Here is the list of SSL Certificate Glossary
SSL Certificate Glossary – A
Need help understanding some of the technical terminology surrounding SSL certificates? Select the letter above to view definitions of all terms that start with that letter.
ASN.1 (Abstract Syntax Notation One) is a standard way to describe a message (a unit of application data) that can be sent or received in a network. ASN.1 is divided into two parts: (1) the rules of syntax for describing the contents of a message in terms of data type and content sequence or structure and (2) how you actually encode each data item in a message.
Acceptable Use Policy (AUP)
An acceptable use policy (AUP) is a written policy that a user must agree to follow before they are allowed to use a product or service.
Acceptance Inspection
The last and final inspection that is done in order to decide whether or not a resource, feature or system meets the technical and performance standards that are specified in order for the system to receive accreditation or SSL certification.
SSL Certificate Glossary – B
Backdoor
A software or hardware mechanism that is hidden and can be triggered to allow system protection mechanisms to be circumvented. The act will by and large supply unusually high, or sometimes even full, access to the system either without an account or from an account that is usually restricted. Backdoor can also be used by sending a certain packet to a secure server network port, see rat. Developer of software recurrently introduce backdoor in their code to allow themselves the luxury of reentering the system and performing particular functions, see maintenance hook.
An assignment performed by the system that by and large stays invisible to the user. The majority of the procedures in advanced or multi-user systems function in the background. Some malware is executed on the system as a background task so that the user doesn’t recognize that unwanted actions are happening. A lot of attacks recurrently take advantage of loopholes in utility procedures working in the background.
A replicated copy of data this is made for archiving purposes and protecting against the loss of data in case of loss or damage. A back up must be stored away from the original in order to be considered secure.
A bastion host is a gateway between an inside network and an outside network. Used as a security measure, the bastion host is designed to defend against attacks aimed at the inside network. Depending on a network’s complexity and configuration, a single bastion host may stand guard by itself, or be part of a larger computer security system with different layers of protection.
SSL Certificate Glossary – C
A process for finding a remote terminal or secure VPN virtual private network. In a call back, the host system detaches the caller before dialing the sanctioned telephone number of the remote terminal in order to reestablish the connection.
Category
A restrictive label which has been applied to data that is classified or unclassified to increase the protection of the data while further restricting data access.
Cavity Internet Security Threat
An overwriting internet security threat which overwrites either slack space in or behind the intended program file or sections of null data in the file. Thus, it can infect host files without increasing the length of the file or effecting the host’s functionality.
CERT
Computer Emergency Response Team (network, Internet, security) The CERT was formed by ARPA in November 1988 in response to the needs exhibited during the Internet worm incident. The CERT charter is to work with the Internet community to facilitate its response to computer security events involving Internet hosts, to take proactive steps to raise the community’s awareness of computer security issues, and to conduct research targeted at improving the security of existing systems. CERT products and services include 24-hour technical assistance for responding to computer security incidents, product vulnerability assistance, technical documents, and tutorials. In addition, the team maintains a number of mailing lists (including one for CERTAdvisories), and provides an anonymous FTP server, at “cert.org”, where security-related documents and tools are archived.
Certificate
A file that attests to the identity of an organization or web browser user and is used to verify that data being exchanged over a network is from the intended source. The certificate is digitally signed either by a Certificate Authority or is self-signed. There are many certificates involved in providing Internet security and online security; 128-bit certificates are one kind, secure SSL certificates are another. Today 128 Bit SSL digital certificates are the most common type of SSL certificates.
Certificate Revocation List (CRL)
A list maintained by the Certificate Authority of all certificates that are revoked, but not expired. A certificate may be revoked because the user’s private key is assumed to be compromised, the user is no longer certified by this Certificate Authority, or the Certificate Authorities private key is assumed to be compromised.
Certification
The complete assessment of the technical and nontechnical security functions of a system and other safeguards that are made for the accreditation process, which establishes the degree to which a particular plan and implementation meet a certain set of security conditions.
