A key here means any cryptographic key, anywhere, in the abstract.

An application key is a key that can be loaded into the module with an ACL and accessed via a key handle. This includes the security world administrator keys, most of which would not normally be used directly by customer applications.

Confusingly it also includes some objects that are not really keys at all, such as template keys for key derivation.

A module key is a symmetric key that is persistent within the module. Normally there is no corresponding key handle.

A module private key is an asymmetric key that is persistent within the module. Normally there is no corresponding key handle although it is usually possible to get a key handle to the public half of such keys.

A security world administrator key is an application key or module key used in securing or administering the security world.

A logical token is a key stored either in a cardset or softcard and used to protect application keys or administrator keys.