File name: rihs_gloss.html![[AIX HP-UX Linux Solaris Windows]](../../dist.gif)

Glossary
- authentication
- In computer security, verification of the identity of a user or the user's
eligibility to access an object.
- cache
- To place, hide, or store frequently used information locally for quick
retrieval.
- cache accelerator
- Provides support for caching on multiple Web servers and on servers with
multiple IP addresses.
- certificate authority (CA)
- In computer security, an organization that issues certificates. The certificate
authority authenticates the certificate owner's identity and the services
that the owner is authorized to use. It also manages the issuance of new certificates
and revokes certificates from unauthorized users who are no longer authorized
to use them. A certificate authority is considered to be trusted when a user
accepts any certificate issued by that certificate authority as proof of the
certificate owner's identity.
- certificate revocation list (CRL)
- A list of certificates that need to be revoked before their expiration
date.
- cipher
- In Cryptographic Support, data that is unintelligible to all except those
who have the key to decode it to plaintext.
- cipher specifications
- Indicate the data encryption algorithm and key size to use for secure
connections.
- cryptographic support
- The IBM® licensed
program that provides support for the encryption and decryption of data, according
to the Data Encryption Algorithm, and for the management of cryptographic
keys and personal identification numbers (PINs).
- Data Encryption Standard (DES)
- In computer security, the National Institute of Standards and Technology
(NIST) Data Encryption Standard, adopted by the U.S. government as Federal
Information Processing Standard (FIPS) Publication 46, which allows only hardware
implementations of the data encryption algorithm.
- digital certificate
- A form of personal identification that can be verified electronically.
Only the certificate owner who holds the corresponding private key can present
a certificate for authentication through a Web browser session. Anyone can
verify that the certificate is valid by using a readily available public key.
- digital signature
- Information that is encrypted with an entity private key and is appended
to a message to assure the recipient of the authenticity and integrity of
the message. The digital signature proves that the message was signed by the
entity that owns, or has access to, the private key or shared secret symmetric
key.
- directive
- A statement that is used in the configuration file for a Web server to
define a particular setting for the server.
- distinguished name (DN)
- In computer security, information that uniquely identifies the owner of
a certificate.
- dynamic shared object (DSO)
- A mechanism which provides a way to build a piece of program code in a
special format for loading at run time into the address space of an executable
program. The DSO gets knowledge of the executable program symbol set as if
it had been statically linked with it in the first place
- encrypt
- In Cryptographic Support, to systematically scramble information so that
it cannot be read without knowing the coding key.
- environment variable
- A variable that specifies how an operating system or another program
runs, or the devices that the operating system recognizes.
- Fast Common Gateway Interface Protocol (FastCGI)
- The Fast Common Gateway Interface (FastCGI) is an enhancement to the existing
Common Gateway Interface (CGI), which is a standard for interfacing external
applications with Web servers.
- handshake
- A Secure Sockets Layer (SSL) session always begins with an exchange of
messages called the SSL handshake. The handshake allows the server to authenticate
itself to the client by using public key techniques, and then allows the client
and the server to cooperate in the creation of symmetric keys used for rapid
encryption, decryption, and tamper detection during the session that follows.
Optionally, the handshake also allows the client to authenticate itself to
the server.
- Java™
- An object-oriented programming language for portable interpretive code
that supports interaction among remote objects. Java was developed and specified by Sun
Microsystems, Incorporated.
- Java Development
Kit (JDK)
- A software package that can be used to write, compile, debug, and run Java applets
and applications.
- Java Runtime
Environment (JRE)
- A subset of the Java Development Kit (JDK) that contains
the core executables and files that constitute the standard Java platform.
The JRE includes the Java Virtual Machine (JVM), core classes,
and supporting files.
- Java Virtual
Machine (JVM)
- A software implementation of a central processing unit (CPU) that runs
compiled Java code (applets and applications).
- key
- In computer security, a sequence of symbols that is used with a cryptographic
algorithm for encrypting or decrypting data.
- key database
- Exists as a file that the server uses to store one or more key pairs and
certificates. You can use one key database for all your key pairs and certificates,
or create multiple databases.
- key file
- In the Distributed Computing Environment (DCE), a file that contains encryption
keys for noninteractive principals.
- key pair
- Contains a public, distributed key and a private key. A key pair is issued
by a public key cryptography system and is used in combination with each other
to validate and authenticate a connection between a client and server for
secure connections.
- Lightweight Directory Access Protocol (LDAP)
- In TCP/IP, a protocol that enables users to locate people, organizations,
and other resources in an Internet directory or intranet directory.
- module
- A program unit that is discrete and identifiable with respect to compiling,
combining with other units, and loading.
- password stashing
- The password is encrypted in a file or on a hard drive. Your keydb password
needs to reside in a file in order to use secure sockets layer (SSL).
- PKCS12
- Sometimes referred to as PFX files; PKCS#12 files are used by several
programs including Netscape, MSIE and MS Outlook.
- plug-in
- A self-contained software component that modifies (adds or changes) function
in a particular software system. When a user adds a plug-in to a software
system, the foundation of the original software system remains intact. The
development of plug-ins requires well defined application programming interfaces
(APIs).
- port
- (1) A system or network access point for data entry or exit. (2) A connector
on a device to which cables for other devices such as display stations and
printers are attached. (3) The representation of a physical connection to
the link hardware. A port is sometimes referred to as an adapter; however,
there can be more than one port on an adapter. One or more ports are controlled
by a single data link control (DLC) process. (4) In the Internet suite of
protocols, a specific logical connector between the Transmission Control Protocol
(TCP) or the User Datagram Protocol (UDP) and a higher level protocol or application.
(5) To modify a computer program to enable it to run on a different platform.
- port number
- In the Internet suite of protocols, the identifier for a logical connector
between an application entity and the transport service.
- private key
- In secure communication, an algorithmic pattern used to encrypt messages
that only the corresponding public key can decrypt. The private key is also
used to decrypt messages that were encrypted by the corresponding public key.
The private key is kept on the user's system and is protected by a password.
- public key
- In secure communication, an algorithmic pattern used to decrypt messages
that were encrypted by the corresponding private key. A public key is also
used to encrypt messages that only the corresponding private key can decrypt.
Users broadcast their public keys to everyone with whom they must exchange
encrypted messages.
- public key infrastructure (PKI)
- An infrastructure that supports digital signatures and other public key-enabled
security services.
- Secure Sockets Layer (SSL)
- A security protocol that provides communication privacy. SSL enables
client and server applications to communicate in a way that is designed to
prevent eavesdropping, tampering, and message forgery. SSL was developed by
Netscape Communications Corporation and RSA Data Security, Inc.
- stash file
- A file that hides other data files within.
- symmetric keys
- In computer security, the two keys in a key pair. The keys are called
symmetric because each key holds as much of the encryption pattern as the
other does.
- trust policy
- Contains a trusted list of certificates that are used to control the
trust and validity period of certificates. It enables one to limit the trust
of certificates issued by a certificate authority.
- trusted root
- A certificate signed by a certificate authority (CA), designated as a
trusted CA on your server.
- virtual host
- Refers to the practice of maintaining more than one server on one machine,
differentiated by their apparent host name.
- X.500
- The directory services standard of International Telecommunication Union
(ITU), International Organization for Standardization (ISO), and International
Electrotechnical Commission (IEC).
|