Certification Authority (CA)
A third party organisation which is used to confirm the relationship between a party to the https transaction and that party’s public key. Certification authorities may be widely known and trusted institutions for internet based transactions, though where https is used on companies internal networks, an internal department within the company may fulfill this role.
Certificate Signing Request (CSR)
A Certificate Signing Request (CSR) is a text file generated by a Web server that contains information about your organization (name, address etc) as well as your server’s public key
Challenge-Handshake Authentication Protocol (CHAP)
An authentication method that can be used when connecting to an Internet Service Provider. CHAP allows you to login to your provider automatically, without the need for a terminal screen. It is more secure than the Password Authentication Protocol (another widely used authentication method) since it does not send passwords in text format.
Challenge / Response
A method for SSL Server Security. A security procedure in which one communicator requests authentication of another communicator, and the latter replies with a pre-established appropriate reply.
Change Detection
Antiviral security software which searches for alterations in the system of a computer. A internet security threat must change something, and it presumes that program files, disk system areas and certain areas of memory should not be the thing to change. It makes use of strong encryption, sometimes known as authentication software. See CHAP Challenge Handshake Authentication Protocol.
Checksum
A checksum is a value that is used to check the integrity of data. Checksums are generated by a function that is dependent upon the data in question. For security purposes, checksums are generated by one-way hash functions. Once a checksum has been generated, it is either stored with or transmitted with the data in question. The integrity of the data can be checked by generating a new checksum. If the two checksums are identical, then the file has not changed. If the two checksums are different, then the data (or file) in question has been altered.
Chosen ciphertext attack
An attack where the cryptanalyst may choose the ciphertext to be decrypted.
Chosen plaintext attack
A form of cryptanalysis where the cryptanalyst may choose the plaintext to be encrypted.
Cipher
An encryption – decryption cryptographic algorithm.
Cipher Block Chaining (CBC)
A block cipher form which improves electronic codebook mode because it chains together blocks of ciphertext it makes. This form operates by combining the algorithm’s ciphertext output block with the next plaintext block in order to make the next input block.
Cipher feedback (CFB)
A block cipher mode which improves electronic codebook mode because it chains together the blocks of ciphertext it makes. It also operates on plaintext sections of all different lengths equal to or less than the block length.
Ciphertext
An string of data that appears to be completely haphazard. Like text that is encrypted or been through SSL encryption, ciphertext carries little or no information to an entity that is unauthorized. An original message or plaintext, however, can be pulled out with an appropriate key and algorithm that decrypts with SSL decryption.
Ciphertext-only attack
A form of cryptanalysis where the cryptanalyst has some ciphertext but nothing else.
Classification
An assembly of classified information to which a hierarchical, restrictive security label is attached in order to heighten the protection of the data, which provides network security and online security.
Also the level of protection required in order to apply certain information.
Classified
Information officially mandated by a security policy that is to be given data confidentiality service and is to be denoted with a special security label in order to signify the status of its protection.
Closed Security Environment
an environment where the ensuing conditions hold true:
(a) Application developers that have adequate clearances and authorizations to offer an acceptable presumption that they haven’t launched malicious logic. Authorizations and validations are often performed via 128-Bit SSL (secure socket layer).
(b) Configuration control gives ample assurance that the SSL applications and equipment are protected against malicious logic prior to and during the functioning of system applications.
(a)The machine-readable form of a computer program, produced by conversion of the human-written program (source code) into binary code by a compiler or interpreter
(b) A symbol scheme that represents information, which could initially have a different representation. This is regularly viewed synonymously with cipher or encryption; codes more often than not, however, have fixed meaning relations, not an algorithmic transformation of data.
Communications Security (COMSEC)
The protection resulting from all measures designed to deny authorized persons information of value which might be derived from the possession and study of telecommunications, or to mislead unauthorized persons in their interpretation of the results of such possession and study. Communications security involves cryptosecurity, transmission security, emission security, and physical security of communications security material and information.
