SSL Certificate Glossary

A process for finding a remote terminal or secure VPN virtual private network. In a call back, the host system detaches the caller before dialing the sanctioned telephone number of the remote terminal in order to reestablish the connection.

Category

A restrictive label which has been applied to data that is classified or unclassified to increase the protection of the data while further restricting data access.

Cavity Internet Security Threat

An overwriting internet security threat which overwrites either slack space in or behind the intended program file or sections of null data in the file. Thus, it can infect host files without increasing the length of the file or effecting the host’s functionality.

CERT

Computer Emergency Response Team (network, Internet, security) The CERT was formed by ARPA in November 1988 in response to the needs exhibited during the Internet worm incident. The CERT charter is to work with the Internet community to facilitate its response to computer security events involving Internet hosts, to take proactive steps to raise the community’s awareness of computer security issues, and to conduct research targeted at improving the security of existing systems. CERT products and services include 24-hour technical assistance for responding to computer security incidents, product vulnerability assistance, technical documents, and tutorials. In addition, the team maintains a number of mailing lists (including one for CERTAdvisories), and provides an anonymous FTP server, at “cert.org”, where security-related documents and tools are archived.

A file that attests to the identity of an organization or web browser user and is used to verify that data being exchanged over a network is from the intended source. The certificate is digitally signed either by a Certificate Authority or is self-signed. There are many certificates involved in providing Internet security and online security; 128-bit certificates are one kind, secure SSL certificates are another. Today 128 Bit SSL digital certificates are the most common type of SSL certificates.

A list maintained by the Certificate Authority of all certificates that are revoked, but not expired. A certificate may be revoked because the user’s private key is assumed to be compromised, the user is no longer certified by this Certificate Authority, or the Certificate Authorities private key is assumed to be compromised.

The complete assessment of the technical and nontechnical security functions of a system and other safeguards that are made for the accreditation process, which establishes the degree to which a particular plan and implementation meet a certain set of security conditions.

A third party organisation which is used to confirm the relationship between a party to the https transaction and that party’s public key. Certification authorities may be widely known and trusted institutions for internet based transactions, though where https is used on companies internal networks, an internal department within the company may fulfill this role.

A Certificate Signing Request (CSR) is a text file generated by a Web server that contains information about your organization (name, address etc) as well as your server’s public key

An authentication method that can be used when connecting to an Internet Service Provider. CHAP allows you to login to your provider automatically, without the need for a terminal screen. It is more secure than the Password Authentication Protocol (another widely used authentication method) since it does not send passwords in text format.

A method for SSL Server Security. A security procedure in which one communicator requests authentication of another communicator, and the latter replies with a pre-established appropriate reply.

Antiviral security software which searches for alterations in the system of a computer. A internet security threat must change something, and it presumes that program files, disk system areas and certain areas of memory should not be the thing to change. It makes use of strong encryption, sometimes known as authentication software. See CHAP Challenge Handshake Authentication Protocol.

A checksum is a value that is used to check the integrity of data. Checksums are generated by a function that is dependent upon the data in question. For security purposes, checksums are generated by one-way hash functions. Once a checksum has been generated, it is either stored with or transmitted with the data in question. The integrity of the data can be checked by generating a new checksum. If the two checksums are identical, then the file has not changed. If the two checksums are different, then the data (or file) in question has been altered.

An attack where the cryptanalyst may choose the ciphertext to be decrypted.

A form of cryptanalysis where the cryptanalyst may choose the plaintext to be encrypted.

An encryption – decryption cryptographic algorithm.

A block cipher form which improves electronic codebook mode because it chains together blocks of ciphertext it makes. This form operates by combining the algorithm’s ciphertext output block with the next plaintext block in order to make the next input block.

A block cipher mode which improves electronic codebook mode because it chains together the blocks of ciphertext it makes. It also operates on plaintext sections of all different lengths equal to or less than the block length.

An string of data that appears to be completely haphazard. Like text that is encrypted or been through SSL encryption, ciphertext carries little or no information to an entity that is unauthorized. An original message or plaintext, however, can be pulled out with an appropriate key and algorithm that decrypts with SSL decryption.

