Glossary

Application: Part of the OSI reference model. The application layer is also known as layer seven, the highest layer in the OSI model.

See also OSI(Open Systems Interconnection).

Authentication

Verification of a claimed identity.

Biometric

A unique, measurable characteristic or trait of a human being used for automatically recognizing or verifying an identity.

CA(Certificate Authority)

An authority that issues and manages security credentials for a PKI.

CA Private Root Key

A cryptographic key known only to the CA that is used to certify user or server certificate requests.

CERT(Computer Emergency Response Team)

The CERT Coordination Center is an organization that grew from the Computer Emergency Response Team formed by the Defense Advanced Research Projects Agency (DARPA) in November 1988 in response to the problems generated during the Internet worm incident. (See http://www.cert.org/)

Certificate

A digital identifier linking an entity and a trusted third party with the ability to confirm the entity's identification. Typically stored in a browser or a smart card.

Certificate Owner

A person or system bound to the certificate. The owner is the person that has access to view and manipulate the certificate.

Certificate Policy

A set of rules that indicates the applicability of a certificate to a particular environment or application with common security requirements.

Certification Practice Statement (CPS)

This is a statement of the practices that a certificate authority (CA) employs in issuing certificates.

Cipher

Alternative term for an encryption algorithm.

Ciphertext

Text (or data) that has previously been encrypted.

CRL(Certificate Revocation List)

A database of certificates no longer valid within a given PKI infrastructure.

Cryptography

A discipline that embodies principles, means, and methods for the transformation of data in order to hide its information content, prevent its undetected modification, and prevent its unauthorized use.

CSMA/CD(Carrier Sense Multiple Access/Collision Detect)

The protocol for carrier transmission access in Ethernet networks.

DARPA(Defense Advanced Research Projects Agency)

A research branch of the U.S. Department of Defense that was one of the founder's projects that led to the development of the Internet.

Data Link

Part of the OSI reference model, this layer provides error control and synchronization for the physical level.

DDoS

A distributed denial of service attack. This DoS attack exploits several machines to make the attack.

Decryption

The process of transforming ciphertext back into plaintext.

Denial-of-Service Attacks (DoS Attacks)

Acts intended to cause a service to become unavailable or unusable. In an Internet environment, a service might be an application such as a web or mail server, or a network service.

DES(Data Encryption Standard)

A method of data encryption using a private (secret) key. DES uses a 56-bit key to each 64-bit block of data.

Digital Certificate

A digital certificate is an electronic mechanism that binds a set of credentials to a particular person or system. A CA will issue the certificates.

Digital Signature

Data appended to, or a cryptographic transformation of a data unit, that allows a recipient of the data unit to prove the source and integrity of the data unit and protect against forgery.

DMZ(Demilitarized Zone)

A network inserted as a "buffer zone" between a company's private, or trusted, network and the outside, untrusted network.

DNS(Domain Name System)

A method by which Internet domain names are converted into IP addresses.

Table of content