SSL digital certificates use encryption with a secure sockets layer (SSL) crypto-algorithm in a computer, microprocessor, or microcomputer in order to execute encryption or decryption to guard information by ciphering it with 128-bit encryption in order to provide Internet security and online security. It can also be use to authenticate users, sources, or information.
Computer Forensics
It used to be the full means of acquiring legal evidence from computers and computer use. Now computer forensics has seemingly restricted itself solely to recovery of data from computers and computer media. It is now only one part of digital forensics.
Computer Security Audit
An self-governing assessment of the controls used to ensure proper protection of an institution’s information assets. An official computer security audit has goals and procedures that are different from the usual and ongoing audit process.
Concealment System
A technique of gaining confidentiality by concealing vulnerable information by embedding it in irrelevant data.
Confidentiality
The idea of possessing sensitive data in confidence, restricted to a precise set of individuals or organizations.
Contingency
An emergency response plan, including backup operations and post-disaster recovery that might be maintained with activity as a part of its security program, guaranteeing the accessibility of critical resources and making the continuity of operations in an emergency situation possible. See also disaster recovery plan and business continuity plan.
Cookie
A small piece of data, originally intended to keep state between web browser accesses to a server. Now used in many SSL Secured servers .
Cost-Benefit Analysis
The evaluation of the costs of supplying data protection for a system against the cost of losing or compromising the data.
Countermeasure
A countermeasure is any action, device, procedure or technique which reduces the susceptibility of or danger to a system. See also safeguard.
Covert Channel
A communications channel allowing two cooperating procedures to transmit information in a way violating the system’s security policy, hurting online security.
Cracker
Any one who attempts to cut into the security of, and gain access to, someone else’s system without having been invited. The term is a try to avoid the controversial usage of hacker. See also adversary and intruder. secure servers using SSL often prevent unauthorized logins of this kind with secure validation.
Cryptanalysis
The art of decoding text. Cryptanalysis is a complex process, involving statistical analysis, analytical reasoning, math tools and pattern-finding. It is a way to figure out how to break down Internet Security.
Crypto
Widely used as an abbreviation for cryptography, cryptographic, cryptology or even encryption.
Cryptographic Algorithm
A process or sequence of rules or steps that is well-define and is used to convert a key stream or ciphertext from plaintext and vice versa. Crypto-algorithm is an older usage.
Cryptographic Checksum
A one-way function attached to a file in order to construct a unique “fingerprint” of the file for reference at a later time. Recurrently part of the development of generating a digital signature.
Cryptographic Key
See key cryptography the process — principles, means and methods — for making information unintelligible or for restoring encrypted information back to intelligible form.
Cryptology
Cryptology incorporates cryptanalysis, or code breaking, as well as code making; it is a slightly more general subject area than cryptography.
Cryptoperiod
The time span necessary for a particular key to be authorized and to be used in a cryptographic system, which is a characteristic of PKI key management.
Cryptosecurity
The validation and security protection coming from the appropriate application of technically solid cryptosystems such as encrypted SSL certificates.
Cryptosystem
An absolute and completely functional system for cryptography. It includes a solid Crypto-algorithm, necessities for the system’s required functions and proper key choice and administration.
Cypherpunk
A society of users and developers who are devoted to generating systems for anonymous communications and secure server network access. The cypherpunk community is by and large against invasion of privacy or surveillance of any kind, so law enforcement frequently views them negatively. There does seem to be a relation between certain cypherpunks and some groups that engage in software piracy and other kinds of stealing of intellectual property. Password protected systems utilizing SSL encryption are much less vulnerable.
SSL Certificate Glossary D
Data Encryption Algorithm
A process for finding a remote terminal or secure SSL VPN (virtual private network). In a call back, the host system detaches the caller before dialing the sanctioned telephone number of the remote terminal in order to reestablish the connection.
Category
A restrictive label which has been applied to data that is classified or unclassified to increase the protection of the data while further restricting data access.
Cavity Internet Security Threat
An overwriting internet security threat which overwrites either slack space in or behind the intended program file or sections of null data in the file. Thus, it can infect host files without increasing the length of the file or effecting the host’s functionality.
