Tech-invite3GPPspaceIETF RFCsSIP
in Index   Prev   Next

RFC 2828

Internet Security Glossary

Pages: 212
Obsoleted by:  4949
Part 1 of 8 – Pages 1 to 29
None   None   Next

ToP   noToC   RFC2828 - Page 1
Network Working Group                                          R. Shirey
Request for Comments: 2828                        GTE / BBN Technologies
FYI: 36                                                         May 2000
Category: Informational

                       Internet Security Glossary

Status of this Memo

   This memo provides information for the Internet community.  It does
   not specify an Internet standard of any kind.  Distribution of this
   memo is unlimited.

Copyright Notice

   Copyright (C) The Internet Society (2000).  All Rights Reserved.


This Glossary (191 pages of definitions and 13 pages of references) provides abbreviations, explanations, and recommendations for use of information system security terminology. The intent is to improve the comprehensibility of writing that deals with Internet security, particularly Internet Standards documents (ISDs). To avoid confusion, ISDs should use the same term or definition whenever the same concept is mentioned. To improve international understanding, ISDs should use terms in their plainest, dictionary sense. ISDs should use terms established in standards documents and other well-founded publications and should avoid substituting private or newly made-up terms. ISDs should avoid terms that are proprietary or otherwise favor a particular vendor, or that create a bias toward a particular security technology or mechanism versus other, competing techniques that already exist or might be developed in the future.
ToP   noToC   RFC2828 - Page 2

Table of Contents

1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . . 2 2. Explanation of Paragraph Markings . . . . . . . . . . . . . . 4 2.1 Recommended Terms with an Internet Basis ("I") . . . . . . 4 2.2 Recommended Terms with a Non-Internet Basis ("N") . . . . 5 2.3 Other Definitions ("O") . . . . . . . . . . . . . . . . . 5 2.4 Deprecated Terms, Definitions, and Uses ("D") . . . . . . 6 2.5 Commentary and Additional Guidance ("C") . . . . . . . . . 6 3. Definitions . . . . . . . . . . . . . . . . . . . . . . . . . 6 4. References . . . . . . . . . . . . . . . . . . . . . . . . . . 197 5. Security Considerations . . . . . . . . . . . . . . . . . . . 211 6. Acknowledgements . . . . . . . . . . . . . . . . . . . . . . . 211 7. Author's Address . . . . . . . . . . . . . . . . . . . . . . . 211 8. Full Copyright Statement . . . . . . . . . . . . . . . . . . . 212

1. Introduction

This Glossary provides an internally consistent, complementary set of abbreviations, definitions, explanations, and recommendations for use of terminology related to information system security. The intent of this Glossary is to improve the comprehensibility of Internet Standards documents (ISDs)--i.e., RFCs, Internet-Drafts, and other material produced as part of the Internet Standards Process [R2026]-- and of all other Internet material, too. Some non-security terms are included to make the Glossary self-contained, but more complete lists of networking terms are available elsewhere [R1208, R1983]. Some glossaries (e.g., [Raym]) list terms that are not listed here but could be applied to Internet security. However, those terms have not been included in this Glossary because they are not appropriate for ISDs. This Glossary marks terms and definitions as being either endorsed or deprecated for use in ISDs, but this Glossary is not an Internet standard. The key words "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" are intended to be interpreted the same way as in an Internet Standard [R2119], but this guidance represents only the recommendations of this author. However, this Glossary includes reasons for the recommendations--particularly for the SHOULD NOTs--so that readers can judge for themselves whether to follow the recommendations.
ToP   noToC   RFC2828 - Page 3
   This Glossary supports the goals of the Internet Standards Process:

   o Clear, Concise, and Easily Understood Documentation

      This Glossary seeks to improve comprehensibility of security-
      related content of ISDs. That requires wording to be clear and
      understandable, and requires the set of security-related terms and
      definitions to be consistent and self-supporting. Also, the
      terminology needs to be uniform across all ISDs; i.e., the same
      term or definition needs to be used whenever and wherever the same
      concept is mentioned. Harmonization of existing ISDs need not be
      done immediately, but it is desirable to correct and standardize
      the terminology when new versions are issued in the normal course
      of standards development and evolution.

