AA attribute authority
AC attribute certificate
ACL access control list
AES advanced encryption standard
AFS Andrew file system
AFT authenticated firewall traversal
AH authentication header
ANSI American National Standards Institute
AOL America Online
API application programming interface
ARPA Advanced Research Projects Agency AS authentication server
ASCII American Standard Code for Information Interchange
ASN.1 abstract syntax notation 1
ASP Active Server Pages
ATM asynchronous transfer mode; automated teller machine
BCP best current practice
Bellcore Bell Communications Research
BER basic encoding rules
BITS Bump-in-the-stack
BITW Bump-in-the-wire
BSP backbone service provider
CA certification authority
CAF ‰ Conditional Access for Europe
CAT common authentication technology
CBC cipher block chaining
CC common criteria
CCC Chaos Computer Club
CCP compression control protocol
CCTA Central Computer and Telecommunications Agency
CD compact disk; committee draft
CDP certificate discovery protocol
CEC Commission of the European Communities
CEPS Common Electronic Purse Specification
CERIAS Centre for Education and Research on Information Assurance and Security
CERN European Laboratory for Particle Physics [1]
CERT computer emergency response team
CERT/CC CERT coordination center
CFB cipher feedback
CGI common gateway interface
CHAP challenge-response handshake authentication protocol
CLI command line interface
CMS cryptographic message syntax
COCOM coordinating committee for multilateral export controls
COM component object model
COPPA Children s Online Privacy Protection Act
COPS Computer Oracle and Password System
CPS certificate practice statement
CRAMM CCTA Risk Analysis and Management Methodology
CRC cyclic redundancy checksum
CRHF collision resistant hash function
CRL certificate revocation list
CRMF certificate request message format
CRS certificate revocation system
CRT certificate revocation tree
CSI Computer Security Institute
CSS Contents Scramble System
CUG closed user group
CV control value
CVC card verification code
CVV card verification value
DAC discretionary access control
DAP directory access protocol
DARPA Defense Advanced Research Projects Agency
DCA Defense Communications Agency
DCE distributed computing environment
DCMA Digital Millennium Copyright Act
DDoS distributed denial of service
DER distinguished encoding rules
DES data encryption standard
DFA differential fault analysis
DISA Defense Information Systems Agency
DIT directory information tree
DMV Department of Motor Vehicles
DMZ demilitarized zone
DN distinguished name
DNA deoxyribonucleic acid
DNS domain name system
DNSsec domain name system security
DoC U.S. Department of Commerce
DoD U.S. Department of Defense
DoS U.S. Department of State
DOI domain of interpretation
DOS disk operating system denial of service
DPA differential power analysis
DSA digital signature algorithm
DSS digital signature standard
DVCS data validation and certification server
E-cash electronic cash
ECB electronic code book
ECC elliptic curve cryptosystem
ECML Electronic Commerce Modeling Language
E-commerce electronic commerce
ECP encryption control protocol
EDI electronic data interchange
EFF Electronic Frontier Foundation
EFT electronic funds transfer
EGP exterior gateway protocol
EIT Enterprise Integration Technologies
E-mail electronic mail
ESM encrypted session manager
ESP encapsulating security payload
EU European Union
FAQ frequently asked questions
FDDI fiber distributed data interface
FIPS Federal Information Processing Standard
FIRST Forum of Incident Response and Security Teams
FNC Federal Networking Council
FSML Financial Services Markup Language
FSTC Financial Services Technology Consortium
FSUIT Federal Strategy Unit for Information Technology
FTP File Transfer Protocol
FV First Virtual
FYI for your information
GII global information infrastructure
GISA German Information Security Agency
GPL General Public License
GRE generic routing encapsulation
GSS-API generic security service API
GUI graphical user interface
HTML hypertext markup language
HTTP Hypertext Transfer Protocol
IAB Internet Architecture Board
IANA Internet Assigned Numbers Authority
IBM International Business Machines Corporation
ICMP Internet Control Message Protocol
IDEA international data encryption algorithm
IDS intrusion detection system
IEC International Electrotechnical Committee
IEEE Institute of Electrical and Electronic Engineers
IESG Internet Engineering Steering Group
IETF Internet Engineering Task Force
IGP Interior Gateway Protocol
IIOP Internet Inter-ORB Protocol
IIS Internet Information Server
IKE Internet key exchange
IKMP Internet Key Management Protocol
IMAP Internet Message Access Protocol
IP Internet Protocol
IPC interprocess communications facility
IPKI Internet X.509 public key infrastructure
IPng IP next generation
IPPCP IP Payload Compression Protocol
IPRA Internet Policy Registration Authority
IPsec IP security
IPSP IP Security Protocol
IPST IP Secure Tunnel Protocol
IRSG Internet Research Steering Group
IRTF Internet Research Task Force
ISAKMP Internet Security Association and Key Management Protocol
ISAPI Internet server API
ISDN integrated services digital network
ISI Information Sciences Institute
ISO International Organization for Standardization
ISOC Internet Society
ISP Internet service provider
IT information technology
ITSEC information technology security evaluation criteria
ITU-T International Telecommunication Union ”Telecommunication Standardization Sector
IV initialization vector
J2EE Java 2 Platform, Enterprise Edition
JIT just-in-time
JSP JavaServer Pages
JTC1 Joint Technical Committee 1
