Abbreviations and Acronyms

AA

attribute authority

AAI

authentication and authorization infrastructure

ACL

access control list

ACM

Association for Computing Machinery

ACT

anticlogging token

AES

Advanced Encryption Standard

AFS

Andrew file system

AFT

authenticated firewall traversal

AH

authentication header

ANSI

American National Standards Institute

API

application programming interface

ARPA

Advanced Research Projects Agency

AS

authentication server

ASN.1

abstract syntax notation 1

ATM

asynchronous transfer mode automatic teller machine

BAN

Burrows, Abadi, and Needham

BBN

Bolt Beranek and Newman, Inc.

BCP

best current practice

BER

basic encoding rules

BIND

Berkeley Internet name daemon

BXA

Bureau of Export Administration

CA

certification authority

CAT

common authentication technology

CBC

cipher block chaining

CC

common criteria

CCI

common client interface

CCITT

Consultative Committee on International Telegraphy and Telephony (now ITU-T)

CCP

Compression Control Protocol

CCTA

Central Computer and Telecommunications Agency

CD

compact disc committee draft

CDP

Certificate Discovery Protocol

CEC

Commission of the European Communities

CERT

computer emergency response team

CERT/CC

CERT coordination center

CFB

cipher feedback

CHAP

Challenge Handshake Authentication Protocol

CLI

command line interface

CLNP

Connectionless Network Protocol

CLUSIF

club de la securite informatique francais

CMIP

Common Management Information Protocol

CMS

cryptographic message syntax

COAST

computer operations, audit, and security technology

CORBA

common object request broker architecture

COTS

commercial off-the-shelf

CRAMM

CCTA risk analysis and management methodology

CRC

cyclic redundancy checksum

CRHF

collision resistant hash function

CRL

certificate revocation list

CRMF

certificate request message format

CRS

certificate revocation system

CRT

certificate revocation tree

CSI

Computer Security Institute

CSRG

Computer Systems Research Group

CV

control value

DAC

discretionary access control

DAP

Directory Access Protocol

DARPA

Defense Advanced Research Projects Agency

DCA

Defense Communications Agency

DCE

Distributed Computing Environment

DCMS

distributed certificate management system

DDoS

distributed denial of service

DEC

Digital Equipment Corporation

DER

distinguished encoding rules

DES

Data Encryption Standard

DFA

differential fault analysis

DIS

draft international standard

DISA

Defense Information Systems Agency

DIT

directory information tree

DMZ

demilitarized zone

DN

distinguished name

DNS

domain name system

DoC

U.S. Department of Commerce

DoD

U.S. Department of Defense

DOI

domain of interpretation

DoS

U.S. Department of State denial of service

DOS

disk operating system

DPA

differential power analysis

DSA

digital signature algorithm

DSS

Digital Signature Standard

DVC

data validation certificate

DVCS

data validation and certification server

E-cash

electronic cash

ECB

electronic code book

E-commerce

electronic commerce

ECP

Encryption Control Protocol

EDI

electronic data interchange

EFS

encrypting file system

EFT

electronic funds transfer

EGP

Exterior Gateway Protocol

EIT

Enterprise Integration Technologies

E-mail

electronic mail

ESM

encrypted session manager

ESP

encapsulating security payload

EU

European Union

FAQ

frequently asked question

FDDI

fiber distributed data interface

FIPS

Federal Information Processing Standard

FIRST

Forum of Incident Response and Security Teams

FNC

Federal Networking Council

FQDN

fully qualified domain name

FSUIT

Swiss Federal Strategy Unit for Information Technology

FTP

File Transfer Protocol

FWPD

Firewall Product Developers Consortium

FWTK

firewall toolkit

GII

global information infrastructure

GIK

group interchange key

GPS

global positioning system

GSS-API

generic security service API

GUI

graphical user interface

HP

Hewlett-Packard

HTML

Hypertext Markup Language

HTTP

Hypertext Transfer Protocol

IAB

Internet Architecture Board

IAM

Institute for Computer Science and Applied Mathematics

IANA

Internet Assigned Numbers Authority

IBM

International Business Machines Corporation

ICANN

Internet Corporation for Assigned Names and Numbers

ICMP

Internet Control Message Protocol

ICSA

International Computer Security Association

ICSI

International Computer Science Institute

IDEA

international data encryption algorithm

IDS

intrusion detection system

IDWG

intrusion detection exchange format

IEC

International Electrotechnical Committee

IEEE

Institute of Electrical and Electronic Engineers

IESG

Internet Engineering Steering Group

IETF

Internet Engineering Task Force

IFIP

International Federation for Information Processing

IGP

Interior Gateway Protocol

IIOP

Internet Inter-ORB Protocol

IKE

Internet Key exchange

IKMP

Internet Key Management Protocol

IMAP

Internet Message Access Protocol

IP

Internet Protocol

IPC

interprocess communications facility

IPng

IP next generation

IPPCP

IP Payload Compression Protocol

IPRA

Internet Policy Registration Authority

IPsec

IP security

IPSP

IP security policy

IPSRA

IP security remote access

IPST

IP Secure Tunnel Protocol

IRSG

Internet Research Steering Group

IRTF

Internet Research Task Force

IS

international standard

ISDN

integrated switched digital network

ISO

