|
See Security Access Manager
See Security Assertions Markup Language
The mathematical basis for encrypting and decrypting data used with the Digital Signature Standard (DSS) introduced by the National Institute of Standards and Technology (NIST). DSS also relies on Digital Signature Algorithm (DSA) to provide the digital signature functionality.
A digital signature technology used for exchanging information between a client and a server. Essentially an SSL-compliant server will request a digital certificate from the client machine. The client can likewise request a digital certificate from the server. Companies or individuals obtain these digital certificates from a third-party vendor like VeriSign or other trusted source who can vouch for the identity of both parties.
A database containing information about a caller and their security settings. Some texts also call this the Security Accounts Manager. In either case, the information normally appears within a special hive of the registry. Windows secures this hive to make it difficult to access using the Registry Editor. The SAM can also use alternative input sources such as Active Directory.
A technique for securing XML-based data communications that depends on the use of specialized tags. This technology defines mechanisms to exchange authentication, authorization, and non-repudiation information between client and server. It relies on a single sign-on technique to ensure the user doesn’t receive constant requests for authentication information. SAML follows a four-step process in which the caller makes a service or resource request, the SAML server requests authentication information, the SAML server uses the authentication information to open a session with the remote server, and, finally, the caller receives an URL to use to access the service or resource.
The part of an access token that identifies the object throughout the network; it’s like having an account number. The access token that the SID identifies tells what groups the object belongs to and what privileges the object has.
The act of converting an object or other complex data into a data stream (normally bytes) in preparation for transmission or offline storage. The method of serialization determines the ability of the application to convert the data stream back into an object later.
See Secure Hashing Algorithm 1
See Security Identifier
One of the most commonly used protocols to transfer text (commonly mail) messages between clients and
servers. This is a stream-based protocol designed to allow query, retrieval, posting, and distribution of mail messages. Normally, this protocol is used in conjunction with other mail retrieval protocols like point of presence (POP). However, not all uses of SMTP involve email data transfer. Some Simple Object Acess Protocol (SOAP) applications have also relied on SMTP to transfer application data.
A Microsoft-sponsored protocol that provides the means for exchanging data between COM and foreign component technologies like Common Object Request Broker Architecture (CORBA) using XML as an intermediary. SOAP is often used as the basis for Web services communication. However, a developer could also use SOAP on a LAN or in any other environment where machine-to-machine communication is required and the two target machines provide the required infrastructure.
See Simple Mail Transfer Protocol
A device or piece of software designed to examine raw network packets and to present those packets in human-readable format. A sniffer is commonly used to locate and repair network errors. It can also be used by crackers to break into networks by allowing them to view sensitive data like user passwords.
See Simple Object Access Protocol
An object that creates a connection between an application and a network protocol. The socket is a specially written driver, in most cases, that manages the particulars of a communication session. The application sends and receives data using the socket, rather than communicating directly with the network protocol.
See Secure Socket Layer
|