CERT
Computer Emergency Response Team (network, Internet, security) The CERT was formed by ARPA in November 1988 in response to the needs exhibited during the Internet worm incident. The CERT charter is to work with the Internet community to facilitate its response to computer security events involving Internet hosts, to take proactive steps to raise the community’s awareness of computer security issues, and to conduct research targeted at improving the security of existing systems. CERT products and services include 24-hour technical assistance for responding to computer security incidents, product vulnerability assistance, technical documents, and tutorials. In addition, the team maintains a number of mailing lists (including one for CERT Advisories), and provides an anonymous FTP server, at “cert.org”, where security-related documents and tools are archived.
SSL Certificate Glossary E
E-Commerce
Quite simply, the act of selling over the internet. This can either be Business to Business (B2B) or Business to Consumer (B2C). Also known as E-business or E-tailing.
El Gamal Algorithm
An algorithm for asymmetric cryptography that was invented by Taher el gamal, founded on the challenge of calculating discrete logarithms and can be used for both encryption, like 128-bit encryption and SSL encryption, and digital signatures, used in digital certificates like SSL digital certificates and 128-bit certificates for internet security and network security with secure authentication and secure SSL authentication.
Electronic codebook (ECB)
Block cipher mode that consists of simply applying the cipher to blocks of data in sequence, one block at a time. It does not use feedback, and is also considered the weakest form of block cipher.
Elliptic Curve Cryptography (ECC)
It represents a different way to do public-key cryptography – an alternative to the older RSA system – and also offers certain advantages. ECC devices will require less storage, less power, less memory and less bandwidth – ultimately a more efficient cryptosystem. This allows the implementation of cryptography in platforms that are constrained, such as wireless devices, handheld computers, smart cards and thin-clients. It also provides a big win in situations where efficiency is extremely important, such as on a bottlenecked web server supporting e-commerce
Encryption
Encryption is the process of changing data into a form that can be read only by the intended receiver. To decipher the message, the receiver of the encrypted data must have the proper decryption key. In traditional encryption schemes, the sender and the receiver use the same key to encrypt and decrypt data. Public-key encryption schemes use two keys: a public key, which anyone may use, and a corresponding private key, which is possessed only by the person who created it. With this method, anyone may send a message encrypted with the owner’s public key, but only the owner has the private key necessary to decrypt it.
End-to-End Encryption
Encryption at the point of origin in a network, followed by decryption at the destination
SSL Certificate Glossary F
Fail Safe
Secure Servers use automatic protection of programs and/or processing systems in order to keep safety when a hardware or software failure is discovered in an online payment system to accept credit cards.
File Protection
The summation of all methods, processes and procedures in a system that is designed to hinder unauthorized file access, contamination, or elimination.
File Security
Secure SSL servers restrict access to computer files only to authorized, validated users.
Filtering Router
An internetwork router preventing selectively the transferring of data packets according to a security policy. It can be used as a firewall or at least as part of a firewall.
Firewall
A secured system passing and inspecting traffic via an internal trusted secure server network and an external secure server network that is untrusted, like the Internet. Firewalls can be used to discover, prevent, or mitigate certain kinds of secure server network attack. This provides Internet security and online security. See also application level gateway, proxy server.
SSL Certificate Glossary G
Generic
(a) Activity monitoring and change detection software, because they search for viral-like doings instead of explicit internet security signatures, are recurrently referred to as generic antivirals. Heuristic scanners are recurrently included.
(b) A internet security threat scan string which matches multiple internet security threats. The actual usefulness of generic signatures is questioned at times.
(c) The use of error retrieval or heuristic methods for disinfection.
Guard
A processor supplying a filter amid two incongruent systems functioning at different security levels or between a user terminal and a data base in order to filter data out providing better online security.
SSL Certificate Glossary H
Hacker
The term used to refer to someone skilled in the use of computer systems, especially if that skill was obtained in an exploratory way. The term evolved to be applied to individuals, with or without skill, who break into security systems.