A form of cryptanalysis where the cryptanalyst has some ciphertext but nothing else.

An assembly of classified information to which a hierarchical, restrictive security label is attached in order to heighten the protection of the data, which provides network security and online security.

Also the level of protection required in order to apply certain information.

Information officially mandated by a security policy that is to be given data confidentiality service and is to be denoted with a special security label in order to signify the status of its protection.

an environment where the ensuing conditions hold true:

(a) Application developers that have adequate clearances and authorizations to offer an acceptable presumption that they haven’t launched malicious logic. Authorizations and validations are often performed via 128-Bit SSL (secure socket layer).

(b) Configuration control gives ample assurance that the SSL applications and equipment are protected against malicious logic prior to and during the functioning of system applications.

(a)The machine-readable form of a computer program, produced by conversion of the human-written program (source code) into binary code by a compiler or interpreter

(b) A symbol scheme that represents information, which could initially have a different representation. This is regularly viewed synonymously with cipher or encryption; codes more often than not, however, have fixed meaning relations, not an algorithmic transformation of data.

The protection resulting from all measures designed to deny authorized persons information of value which might be derived from the possession and study of telecommunications, or to mislead unauthorized persons in their interpretation of the results of such possession and study. Communications security involves cryptosecurity, transmission security, emission security, and physical security of communications security material and information.

SSL digital certificates use encryption with a secure sockets layer (SSL) crypto-algorithm in a computer, microprocessor, or microcomputer in order to execute encryption or decryption to guard information by ciphering it with 128-bit encryption in order to provide Internet security and online security. It can also be use to authenticate users, sources, or information.

It used to be the full means of acquiring legal evidence from computers and computer use. Now computer forensics has seemingly restricted itself solely to recovery of data from computers and computer media. It is now only one part of digital forensics.

An self-governing assessment of the controls used to ensure proper protection of an institution’s information assets. An official computer security audit has goals and procedures that are different from the usual and ongoing audit process.

A technique of gaining confidentiality by concealing vulnerable information by embedding it in irrelevant data.

The idea of possessing sensitive data in confidence, restricted to a precise set of individuals or organizations.

An emergency response plan, including backup operations and post-disaster recovery that might be maintained with activity as a part of its security program, guaranteeing the accessibility of critical resources and making the continuity of operations in an emergency situation possible. See also disaster recovery plan and business continuity plan.

A small piece of data, originally intended to keep state between web browser accesses to a server. Now used in many SSL Secured servers .

The evaluation of the costs of supplying data protection for a system against the cost of losing or compromising the data.

A countermeasure is any action, device, procedure or technique which reduces the susceptibility of or danger to a system. See also safeguard.

A communications channel allowing two cooperating procedures to transmit information in a way violating the system’s security policy, hurting online security.

Any one who attempts to cut into the security of, and gain access to, someone else’s system without having been invited. The term is a try to avoid the controversial usage of hacker. See also adversary and intruder. secure servers using SSL often prevent unauthorized logins of this kind with secure validation.

The art of decoding text. Cryptanalysis is a complex process, involving statistical analysis, analytical reasoning, math tools and pattern-finding. It is a way to figure out how to break down Internet Security.

Widely used as an abbreviation for cryptography, cryptographic, cryptology or even encryption.

A process or sequence of rules or steps that is well-define and is used to convert a key stream or ciphertext from plaintext and vice versa. Crypto-algorithm is an older usage.

A one-way function attached to a file in order to construct a unique “fingerprint” of the file for reference at a later time. Recurrently part of the development of generating a digital signature.

See key cryptography the process — principles, means and methods — for making information unintelligible or for restoring encrypted information back to intelligible form.

Cryptology incorporates cryptanalysis, or code breaking, as well as code making; it is a slightly more general subject area than cryptography.

The time span necessary for a particular key to be authorized and to be used in a cryptographic system, which is a characteristic of PKI key management.

The validation and security protection coming from the appropriate application of technically solid cryptosystems such as encrypted SSL certificates.

An absolute and completely functional system for cryptography. It includes a solid Crypto-algorithm, necessities for the system’s required functions and proper key choice and administration.