JVM Java virtual machine
kbps kilobit per second
KDC key distribution center
KDS key distribution server
KEA key exchange algorithm
KEK key encryption key
KTC key translation center
LAN local-area network
LDAP lightweight directory access protocol
LLC logical link control
LRA local registration agent; local registration authority
LSB least significant bit
L2F layer 2 forwarding
L2TP Layer 2 Tunneling Protocol
MAC message authentication code
MAN metropolitan area network
MBone multicast backbone
MBSA Microsoft Baseline Security Analyzer
MD message digest
MDC modification detection code
MIB management information base
MIC message integrity check
MIME multipurpose Internet mail extensions
MIT Massachusetts Institute of Technology
MKMP Modular Key Management Protocol
MPPE Microsoft point-to-point encryption
MS-PPTP Microsoft PPTP
MTA message transfer agent
NAS network access server
NASA National Aeronautics and Space Agency
NAT network address translation
NBS National Bureau of Standards
NCP Network Control Protocol
NCSA National Center for Supercomputer Application
NCSC National Computer Security Center
NetSP network security program
NII national information infrastructure
NIST National Institute of Standards and Technology
NLSP Network Layer Security Protocol
NMS network management station
NNTP Network News Transfer Protocol
NRL U.S. Naval Research Laboratory
NSA National Security Agency
NSAPI Netscape server API
NTP Network Time Protocol
OCSP Online Certificate Status Protocol
OECD Organization for Economic Cooperation and Development
OFB output feedback
OLE object linking and embedding
ORA organizational registration agent
ORB object request broker
OSF Open Software Foundation
OSI open systems interconnection
OWHF one-way hash function
PAC proxy auto-config
PAP Password Authentication Protocol
PARC Palo Alto Research Center
PC personal computer
PDA personal digital assistant
PDU protocol data unit
PEM privacy enhanced mail
PEP Protocol Extension Protocol
PER packet encoding rules
PET privacy enhancing technology
PFS perfect forward secrecy
PGP pretty good privacy
PHP hypertext preprocessor
PICS platform for Internet content selection
PIN personal identification number
PKCS public key cryptography standard
PKI public key infrastructure
PKIX public key infrastructure X.509
POP Post Office Protocol; point of presence
PPP Point-to-Point Protocol
PPPEXT PPP extensions
PPTP Point-to-Point Tunneling Protocol
PSRG Privacy and Security Research Group
PSTN public switched telephone network
P3P platform for privacy preferences
PUID Passport Unique Identifier
QoS quality of service
RA registration agent; registration authority
RACF resource access control facility
RADIUS remote authentication dial-in user service
RFC Request for Comment
RIP Routing Information Protocol
ROM read-only memory
RPC remote procedure call
RPI return path information
RSA Rivest, Shamir, and Adleman
RSAC Recreational Software Advisory Council
RSACi RSAC rating service
SA security association
SAID secure association identifier
SALS simple authentication and security layer
SATAN Security Administrator Tool for Analyzing Networks
SDNS secure data network system
SDSI simple distributed security infrastructure
SECSH Secure shell
SEPP secure electronic payment protocol
SESAME secure European system for applications in a multi-vendor environment
SET secure electronic transaction
SHA-1 secure hash algorithm 1
SHS secure hash standard
S-HTTP secure HTTP
SigG Signaturgesetz (in Germany)
SigV Signaturverordnung (in Germany)
SILS standards for interoperable LAN/MAN security
SIP secure Internet programming
SKIP simple key-management for Internet protocols
SLIP serial line IP
S/MIME Secure MIME
SMS service management system; short messaging service
SMTP Simple Mail Transfer Protocol
SNMP Simple Network Management Protocol
SOAP Simple Object Access Protocol
SPKAC signed public key and challenge
SPKI simple public key infrastructure
SP3 Security Protocol 3
SP4 Security Protocol 4
SPI security parameters index
SPKI simple public key infrastructure
SRA secure RPC authentication
SRI Stanford Research Institute
SSH secure shell; site security handbook
SSI server-side include; single sign-in
SSL secure sockets layer
SSO single sign-on
SSR secure socket relay
STD Internet standard
STPP Strategic Technology Protection Program
STS station-to-station
S/WAN secure wide-area network
TACACS terminal access controller access control system
TAN transaction authentication number
TAZ temporary autonomous zone
TCB trusted computing base
TCP Transport Control Protocol
TCSEC trusted computer system evaluation criteria
TEK token encryption key
TESS the exponential security system
TIS Trusted Information Systems
TLI transport layer interface
TLS transport layer security
TLSP Transport Layer Security Protocol
TNI trusted network interpretation
TSA Time Stamping Authority
TSP Time-Stamp Protocol
TTP trusted third party
UC University of California
UCB University of California at Berkeley
UDDI Universal Description Discovery and Integration
UID user identification
UPP universal payment preamble
URI uniform resource identifier
URL uniform resource locator
URN uniform resource name
VPN virtual private network
VTP Virtual Tunneling Protocol
WAP Wireless Application Protocol
WG working group
WIPO World Intellectual Property Organization
WSDL Web services markup language
WSIL Web services inspection language
WTLS wireless transport layer security
WWW World Wide Web
W3C World Wide Web Consortium
XML extensible markup language
XTACACS extended TACACS
[1] The acronym is taken from the French name of the laboratory