Handshaking Procedure
A dialogue between two entities, such as a user and an ssl secure server, a computer and another computer, or a program and another program, utilized for identification and authentication of the entities to one another in order to provide secure SSL authentication for online security or online payment transactions. 128 bit Digital certificates, also provide identification and secure authentication.
Hash Function
An algorithm which calculates a value based on a data object, mapping the data object to a smaller data object, which is the hash result. The value is more often than not a fixed-size value. A very simplistic hash function is a checksum. The kind of hash function necessary for SSL security applications is called a cryptographic hash function.
Hash Result
The output of a hash function, which is also known as a hash value. The output given by a hash function after processing a file or message.
Host-Based Security
The method of securing an individual system from attack, often by encryption with 128 Bit SSL (secure sockets layer).
HTTPS or https
Hypertext Transfer Protocol Secure — A type of server software which provides the ability for “secure” transactions to take place on the World Wide Web. If a Website is running off a HTTPS server you can type in HTTPS instead of HTTP in the URL section of your browser to enter into the “secured mode”, “providing” you have logged in your password, username or ID to access the secured area. There are a number of web server software products that support this protocol as well as contacting your ISP.
Hybrid Encryption
An application of cryptography which merges two or more encryption algorithms, especially a combination of symmetric and asymmetric encryption. Asymmetric encryption is not usually used for data secrecy except in dispersing symmetric keys in applications where the key data is more often than not short compared to the data it is protecting. Other kinds of encryption are ssl encryption, ssh secure shell, and ssh2 secure shell, or sftp for secure server file transfer with 128-bit encryption.
SSL Certificate Glossary I
Identification
The procedure allowing recognition of an entity by a system, by and large by utilizing a unique machine-readable user name, with a “Digital ID”, such as a secure server using SSL validation.
Integrity
one of security’s cornerstones, integrity is unimpaired or perfect condition.
Integrity Checking
This is the same as “change detection”
International Data Encryption Algorithm (IDEA)
a symmetric block cipher which uses a 128-bit key and operates on 64-bit blocks, like 128 bit encryption.
Internet Protocol security (IPsec)
(a) the IETF working society which is specifying a security architecture (RFC 2401) and protocols in order to provide services of security for Internet Protocol traffic.
(b) a collective name for that architecture and set of protocols, specifying
-
-
- Security protocols (AH and ESP, the Authentication Header and Encapsulating Security Payload),
- Security associations,
- PKI key management, and
- Algorithms for authentication and encryption.
-
Besides SSL encryption and also 128-bit encryption and SSL digital certificates or 128-bit SSL certificates, the set of security services include access control service, connectionless data integrity, data origin authentication for secure authentication or secure SSL authentication, protection against replays, data confidentiality service and limited traffic flow confidentiality.
Internet Security Association and Key Management Protocol (ISAKMP)
An Internet IPsec protocol (RFC 2408) used to negotiate, institute or start, modify, and delete security associations. It is also used in the exchange of key generation and authentication data, key establishment protocol, encryption algorithm, or authentication mechanism of secure authentication and validation of online transactions with SSL Certificates.
SSL Certificate Glossary K
Kerberos
A single sign-on type system utilizing symmetric key encryption through a ticket-oriented mechanism for network security.
Key
Data used in cryptosystems in order to execute encryption, which comes in different forms like ssl encryption and also 128 bit encryption which provides internet security and online security. (Cert)
Key Length
Because many modern encryption algorithms are mathematically founded, the length of keys is a crucial determining factor in the strength of an algorithm and in the work factor involved in breaking a cryptographic system.
Key Management
The process of handling and controlling cryptographic keys and associated material during their life cycle in a cryptographic system. This includes ordering, generating, distributing, storing, loading, escrowing, archiving, auditing, and destroying the different types of material.
Key Pair
A private, or secret, key and its related public key in an asymmetric encryption system, as a “Key Pair”. See also encryption, PKI, private key, and public key.