A society of users and developers who are devoted to generating systems for anonymous communications and secure server network access. The cypherpunk community is by and large against invasion of privacy or surveillance of any kind, so law enforcement frequently views them negatively. There does seem to be a relation between certain cypherpunks and some groups that engage in software piracy and other kinds of stealing of intellectual property. Password protected systems utilizing SSL encryption are much less vulnerable.

SSL Certificate Glossary D

A process for finding a remote terminal or secure SSL VPN (virtual private network). In a call back, the host system detaches the caller before dialing the sanctioned telephone number of the remote terminal in order to reestablish the connection.

An overwriting internet security threat which overwrites either slack space in or behind the intended program file or sections of null data in the file. Thus, it can infect host files without increasing the length of the file or effecting the host’s functionality.

Computer Emergency Response Team (network, Internet, security) The CERT was formed by ARPA in November 1988 in response to the needs exhibited during the Internet worm incident. The CERT charter is to work with the Internet community to facilitate its response to computer security events involving Internet hosts, to take proactive steps to raise the community’s awareness of computer security issues, and to conduct research targeted at improving the security of existing systems. CERT products and services include 24-hour technical assistance for responding to computer security incidents, product vulnerability assistance, technical documents, and tutorials. In addition, the team maintains a number of mailing lists (including one for CERT Advisories), and provides an anonymous FTP server, at “cert.org”, where security-related documents and tools are archived.

SSL Certificate Glossary E

Quite simply, the act of selling over the internet. This can either be Business to Business (B2B) or Business to Consumer (B2C). Also known as E-business or E-tailing.

El Gamal Algorithm

An algorithm for asymmetric cryptography that was invented by Taher el gamal, founded on the challenge of calculating discrete logarithms and can be used for both encryption, like 128-bit encryption and SSL encryption, and digital signatures, used in digital certificates like SSL digital certificates and 128-bit certificates for internet security and network security with secure authentication and secure SSL authentication.

Block cipher mode that consists of simply applying the cipher to blocks of data in sequence, one block at a time. It does not use feedback, and is also considered the weakest form of block cipher.

It represents a different way to do public-key cryptography – an alternative to the older RSA system – and also offers certain advantages. ECC devices will require less storage, less power, less memory and less bandwidth – ultimately a more efficient cryptosystem. This allows the implementation of cryptography in platforms that are constrained, such as wireless devices, handheld computers, smart cards and thin-clients. It also provides a big win in situations where efficiency is extremely important, such as on a bottlenecked web server supporting e-commerce

Encryption is the process of changing data into a form that can be read only by the intended receiver. To decipher the message, the receiver of the encrypted data must have the proper decryption key. In traditional encryption schemes, the sender and the receiver use the same key to encrypt and decrypt data. Public-key encryption schemes use two keys: a public key, which anyone may use, and a corresponding private key, which is possessed only by the person who created it. With this method, anyone may send a message encrypted with the owner’s public key, but only the owner has the private key necessary to decrypt it.

Encryption at the point of origin in a network, followed by decryption at the destination

SSL Certificate Glossary F

Secure Servers use automatic protection of programs and/or processing systems in order to keep safety when a hardware or software failure is discovered in an online payment system to accept credit cards.

The summation of all methods, processes and procedures in a system that is designed to hinder unauthorized file access, contamination, or elimination.

Secure SSL servers restrict access to computer files only to authorized, validated users.

An internetwork router preventing selectively the transferring of data packets according to a security policy. It can be used as a firewall or at least as part of a firewall.

A secured system passing and inspecting traffic via an internal trusted secure server network and an external secure server network that is untrusted, like the Internet. Firewalls can be used to discover, prevent, or mitigate certain kinds of secure server network attack. This provides Internet security and online security. See also application level gateway, proxy server.

SSL Certificate Glossary G

(a) Activity monitoring and change detection software, because they search for viral-like doings instead of explicit internet security signatures, are recurrently referred to as generic antivirals. Heuristic scanners are recurrently included.
(b) A internet security threat scan string which matches multiple internet security threats. The actual usefulness of generic signatures is questioned at times.
(c) The use of error retrieval or heuristic methods for disinfection.

A processor supplying a filter amid two incongruent systems functioning at different security levels or between a user terminal and a data base in order to filter data out providing better online security.