   o Technical Excellence

      Just as Internet Standard (STD) protocols should operate
      effectively, ISDs should use terminology accurately, precisely,
      and unambiguously to enable Internet Standards to be implemented

   o Prior Implementation and Testing

      Just as STD protocols require demonstrated experience and
      stability before adoption, ISDs need to use well-established
      language. Using terms in their plainest, dictionary sense (when
      appropriate) helps to ensure international understanding. ISDs
      need to avoid using private, made-up terms in place of generally-
      accepted terms from standards and other publications. ISDs need to
      avoid substituting new definitions that conflict with established
      ones. ISDs need to avoid using "cute" synonyms (e.g., see: Green
      Book); no matter how popular a nickname may be in one community,
      it is likely to cause confusion in another.

   o Openness, Fairness, and Timeliness

      ISDs need to avoid terms that are proprietary or otherwise favor a
      particular vendor, or that create a bias toward a particular
      security technology or mechanism over other, competing techniques
      that already exist or might be developed in the future. The set of
      terminology used across the set of ISDs needs to be flexible and
      adaptable as the state of Internet security art evolves.
ToP   noToC   RFC2828 - Page 4

2. Explanation of Paragraph Markings

Section 3 marks terms and definitions as follows: o Capitalization: Only terms that are proper nouns are capitalized. o Paragraph Marking: Definitions and explanations are stated in paragraphs that are marked as follows: - "I" identifies a RECOMMENDED Internet definition. - "N" identifies a RECOMMENDED non-Internet definition. - "O" identifies a definition that is not recommended as the first choice for Internet documents but is something that authors of Internet documents need to know. - "D" identifies a term or definition that SHOULD NOT be used in Internet documents. - "C" identifies commentary or additional usage guidance. The rest of Section 2 further explains these five markings.

2.1 Recommended Terms with an Internet Basis ("I")

The paragraph marking "I" (as opposed to "O") indicates a definition that SHOULD be the first choice for use in ISDs. Most terms and definitions of this type MAY be used in ISDs; however, some "I" definitions are accompanied by a "D" paragraph that recommends against using the term. Also, some "I" definitions are preceded by an indication of a contextual usage limitation (e.g., see: certification), and ISDs should not the term and definition outside that context An "I" (as opposed to an "N") also indicates that the definition has an Internet basis. That is, either the Internet Standards Process is authoritative for the term, or the term is sufficiently generic that this Glossary can freely state a definition without contradicting a non-Internet authority (e.g., see: attack). Many terms with "I" definitions are proper nouns (e.g., see: Internet Protocol). For such terms, the "I" definition is intended only to provide basic information; the authoritative definition is found elsewhere. For a proper noun identified as an "Internet protocol", please refer to the current edition of "Internet Official Protocol Standards" (STD 1) for the standardization state and status of the protocol.
ToP   noToC   RFC2828 - Page 5

2.2 Recommended Terms with a Non-Internet Basis ("N")

The paragraph marking "N" (as opposed to "O") indicates a definition that SHOULD be the first choice for the term, if the term is used at all in Internet documents. Terms and definitions of this type MAY be used in Internet documents (e.g., see: X.509 public-key certificate). However, an "N" (as opposed to an "I") also indicates a definition that has a non-Internet basis or origin. Many such definitions are preceded by an indication of a contextual usage limitation, and this Glossary's endorsement does not apply outside that context. Also, some contexts are rarely if ever expected to occur in a Internet document (e.g., see: baggage). In those cases, the listing exists to make Internet authors aware of the non-Internet usage so that they can avoid conflicts with non-Internet documents. Many terms with "N" definitions are proper nouns (e.g., see: Computer Security Objects Register). For such terms, the "N" definition is intended only to provide basic information; the authoritative definition is found elsewhere.