International Organization for Standardization

ISOC

Internet Society

IT

information technology

ITSEC

information technology security evaluation criteria

ITU-T

International Telecommunication Union – Telecommunication Standardization Sector

IV

initialization vector

JTC1

Joint Technical Committee 1

Kbps

kilobit per second

KDC

key distribution center

KDS

key distribution server

KEA

key exchange algorithm

KEK

key encryption key

KTC

key translation center

LAN

local area network

LDAP

Lightweight Directory Access Protocol

LLC

logical link control

MAC

message authentication code

MAN

metropolitan area network

MARION

methodologie d'analyse des risques informatiques et d'optimation par niveau

MBone

multicast backbone

MD

message digest

MDC

modification detection code

MHS

message handling system

MIB

management information base

MIC

message integrity check

MIME

multipurpose Internet mail extensions

MIT

Massachusetts Institute of Technology

MKMP

Modular Key Management Protocol

MLS

multilevel security

MOSS

MIME object security services

MPLS

multi-protocol label switching

MSP

Message Security Protocol

MTA

message transfer agent

MTS

message transfer system

NAS

network access server

NASA

National Aeronautics and Space Agency

NBS

National Bureau of Standards

NCP

Network Control Protocol

NCSA

National Computer Security Association

NetSP

Network Security Program

NII

national information infrastructure

NIST

National Institute of Standards and Technology

NLSP

Network Layer Security Protocol

NMS

network management station

NNTP

Network News Transfer Protocol

NRL

U.S. Naval Research Laboratory

NSA

National Security Agency

NSF

National Science Foundation

NSP

Network Security Policy

NTP

Network Time Protocol

OCSP

Online Certificate Status Protocol

OFB

output feedback

OPIE

one-time passwords in everything

OPSEC

open platform for security

ORB

Object Request Broker

OSF

Open Software Foundation

OSI

open systems interconnection

OSI-RM

OSI reference model

OWHF

one-way hash function

PAC

proxy auto-configuration

PAP

Password Authentication Protocol

PARC

Palo Alto Research Center

PC

personal computer

PCA

policy certification authority

PCT

private communication technology

PDA

personal digital assistant

PEM

privacy enhanced mail

PEP

Protocol Extension Protocol

PET

privacy enhancing technology

PFS

perfect forward secrecy

PGP

Pretty Good Privacy

PIN

personal identification number

PKCS

public key cryptography standard

PKI

public key infrastructure

PKIX

Public Key Infrastructure X.509

PKP

Public Key Partners

PMI

privilege management infrastructure

POP

Post Office Protocol

PPP

Point-to-Point Protocol

PSRG

Privacy and Security Research Group

PSTN

public-switched telephone network

QoS

quality of service

RA

registration authority

RACF

resource access control facility

RADIUS

remote authentication dial-in user service

RFC

request for comment

RIP

Routing Information Protocol

ROM

read-only memory

RPC

remote procedure call

RR

resource record

RSA

Rivest, Shamir, and Adleman

RSVP

Resource Reservation Protocol

SA

security association

SAID

secure association identifier

SALS

simple authentication and security layer

SDNS

secure data network system

SDSI

simple distributed security infrastructure

SECSH

Secure Shell

SESAME

secure European system for applications in a multi-vendor environment

SET

secure electronic transaction

SHA

secure hash algorithm

SHS

secure hash standard

S-HTTP

secure HTTP

SID

security identifier

SILS

standards for interoperable LAN/MAN security

SKIP

simple key-management for Internet protocols

SLIP

serial line IP

S/MIME

Secure MIME

SMS

service management system

SMTP

Simple Mail Transfer Protocol

SNMP

Simple Network Management Protocol

SP3

Security Protocol 3

SP4

Security Protocol 4

SPI

security parameters index

SPKI

simple public key infrastructure

SRA

secure RPC authentication

SRI

Stanford Research Institute

SSH

Secure Shell site security handbook

SSL

secure sockets layer

SSR

secure socket relay

STD

Internet Standard

STEL

secure telnet

STS

station-to-station

TACAS

terminal access controller access system

TAMU

Texas A&M University

TAN

transaction authentication number

TCB

trusted computing base

TCP

Transport Control Protocol

TCSEC

trusted computer system evaluation criteria

TEK

token enryption key

TESS

the exponential security system trusted entry security server

TFTP

trivial FTP

TIS

Trusted Information Systems, Inc.

TLI

transport layer interface

TLS

transport layer security

TLSP

Transport Layer Security Protocol

TOS

type of service

TTL

time to live

TTP

trusted third party

UC

University of California

UCB

University of California at Berkeley

UCLA

University of California at Los Angeles

UCSB

University of California at Santa Barbara

UDP

User Datagram Protocol

UID

user identification

U.K.

United Kingdom

UPS

United Parcel Service

URL

uniform resource locator

U.S.

United States

UUCP

UNIX-UNIX Copy Protocol

VPN

virtual private network

VTP

Virtual Tunneling Protocol

WAIS

wide area information service

WAN

wide area network

WAP

Wireless Application Protocol

WEF

World Economic Forum

WG

working group

WTLS

wireless transport layer security

WWW

World Wide Web

W3C

World Wide Web Consortium

XML

Extensible Markup Language