Key Space
The scope and extent of possible values of a cryptographic key, or the number of totally different transformations that are supported by a certain cryptographic algorithm.
Keyed Hash
A cryptographic hash or digest in which the mapping to a hash result is assorted by a second input parameter which is a cryptographic key. The secret key protects the hash result in order for it to be used as a checksum.
SSL Certificate Glossary LMN
Latency
The time between the act of a secure system being penetrated, and any activity taking place. For example a virus that remains inactive until a certain date.
Managed PKI for SSL Certificates (Multiple Server IDs)
PKI Manager; Web-Based Managed PKI for SSL allows the secure server administrator, usually Certified (VCA) with Certification to manage PKI services for many different server IDs (128-bit SSL IDs). This makes the job of securing multiple web servers and control an entire network, with efficient ID management of Public Key Infrastructure (PKI) Services.
Meet In The Middle
A explicit kind of cryptanalytic attack in which the attacker uses known-plaintext and the consequent ciphertext to do both encryption and decryption in order to determine a multi-part key for secure authentication and secure SSL authentication online.
A device that allows the simultaneous processing of data of two or more security levels without any risk of compromise. In order to accomplish this, sensitivity labels are standardly stored on a physical medium and form that are the same as the data that is being sorted out. It could help provide a ssl secure server.
Non-repudiation
Ensures that information cannot be disowned
SSL Certificate Glossary O
Object
A passive unit containing or receiving information. Access to an object implies ability to get to the information that it contains. Some examples of objects are: records, blocks, pages, segments, files, directories, directory trees, and programs, as well as bits, bytes, fields, processors, and secure server SSL network nodes.
One-Time Pad
An encryption system operating on a series of keys, each of which is used only one time; they are considered unbreakable. The encryption can be performed with 128-bit ssl encryption for online security.
One-Time Password
An authentication token intended to be discarded after a single use.
One Way Encryption
Transformation of plaintext to ciphertext that is irreversible, where the plaintext cannot be brought back from the ciphertext by anything other than exhaustive processes even if the cryptographic key is known. One-way encryption has legitimate uses Internet security and online security, such as password storage
SSL Certificate Glossary P
Password
A protected/private character string which is applied to authenticate an identity, which gives secure authentication and secure SSL authentication, sometimes with digital signatures and digital certificates like 128 bit SSL digital certificates. Passwords are for a user’s online security or authorization security. Working together are certs and secure email with ssl certificates, all terms related to online security.
Similar to “protocol” in human communication which involves a previously agreed upon set of rules for communicating in diplomatic settings. On the Internet, a protocol is an agreed upon method for sending and receiving information.
A key that is kept secret from the public in asymmetric encryption. Each of the two parties involved in the communication have a pair of keys each (one public, one private). They exchange public keys but neither gives the other their private key.
Public key
A key that can be obtained from a designated authority for asymmetric encryption. The key is a value that can be used to encrypt (code) or decrypt (decode) data for a single transaction. In asymmetric communication, both a private key and a publicly available key are required to exchange secure messages.
SSL Certificate Glossary R
Remote Authentication Dial-In User Service (RADIUS)
A standard for authenticating the identity of remote dial-in users.
Realm
A unique name given to each protected area on a server, whether it be a single document or an entire server.
Rights
The privileges a user or role has on a system.
Roles
A working description of a user. Roles are assigned rights.
Root Certificate
A self signed certificate issued from a genuine Certificate Authority (CA)
RSA Encryption (Rivest-Sharmir-Adelman)
A popular encryption and authentication standard that uses asymmetric keys and was developed by Rivest, Sharmir, and Adelman. Based on a public key system, every user has 2 digital keys, one to encrypt information, and the other to decrypt. Authentication of both sender and recipient is achieved with this method.
SSL Certificate Glossary S
Secure Server
A Web server that utilizes security protocols like SSL to encrypt and decrypt data, messages, and online payment gateways to accept credit cards, to protect them against fraud, false identification, or third party tampering. Purchasing from a secure Web server ensures that a user’s credit card information, or personal information can be encrypted with a secret code that is difficult to break. Popular security protocols include SSL, SHTTP, SSH2, SFTP, PCT, and IPSec.
