![[AIX Solaris HP-UX Linux Windows]](../images/dist.gif)
Glossary
- authentication
- In computer security, verification of the identity of a user or
the user's eligibility to access an object.
- cache
- To place, hide, or store frequently used information locally for
quick retrieval.
- cache accelerator
- Provides support for caching on multiple Web servers and on servers
with multiple IP addresses.
- certificate authority (CA)
- In computer security, an organization that issues certificates.
The certificate authority authenticates the certificate owner's identity
and the services that the owner is authorized to use. It also manages
the issuance of new certificates and revokes certificates from unauthorized
users who are no longer authorized to use them. A certificate authority
is considered to be trusted when a user accepts any certificate issued
by that certificate authority as proof of the certificate owner's
identity.
- certificate revocation list (CRL)
- A list of certificates that need to be revoked before their expiration
date.
- cipher
- In Cryptographic Support, data that is unintelligible to all except
those who have the key to decode it to plaintext.
- cipher specifications
- Indicate the data encryption algorithm and key size to use for
secure connections.
- cryptographic support
- The IBM® licensed program that provides support for
the encryption and decryption of data, according to the Data Encryption
Algorithm, and for the management of cryptographic keys and personal
identification numbers (PINs).
- Data Encryption Standard (DES)
- In computer security, the National Institute of Standards and
Technology (NIST) Data Encryption Standard, adopted by the U.S. government
as Federal Information Processing Standard (FIPS) Publication 46,
which allows only hardware implementations of the data encryption
algorithm.
- digital certificate
- A form of personal identification that can be verified electronically.
Only the certificate owner who holds the corresponding private key
can present a certificate for authentication through a Web browser
session. Anyone can verify that the certificate is valid by using
a readily available public key.
- digital signature
- Information that is encrypted with an entity private key and is
appended to a message to assure the recipient of the authenticity
and integrity of the message. The digital signature proves that the
message was signed by the entity that owns, or has access to, the
private key or shared secret symmetric key.
- directive
- A statement that is used in the configuration file for a Web
server to define a particular setting for the server.
- distinguished name (DN)
- In computer security, information that uniquely identifies the
owner of a certificate.
- dynamic shared object (DSO)
- A mechanism which provides a way to build a piece of program code
in a special format for loading at run time into the address space
of an executable program. The DSO gets knowledge of the executable
program symbol set as if it had been statically linked with it in
the first place
- encrypt
- In Cryptographic Support, to systematically scramble information
so that it cannot be read without knowing the coding key.
- environment variable
- A variable that specifies how an operating system or another
program runs, or the devices that the operating system recognizes.
- Fast Common Gateway Interface Protocol (FastCGI)
- The Fast Common Gateway Interface (FastCGI) is an enhancement
to the existing Common Gateway Interface (CGI), which is a standard
for interfacing external applications with Web servers.
- handshake
- A Secure Sockets Layer (SSL) session always begins with an exchange
of messages called the SSL handshake. The handshake allows the server
to authenticate itself to the client by using public key techniques,
and then allows the client and the server to cooperate in the creation
of symmetric keys used for rapid encryption, decryption, and tamper
detection during the session that follows. Optionally, the handshake
also allows the client to authenticate itself to the server.
- Java
- An object-oriented programming language for portable interpretive
code that supports interaction among remote objects. Java was developed and specified by Sun Microsystems,
Incorporated.
- Java Development Kit (JDK)
- A software package that can be used to write, compile, debug,
and run Java applets and applications.
- Java Runtime Environment (JRE)
- A subset of the Java Development
Kit (JDK) that contains the core executables and files that constitute
the standard Java platform. The JRE includes
the Java Virtual Machine (JVM), core classes, and
supporting files.
- Java Virtual Machine (JVM)
- A software implementation of a central processing unit (CPU) that
runs compiled Java code (applets and applications).
- key
- In computer security, a sequence of symbols that is used with
a cryptographic algorithm for encrypting or decrypting data.
- key database
- Exists as a file that the server uses to store one or more key
pairs and certificates. You can use one key database for all your
key pairs and certificates, or create multiple databases.
- key file
- In the Distributed Computing Environment (DCE), a file that contains
encryption keys for noninteractive principals.
- key pair
- Contains a public, distributed key and a private key. A key pair
is issued by a public key cryptography system and is used in combination
with each other to validate and authenticate a connection between
a client and server for secure connections.
- Lightweight Directory Access Protocol (LDAP)
- In TCP/IP, a protocol that enables users to locate people, organizations,
and other resources in an Internet directory or intranet directory.
- module
- A program unit that is discrete and identifiable with respect
to compiling, combining with other units, and loading.
- password stashing
- The password is encrypted in a file or on a hard drive. Your keydb
password needs to reside in a file in order to use secure sockets
layer (SSL).
- PKCS12
- Sometimes referred to as PFX files; PKCS#12 files are used by
several programs including Netscape, MSIE and MS Outlook.
- plug-in
- A self-contained software component that modifies (adds or changes)
function in a particular software system. When a user adds a plug-in
to a software system, the foundation of the original software system
remains intact. The development of plug-ins requires well defined
application programming interfaces (APIs).
- port
- (1) A system or network access point for data entry or exit. (2)
A connector on a device to which cables for other devices such as
display stations and printers are attached. (3) The representation
of a physical connection to the link hardware. A port is sometimes
referred to as an adapter; however, there can be more than one port
on an adapter. One or more ports are controlled by a single data link
control (DLC) process. (4) In the Internet suite of protocols, a specific
logical connector between the Transmission Control Protocol (TCP)
or the User Datagram Protocol (UDP) and a higher level protocol or
application. (5) To modify a computer program to enable it to run
on a different platform.
- port number
- In the Internet suite of protocols, the identifier for a logical
connector between an application entity and the transport service.
- private key
- In secure communication, an algorithmic pattern used to encrypt
messages that only the corresponding public key can decrypt. The private
key is also used to decrypt messages that were encrypted by the corresponding
public key. The private key is kept on the user's system and is protected
by a password.
- public key
- In secure communication, an algorithmic pattern used to decrypt
messages that were encrypted by the corresponding private key. A public
key is also used to encrypt messages that only the corresponding private
key can decrypt. Users broadcast their public keys to everyone with
whom they must exchange encrypted messages.
- public key infrastructure (PKI)
- An infrastructure that supports digital signatures and other public
key-enabled security services.
- Secure Sockets Layer (SSL)
- A security protocol that provides communication privacy. SSL
enables client and server applications to communicate in a way that
is designed to prevent eavesdropping, tampering, and message forgery.
SSL was developed by Netscape Communications Corporation and RSA Data
Security, Inc.
- stash file
- A file that hides other data files within.
- symmetric keys
- In computer security, the two keys in a key pair. The keys are
called symmetric because each key holds as much of the encryption
pattern as the other does.
- trust policy
- Contains a trusted list of certificates that are used to control
the trust and validity period of certificates. It enables one to limit
the trust of certificates issued by a certificate authority.
- trusted root
- A certificate signed by a certificate authority (CA), designated
as a trusted CA on your server.
- virtual host
- Refers to the practice of maintaining more than one server on
one machine, differentiated by their apparent host name.
- X.500
- The directory services standard of International Telecommunication
Union (ITU), International Organization for Standardization (ISO),
and International Electrotechnical Commission (IEC).
|