2.3 Other Definitions ("O")

The paragraph marking "O" indicates a definition that has a non- Internet basis, but indicates that the definition SHOULD NOT be used in ISDs *except* in cases where the term is specifically identified as non-Internet. For example, an ISD might mention "BCA" (see: brand certification authority) or "baggage" as an example to illustrate some concept; in that case, the document should specifically say "SET(trademark) BCA" or "SET(trademark) baggage" and include the definition of the term. For some terms that have a definition published by a non-Internet authority--government (see: object reuse), industry (see: Secure Data Exchange), national (see: Data Encryption Standard), or international (see: data confidentiality)--this Glossary marks the definition "N", recommending its use in Internet documents. In other cases, the non- Internet definition of a term is inadequate or inappropriate for ISDs. For example, it may be narrow or outdated, or it may need clarification by substituting more careful or more explanatory wording using other terms that are defined in this Glossary. In those cases, this Glossary marks the tern "O" and provides an "I" definition (or sometimes a different "N" definition), which precedes and supersedes the definition marked "O".
ToP   noToC   RFC2828 - Page 6
   In most of the cases where this Glossary provides a definition to
   supersede one from a non-Internet standard, the substitute is
   intended to subsume the meaning of the superseded "O" definition and
   not conflict with it. For the term "security service", for example,
   the "O" definition deals narrowly with only communication services
   provided by layers in the OSI model and is inadequate for the full
   range of ISD usage; the "I" definition can be used in more situations
   and for more kinds of service. However, the "O" definition is also
   provided here so that ISD authors will be aware of the context in
   which the term is used more narrowly.

   When making substitutions, this Glossary attempts to use
   understandable English that does not contradict any non-Internet
   authority. Still, terminology differs between the standards of the
   American Bar Association, OSI, SET, the U.S. Department of Defense,
   and other authorities, and this Glossary probably is not exactly
   aligned with all of them.

2.4 Deprecated Terms, Definitions, and Uses ("D")

If this Glossary recommends that a term or definition SHOULD NOT be used in ISDs, then either the definition has the paragraph marking "D", or the restriction is stated in a "D" paragraph that immediately follows the term or definition.

2.5 Commentary and Additional Guidance ("C")

The paragraph marking "C" identifies text that is advisory or tutorial. This text MAY be reused in other Internet documents. This text is not intended to be authoritative, but is provided to clarify the definitions and to enhance this Glossary so that Internet security novices can use it as a tutorial.

3. Definitions

Note: Each acronym or other abbreviation (except items of common English usage, such as "e.g.", "etc.", "i.e.", "vol.", "pp.", "U.S.") that is used in this Glossary, either in a definition or as a subpart of a defined term, is also defined in this Glossary. $ 3DES See: triple DES. $ *-property (N) (Pronounced "star property".) See: "confinement property" under Bell-LaPadula Model.
ToP   noToC   RFC2828 - Page 7
   $ ABA Guidelines
      (N) "American Bar Association (ABA) Digital Signature Guidelines"
      [ABA], a framework of legal principles for using digital
      signatures and digital certificates in electronic commerce.

   $ Abstract Syntax Notation One (ASN.1)
      (N) A standard for describing data objects. [X680]

      (C) OSI standards use ASN.1 to specify data formats for protocols.
      OSI defines functionality in layers. Information objects at higher
      layers are abstractly defined to be implemented with objects at
      lower layers. A higher layer may define transfers of abstract
      objects between computers, and a lower layer may define transfers
      concretely as strings of bits. Syntax is needed to define abstract
      objects, and encoding rules are needed to transform between
      abstract objects and bit strings. (See: Basic Encoding Rules.)

      (C) In ASN.1, formal names are written without spaces, and
      separate words in a name are indicated by capitalizing the first
      letter of each word except the first word. For example, the name
      of a CRL is "certificateRevocationList".

   $ ACC
      See: access control center.