Secure Sockets Layer (SSL)
SSL is an Internet protocol which uses encryption and SSL secure sockets layer in order to supply data confidentially for service and data integrity amid a client and a server transaction with Internet security and privacy. Secure Sockets Layer (SSL) can also, as an option, provide peer entity authentication amid the client and the server with secure SSL validation of digital certificates. SSL is layered below HTTP and above a transport protocol (TCP). SSL is independent of the application it summarizes and any other higher level protocol can layer on top of SSL transparently. SSL has two layers: (a) SSL’s lower layer, the SSL Record Protocol, is coated on top of the transport protocol and encapsulates higher level protocols. (b) SSL’s upper layer supplies asymmetric cryptography for server authentication, which is verifying the secure server’s digital identity to the client with digital ID signatures or certs with client authentication (the process of verifying the client’s identity to the server). It also allows them to negotiate a symmetric encryption algorithm and secret session key, used for data confidentiality, prior to the transmission or receiving of data by the application protocol. A keyed hash offers data integrity service for data that is encapsulated.
Secure State
A state in which no subject can get access into any object in a manner that is illicit. SSL Certificates provide a Secure State.
Security Association
(a) A relationship established among two or more entities to allow them to guard data they swap. The relationship negotiates characteristics of defense mechanisms but does not involve the mechanisms. (b) Used in IPsec as a simplex (unidirectional) logical connection generated for purposes of security and put in with either ah or esp, but never both. The security association offers security services that depend on the protocol chosen, the IPsec mode transport or VPN tunnel, the endpoints and the choice of optional services in the SSL protocol. A security association is recognized by (a) a destination ip address, (b) a protocol identifier or (c) a security parameter index.
Security Audit
A self-assessing review and investigation of a system’s policy, records, and actions to determine the capability of system controls, guarantee compliance with conventional security policy and processes, discover breach in security services, and recommend any alterations which imply a need for countermeasures. The objective of the basic audit is to establish accountability for systems which initiate or participate in security-relevant occurrences and actions. Means are needed to create and record security audit information and are also need in order to review and analyze the audit trail in order to detect and exam attacks and compromises of security.
Security by Obscurity
A term used, more often than not negatively, in reference to the procedure of attempting to secure a system for Internet security and online security by failing to publish any information about it. This is done in the hope that no one will figure out how it works.
Security Critical Mechanisms
The security mechanisms where proper functioning is required in order to make sure that the security policy is actually enforced.
Security Evaluation
An evaluation that is done in order to assess the level of trust or assurance which can be placed in systems for the secure management of information that is sensitive. One sort, a product evaluation, is an assessment done on the hardware and software features and promises of a computer product from a standpoint which leaves out the application atmosphere. A different kind, a system evaluation, is performed to gauge a system’s security safeguards with respect to a explicit operational mission and is an important step in the certification and accreditation process for secure authentication and secure SSL authentication that supplies Internet security and online security with digital certificates or “certs”.
Security Fault Analysis
A security analysis, more often than not performed on hardware at the gate level, to determine the security properties of an apparatus when a hardware fault is come upon.
Security Features
The security-relevant operations, mechanisms, and features of system hardware and software. Security features are a compartment of system security safeguards used for online security (digital SSL certificates are one example)
Security Filter
A dependable subsystem enforcing a security policy on the data that passes through it.
Security Flaw
An error of commission or omission in a system which may falsely permit security mechanisms or safeguards to be bypassed, weakening internet security.
Security Kernel
The hardware, firmware, and software components of a tcb which use the concept of reference monitor. Security kernels have to mediate each and every access, be guarded from modification, and be provable to be effective.
Security Level
The amalgamation of a hierarchical classification and a group of non hierarchical categories representing the sensitivity of information.
Security Measures
Constituents of software, firmware, hardware or processes which are included in a system for the approval of security expectations or security policy. They are used for Internet security to prevent unauthorized intrusion with 128-bit digital certificates with secure SSL authentication.