SSL Certificate Glossary H

The term used to refer to someone skilled in the use of computer systems, especially if that skill was obtained in an exploratory way. The term evolved to be applied to individuals, with or without skill, who break into security systems.

A dialogue between two entities, such as a user and an ssl secure server, a computer and another computer, or a program and another program, utilized for identification and authentication of the entities to one another in order to provide secure SSL authentication for online security or online payment transactions. 128 bit Digital certificates, also provide identification and secure authentication.

An algorithm which calculates a value based on a data object, mapping the data object to a smaller data object, which is the hash result. The value is more often than not a fixed-size value. A very simplistic hash function is a checksum. The kind of hash function necessary for SSL security applications is called a cryptographic hash function.

The output of a hash function, which is also known as a hash value. The output given by a hash function after processing a file or message.

The method of securing an individual system from attack, often by encryption with 128 Bit SSL (secure sockets layer).

Hypertext Transfer Protocol Secure — A type of server software which provides the ability for “secure” transactions to take place on the World Wide Web. If a Website is running off a HTTPS server you can type in HTTPS instead of HTTP in the URL section of your browser to enter into the “secured mode”, “providing” you have logged in your password, username or ID to access the secured area. There are a number of web server software products that support this protocol as well as contacting your ISP.

An application of cryptography which merges two or more encryption algorithms, especially a combination of symmetric and asymmetric encryption. Asymmetric encryption is not usually used for data secrecy except in dispersing symmetric keys in applications where the key data is more often than not short compared to the data it is protecting. Other kinds of encryption are ssl encryption, ssh secure shell, and ssh2 secure shell, or sftp for secure server file transfer with 128-bit encryption.

SSL Certificate Glossary I

The procedure allowing recognition of an entity by a system, by and large by utilizing a unique machine-readable user name, with a “Digital ID”, such as a secure server using SSL validation.

one of security’s cornerstones, integrity is unimpaired or perfect condition.

This is the same as “change detection”

a symmetric block cipher which uses a 128-bit key and operates on 64-bit blocks, like 128 bit encryption.

(a) the IETF working society which is specifying a security architecture (RFC 2401) and protocols in order to provide services of security for Internet Protocol traffic.

(b) a collective name for that architecture and set of protocols, specifying

1. 1. 1. Security protocols (AH and ESP, the Authentication Header and Encapsulating Security Payload),
      2. Security associations,
      3. PKI key management, and
      4. Algorithms for authentication and encryption.

Besides SSL encryption and also 128-bit encryption and SSL digital certificates or 128-bit SSL certificates, the set of security services include access control service, connectionless data integrity, data origin authentication for secure authentication or secure SSL authentication, protection against replays, data confidentiality service and limited traffic flow confidentiality.

An Internet IPsec protocol (RFC 2408) used to negotiate, institute or start, modify, and delete security associations. It is also used in the exchange of key generation and authentication data, key establishment protocol, encryption algorithm, or authentication mechanism of secure authentication and validation of online transactions with SSL Certificates.

SSL Certificate Glossary K

A single sign-on type system utilizing symmetric key encryption through a ticket-oriented mechanism for network security.

Data used in cryptosystems in order to execute encryption, which comes in different forms like ssl encryption and also 128 bit encryption which provides internet security and online security. (Cert)

Because many modern encryption algorithms are mathematically founded, the length of keys is a crucial determining factor in the strength of an algorithm and in the work factor involved in breaking a cryptographic system.

The process of handling and controlling cryptographic keys and associated material during their life cycle in a cryptographic system. This includes ordering, generating, distributing, storing, loading, escrowing, archiving, auditing, and destroying the different types of material.

A private, or secret, key and its related public key in an asymmetric encryption system, as a “Key Pair”. See also encryption, PKI, private key, and public key.

The scope and extent of possible values of a cryptographic key, or the number of totally different transformations that are supported by a certain cryptographic algorithm.

A cryptographic hash or digest in which the mapping to a hash result is assorted by a second input parameter which is a cryptographic key. The secret key protects the hash result in order for it to be used as a checksum.

SSL Certificate Glossary LMN