   $ access
      (I) The ability and means to communicate with or otherwise
      interact with a system in order to use system resources to either
      handle information or gain knowledge of the information the system

      (O) "A specific type of interaction between a subject and an
      object that results in the flow of information from one to the
      other." [NCS04]

      (C) In this Glossary, "access" is intended to cover any ability to
      communicate with a system, including one-way communication in
      either direction. In actual practice, however, entities outside a
      security perimeter that can receive output from the system but
      cannot provide input or otherwise directly interact with the
      system, might be treated as not having "access" and, therefore, be
      exempt from security policy requirements, such as the need for a
      security clearance.

   $ access control
      (I) Protection of system resources against unauthorized access; a
      process by which use of system resources is regulated according to
      a security policy and is permitted by only authorized entities
ToP   noToC   RFC2828 - Page 8
      (users, programs, processes, or other systems) according to that
      policy. (See: access, access control service.)

      (O) "The prevention of unauthorized use of a resource, including
      the prevention of use of a resource in an unauthorized manner."
      [I7498 Part 2]

   $ access control center (ACC)
      (I) A computer containing a database with entries that define a
      security policy for an access control service.

      (C) An ACC is sometimes used in conjunction with a key center to
      implement access control in a key distribution system for
      symmetric cryptography.

   $ access control list (ACL)
      (I) A mechanism that implements access control for a system
      resource by enumerating the identities of the system entities that
      are permitted to access the resource. (See: capability.)

   $ access control service
      (I) A security service that protects against a system entity using
      a system resource in a way not authorized by the system's security
      policy; in short, protection of system resources against
      unauthorized access. (See: access control, discretionary access
      control, identity-based security policy, mandatory access control,
      rule-based security policy.)

      (C) This service includes protecting against use of a resource in
      an unauthorized manner by an entity that is authorized to use the
      resource in some other manner. The two basic mechanisms for
      implementing this service are ACLs and tickets.

   $ access mode
      (I) A distinct type of data processing operation--e.g., read,
      write, append, or execute--that a subject can potentially perform
      on an object in a computer system.

   $ accountability
      (I) The property of a system (including all of its system
      resources) that ensures that the actions of a system entity may be
      traced uniquely to that entity, which can be held responsible for
      its actions. (See: audit service.)

      (C) Accountability permits detection and subsequent investigation
      of security breaches.
ToP   noToC   RFC2828 - Page 9
   $ accredit
   $ accreditation
      (I) An administrative declaration by a designated authority that
      an information system is approved to operate in a particular
      security configuration with a prescribed set of safeguards.
      [FP102] (See: certification.)

      (C) An accreditation is usually based on a technical certification
      of the system's security mechanisms. The terms "certification" and
      "accreditation" are used more in the U.S. Department of Defense
      and other government agencies than in commercial organizations.
      However, the concepts apply any place where managers are required
      to deal with and accept responsibility for security risks. The
      American Bar Association is developing accreditation criteria for

   $ ACL
      See: access control list.

   $ acquirer
      (N) SET usage: "The financial institution that establishes an
      account with a merchant and processes payment card authorizations
      and payments." [SET1]

      (O) "The institution (or its agent) that acquires from the card
      acceptor the financial data relating to the transaction and
      initiates that data into an interchange system." [SET2]

   $ active attack
      See: (secondary definition under) attack.

   $ active wiretapping
      See: (secondary definition under) wiretapping.

   $ add-on security
      (I) "The retrofitting of protection mechanisms, implemented by
      hardware or software, after the [automatic data processing] system
      has become operational." [FP039]

   $ administrative security
      (I) Management procedures and constraints to prevent unauthorized
      access to a system. (See: security architecture.)

      (O) "The management constraints, operational procedures,
      accountability procedures, and supplemental controls established
      to provide an acceptable level of protection for sensitive data."
ToP   noToC   RFC2828 - Page 10
      (C) Examples include clear delineation and separation of duties,
      and configuration control.

   $ Advanced Encryption Standard (AES)
      (N) A future FIPS publication being developed by NIST to succeed
      DES. Intended to specify an unclassified, publicly-disclosed,
      symmetric encryption algorithm, available royalty-free worldwide.