Signature
A unique and distinct pattern that is used to detect a virus infection or system penetration (see intrusion detection system), or as a “Digital ID” for SSL secure systems. The digital signature can be a permanently set string of bytes, or it can also be more complex and algorithmically based, as with a secure socket layer. ID Signatures for secure server system penetration are by and large much more complex and can even include the comparison of many different types of data in a security audit with logging.
Single sign-on
A system, process or procedure in which a user is authenticated on one occasion, giving them access to a lot of disparate systems from that time on. It is like secure authentication or secure ssl authentication that only has to be done a single time. Super-User a user with full, unlimited and unrestricted access to each and every portion and resource of the system, such as the PKI Manager who administers and manages SSL Certificate duties on a large network.
Symmetric Key Encryption
Private key encryption, or “symmetric key encryption” uses the exact same, private key for both encryption and decryption. The key is shored amid the both parties as the factor for the communication. Symmetric key systems do not have to have a public key infrastructure (PKI) the way that asymmetric key encryption has to, but it does have to have a key to exchange through a channel that is secure, unlike other kinds of 128-bit encryption with SSL.
System Integrity
The condition an SSL secure server is in when it executes its intended operation in an unimpaired manner, free from advertent or inadvertent unauthorized manipulation of the system.
SSL Certificate Glossary T
Token
An authentication tool, an apparatus utilized for holding key or authentication values, or to calculate, and possibly even to send and receive replies to challenges during the user authentication procedure. Secure authentication with SSL validation is needed. Tokens can be small, hand-held hardware apparatus very much like pocket calculators or credit cards.
Trusted Computer System
A system using ample hardware and software assurance measures to permits its use for simultaneous processing of a span of sensitive or classified information.
Trusted Computing Base (TCB)
The sum of defense mechanisms in a secured computer system, including hardware, firmware and software, the combination of which is supposed to enforce an SSL security policy. A tcb is made up of one or more elements which together enforce a unified security policy. The ability of a tcb to enforce aptly a unified security policy depends completely on the mechanisms in the tcb and on the proper input by system administrative personnel of parameters that are related to the security policy.
Trusted Path
A device by which an individual at a terminal can communicate straight to the tcb. This instrument can activated by only the individual or the tcb and cannot be mimicked by untrusted software.
Trusted Process
A Procedure Whose False Or Malevolent Performance Is Able To Violate A System’s Security Policy.
Tunneling
Practices tracing of the disruption of a system in the final programming. Utilized by both viral and antiviral programs to discover and/or disable rival programs.
Tunneling Router
a router or system able to rout traffic by ciphering or encrypting it and summarizing it for transmission via an untrusted secure server network, which later puts it through de-encapsulation and decryption. Encryption such as 128 bit encryption and SSL encryption help ensure Internet security and online security.
Two-Factor Authentication
Authentication founded on at least two of the three types: something a user knows, is or has. To gain access into a system the user must be able to exhibit both factors.
SSL Certificate Glossary UVW
Untrusted Process
A process which has not been evaluated or examined for adherence to the security policy. It may include incorrect or malicious code which attempts to circumvent the SSL security mechanisms.
Verification
The procedure that contrasts two levels of system expectation for appropriate correspondence.
Vulnerability analysis
the regular and organized evaluation of systems in order to determine the capability of security measures, identify security shortages and impart data from which to predict the efficacy of the projected security measures. It is a procedure for maintaining Internet security and online security through making sure everything is secure on the server.
Vulnerability Assessment
A calculation of vulnerability including the vulnerability of a certain system to a explicit attack and the prospects accessible to a threat agent to mount that attack
Web of Trust
A PKI method utilized in PGP for creating a file of legitimate public keys by way of making personal judgments about whether or not to trust a particular person who is possessing properly certified keys of other people.
SSL Certificate Glossary X
X.509
A standard for digital certificates developed by the International Telecommunications Union (ITU).
Leave a Reply