S


SAM

See Security Access Manager

SAML

See Security Assertions Markup Language

Secure Hashing Algorithm 1 (SHA-1)

The mathematical basis for encrypting and decrypting data used with the Digital Signature Standard (DSS) introduced by the National Institute of Standards and Technology (NIST). DSS also relies on Digital Signature Algorithm (DSA) to provide the digital signature functionality.

Secure Socket Layer (SSL)

A digital signature technology used for exchanging information between a client and a server. Essentially an SSL-compliant server will request a digital certificate from the client machine. The client can likewise request a digital certificate from the server. Companies or individuals obtain these digital certificates from a third-party vendor like VeriSign or other trusted source who can vouch for the identity of both parties.

Security Access Manager (SAM)

A database containing information about a caller and their security settings. Some texts also call this the Security Accounts Manager. In either case, the information normally appears within a special hive of the registry. Windows secures this hive to make it difficult to access using the Registry Editor. The SAM can also use alternative input sources such as Active Directory.

Security Assertions Markup Language (SAML)

A technique for securing XML-based data communications that depends on the use of specialized tags. This technology defines mechanisms to exchange authentication, authorization, and non-repudiation information between client and server. It relies on a single sign-on technique to ensure the user doesn’t receive constant requests for authentication information. SAML follows a four-step process in which the caller makes a service or resource request, the SAML server requests authentication information, the SAML server uses the authentication information to open a session with the remote server, and, finally, the caller receives an URL to use to access the service or resource.

Security Identifier (SID)

The part of an access token that identifies the object throughout the network; it’s like having an account number. The access token that the SID identifies tells what groups the object belongs to and what privileges the object has.

Serialization

The act of converting an object or other complex data into a data stream (normally bytes) in preparation for transmission or offline storage. The method of serialization determines the ability of the application to convert the data stream back into an object later.

SHA-1

See Secure Hashing Algorithm 1

SID

See Security Identifier

Simple Mail Transfer Protocol (SMTP)

One of the most commonly used protocols to transfer text (commonly mail) messages between clients and

servers. This is a stream-based protocol designed to allow query, retrieval, posting, and distribution of mail messages. Normally, this protocol is used in conjunction with other mail retrieval protocols like point of presence (POP). However, not all uses of SMTP involve email data transfer. Some Simple Object Acess Protocol (SOAP) applications have also relied on SMTP to transfer application data.

Simple Object Access Protocol (SOAP)

A Microsoft-sponsored protocol that provides the means for exchanging data between COM and foreign component technologies like Common Object Request Broker Architecture (CORBA) using XML as an intermediary. SOAP is often used as the basis for Web services communication. However, a developer could also use SOAP on a LAN or in any other environment where machine-to-machine communication is required and the two target machines provide the required infrastructure.

SMTP

See Simple Mail Transfer Protocol

Sniffer

A device or piece of software designed to examine raw network packets and to present those packets in human-readable format. A sniffer is commonly used to locate and repair network errors. It can also be used by crackers to break into networks by allowing them to view sensitive data like user passwords.

SOAP

See Simple Object Access Protocol

Socket

An object that creates a connection between an application and a network protocol. The socket is a specially written driver, in most cases, that manages the particulars of a communication session. The application sends and receives data using the socket, rather than communicating directly with the network protocol.

SSL

See Secure Socket Layer




.Net Development Security Solutions
.NET Development Security Solutions
ISBN: 0782142664
EAN: 2147483647
Year: 2003
Pages: 168

flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net