   $ adversary
      (I) An entity that attacks, or is a threat to, a system.

   $ aggregation
      (I) A circumstance in which a collection of information items is
      required to be classified at a higher security level than any of
      the individual items that comprise it.

   $ AH
      See: Authentication Header

   $ algorithm
      (I) A finite set of step-by-step instructions for a problem-
      solving or computation procedure, especially one that can be
      implemented by a computer. (See: cryptographic algorithm.)

   $ alias
      (I) A name that an entity uses in place of its real name, usually
      for the purpose of either anonymity or deception.

   $ American National Standards Institute (ANSI)
      (N) A private, not-for-profit association of users, manufacturers,
      and other organizations, that administers U.S. private sector
      voluntary standards.

      (C) ANSI is the sole U.S. representative to the two major non-
      treaty international standards organizations, ISO and, via the
      U.S. National Committee (USNC), the International Electrotechnical
      Commission (IEC).

   $ anonymous
      (I) The condition of having a name that is unknown or concealed.
      (See: anonymous login.)

      (C) An application may require security services that maintain
      anonymity of users or other system entities, perhaps to preserve
      their privacy or hide them from attack. To hide an entity's real
      name, an alias may be used. For example, a financial institution
      may assign an account number. Parties to a transaction can thus
      remain relatively anonymous, but can also accept the transaction
ToP   noToC   RFC2828 - Page 11
      as legitimate. Real names of the parties cannot be easily
      determined by observers of the transaction, but an authorized
      third party may be able to map an alias to a real name, such as by
      presenting the institution with a court order. In other
      applications, anonymous entities may be completely untraceable.

   $ anonymous login
      (I) An access control feature (or, rather, an access control
      weakness) in many Internet hosts that enables users to gain access
      to general-purpose or public services and resources on a host
      (such as allowing any user to transfer data using File Transfer
      Protocol) without having a pre-established, user-specific account
      (i.e., user name and secret password).

      (C) This feature exposes a system to more threats than when all
      the users are known, pre-registered entities that are individually
      accountable for their actions. A user logs in using a special,
      publicly known user name (e.g., "anonymous", "guest", or "ftp").
      To use the public login name, the user is not required to know a
      secret password and may not be required to input anything at all
      except the name. In other cases, to complete the normal sequence
      of steps in a login protocol, the system may require the user to
      input a matching, publicly known password (such as "anonymous") or
      may ask the user for an e-mail address or some other arbitrary
      character string.

   $ APOP
      See: POP3 APOP.

   $ archive
       (I) (1.) Noun: A collection of data that is stored for a
      relatively long period of time for historical and other purposes,
      such as to support audit service, availability service, or system
      integrity service. (See: backup.) (2.) Verb: To store data in such
      a way. (See: back up.)

      (C) A digital signature may need to be verified many years after
      the signing occurs. The CA--the one that issued the certificate
      containing the public key needed to verify that signature--may not
      stay in operation that long. So every CA needs to provide for
      long-term storage of the information needed to verify the
      signatures of those to whom it issues certificates.

      (N) Advanced Research Projects Agency Network, a pioneer packet-
      switched network that was built in the early 1970s under contract
      to the U.S. Government, led to the development of today's
      Internet, and was decommissioned in June 1990.
ToP   noToC   RFC2828 - Page 12
   $ ASN.1
      See: Abstract Syntax Notation One.

   $ association
      (I) A cooperative relationship between system entities, usually
      for the purpose of transferring information between them. (See:
      security association.)

   $ assurance
      (I) (1.) An attribute of an information system that provides
      grounds for having confidence that the system operates such that
      the system security policy is enforced. (2.) A procedure that
      ensures a system is developed and operated as intended by the
      system's security policy.

   $ assurance level
      (I) Evaluation usage: A specific level on a hierarchical scale
      representing successively increased confidence that a target of
      evaluation adequately fulfills the requirements. (E.g., see:

   $ asymmetric cryptography
      (I) A modern branch of cryptography (popularly known as "public-
      key cryptography") in which the algorithms employ a pair of keys
      (a public key and a private key) and use a different component of
      the pair for different steps of the algorithm. (See: key pair.)

