defines how foundation AI models secure, connect, and interact with external data sources, enterprise tools, and APIs in a structured way.
- Message Broker / Message Queues
- An intermediary system that receives, routes, and delivers messages asynchronously among different software components in distributed, decoupled architectures.
- Microservices
- A software architecture style that decomposes a monolithic application into a set of autonomous, modular services that are independently deployable and focused on specific business capabilities.
- Multi-Agent Systems (MAS)
- A computational ecology where multiple autonomous AI agents with complementary skills collaborate and exchange messages to resolve complex workflows in a distributed manner.
- NIST Framework
- A cybersecurity framework developed by the US National Institute of Standards and Technology providing structured guidelines to identify, protect, detect, respond, and recover critical assets from security incidents.
- OAuth 2.0 / OIDC
- Industry-standard protocols for authorization and decentralized federated authentication, enabling secure exchange of identity profiles using cryptographic JWT tokens.
- OpenAPI
- A language-agnostic, standardized specification for describing RESTful APIs, allowing automation of documentation, design, client generation, and API contract testing.
- OWASP Top 10
- A cybersecurity industry reference document classifying and ranking the ten most critical and widely exploited web application vulnerabilities and attack vectors globally.
- PCI-DSS Compliance
- Payment Card Industry Data Security Standard defining strict security requirements and audits to safeguard payment transaction data and prevent financial fraud.
- Proof of Stake (PoS)
- A blockchain cryptographic consensus mechanism where validators secure the network and create new blocks proportionally to the amount of digital assets they lock in staking.
- Prompt Engineering
- The discipline of designing, refining, and structuring inputs and system instructions deterministically to maximize the quality and accuracy of foundation AI model responses.
- Progressive Web App (PWA)
- A technology enabling web applications to behave like native desktop or mobile apps, allowing direct installation, offline operation, and push notifications.
- Role-Based Access Control (RBAC)
- A security mechanism restricting system access exclusively to authorized users based on their assigned roles and privileges within the organization.
- Enterprise RAG (Retrieval-Augmented Generation)
- An AI architecture combining the generative capabilities of LLMs with secure, indexed corporate knowledge bases (e.g., vector databases), enabling contextual, auditable, and hallucination-free answers.
- Rancher
- An enterprise Kubernetes management platform that simplifies multi-cluster and multi-cloud operations, security enforcement, and configuration consistency across the entire organization.
- Resilience
- The intrinsic capability of a technical infrastructure and software architecture to withstand adverse operating conditions, absorb external API anomalies or outages, and self-recover without disrupting the service.
- Retry Pattern
- A resilience pattern that automatically and transparently retries failed requests to external services using exponential backoff and jitter to mitigate transient network errors.
- Robustness
- A measure of the ability of software and infrastructure to correctly and predictably process erroneous inputs, unexpected events, and extreme network or concurrency conditions without state corruption.
- SAIF (Secure AI Framework)
- A conceptual cybersecurity framework for AI systems developed by Google, detailing best practices to safeguard machine learning platforms from adversarial threats.
- Scalability
- A system quality attribute describing the ability to handle a proportional increase in load (network requests, data volume) by dynamically adding compute resources horizontally or vertically without degrading performance.
- SDA (Specification-Driven Architecture)
- RHEMATI's proprietary engineering framework prioritizing the definition of robust, immutable OpenAPI/GraphQL contracts and schemas before coding, eliminating technical debt and guaranteeing complete decoupling.
- Specification-Driven Development (SDD)
- A methodological approach where technical specifications and system contracts (OpenAPI, schemas, declarations) act as immutable contracts signed before business logic coding begins, resolving design debt.
- Security by Design
- A cybersecurity approach establishing that software design and system architecture must be intrinsically secure from the ground up, rather than adding reactive security patches after construction.
- Smart Development Architecture / Agile SDA
- RHEMATI's agile methodological ecosystem orchestrating software development through continuous contract design cycles, unit test automation, and declarative incremental GitOps deployments under autonomous AI agent supervision.
- Smart Contracts
- Autonomous, unalterable cryptographic programs deployed on blockchain networks that self-execute when predefined contractual conditions are met, eliminating intermediaries and counterparty risks.
- SOC 2 Type II
- A corporate cybersecurity audit standard from AICPA evaluating operational control effectiveness regarding security, availability, integrity, confidentiality, and data privacy over time.
- Solana Web3
- An ultra-high performance blockchain network with sub-second latencies optimized for decentralized financial dApps and high-scale micropayments, built on the Proof of History (PoH) consensus mechanism.
- SPF (Sender Policy Framework)
- An email validation protocol designed to detect email spoofing by allowing domain owners to specify which IP addresses are authorized to send mail.
- Sustainable Software Engineering
- A development discipline focused on minimizing the carbon footprint, CPU energy consumption, and network transfer sizes of running software applications.
- Test-Driven Development (TDD)
- A software engineering methodology that reverses the traditional development cycle: write an automated test first, verify its failure, and then write only the clean production code required to make the test pass.
- TLS 1.3
- The most secure and performant version of the Transport Layer Security cryptographic protocol, streamlining connections to a single round-trip handshake (1-RTT) while deprecating legacy cipher suites.
- WAF (Web Application Firewall)
- A perimeter security system placed before web applications to filter, monitor, and block malicious HTTP/S traffic, safeguarding from SQL injection and XSS exploits.
- Zero Trust
- A modern cybersecurity paradigm founded on the principle that no entity (internal or external) is trusted by default, requiring continuous, strict authentication and inspection at every layer and microservice.