      (C) Asymmetric algorithms have key management advantages over
      equivalently strong symmetric ones. First, one key of the pair
      does not need to be known by anyone but its owner; so it can more
      easily be kept secret. Second, although the other key of the pair
      is shared by all entities that use the algorithm, that key does
      not need to be kept secret from other, non-using entities; so the
      key distribution part of key management can be done more easily.

      (C) For encryption: In an asymmetric encryption algorithm (e.g.,
      see: RSA), when Alice wants to ensure confidentiality for data she
      sends to Bob, she encrypts the data with a public key provided by
      Bob. Only Bob has the matching private key that is needed to
      decrypt the data.

      (C) For signature: In an asymmetric digital signature algorithm
      (e.g., see: DSA), when Alice wants to ensure data integrity or
      provide authentication for data she sends to Bob, she uses her
      private key to sign the data (i.e., create a digital signature
      based on the data). To verify the signature, Bob uses the matching
      public key that Alice has provided.
ToP   noToC   RFC2828 - Page 13
      (C) For key agreement: In an asymmetric key agreement algorithm
      (e.g., see: Diffie-Hellman), Alice and Bob each send their own
      public key to the other person. Then each uses their own private
      key and the other's public key to compute the new key value.

   $ attack
      (I) An assault on system security that derives from an intelligent
      threat, i.e., an intelligent act that is a deliberate attempt
      (especially in the sense of a method or technique) to evade
      security services and violate the security policy of a system.
      (See: penetration, violation, vulnerability.)

       - Active vs. passive: An "active attack" attempts to alter system
         resources or affect their operation. A "passive attack"
         attempts to learn or make use of information from the system
         but does not affect system resources. (E.g., see: wiretapping.)

       - Insider vs. outsider: An "inside attack" is an attack initiated
         by an entity inside the security perimeter (an "insider"),
         i.e., an entity that is authorized to access system resources
         but uses them in a way not approved by those who granted the
         authorization. An "outside attack" is initiated from outside
         the perimeter, by an unauthorized or illegitimate user of the
         system (an "outsider"). In the Internet, potential outside
         attackers range from amateur pranksters to organized criminals,
         international terrorists, and hostile governments.

      (C) The term "attack" relates to some other basic security terms
      as shown in the following diagram:

      + - - - - - - - - - - - - +  + - - - - +  + - - - - - - - - - - -+
      | An Attack:              |  |Counter- |  | A System Resource:   |
      | i.e., A Threat Action   |  | measure |  | Target of the Attack |
      | +----------+            |  |         |  | +-----------------+  |
      | | Attacker |<==================||<=========                 |  |
      | |   i.e.,  |   Passive  |  |         |  | |  Vulnerability  |  |
      | | A Threat |<=================>||<========>                 |  |
      | |  Agent   |  or Active |  |         |  | +-------|||-------+  |
      | +----------+   Attack   |  |         |  |         VVV          |
      |                         |  |         |  | Threat Consequences  |
      + - - - - - - - - - - - - +  + - - - - +  + - - - - - - - - - - -+

   $ attribute authority
      (I) A CA that issues attribute certificates.

      (O) "An authority, trusted by the verifier to delegate privilege,
      which issues attribute certificates." [FPDAM]
ToP   noToC   RFC2828 - Page 14
   $ attribute certificate
      (I) A digital certificate that binds a set of descriptive data
      items, other than a public key, either directly to a subject name
      or to the identifier of another certificate that is a public-key
      certificate. [X509]

      (O) "A set of attributes of a user together with some other
      information, rendered unforgeable by the digital signature created
      using the private key of the CA which issued it." [X509]

      (O) "A data structure that includes some attribute values and
      identification information about the owner of the attribute
      certificate, all digitally signed by an Attribute Authority. This
      authority's signature serves as the guarantee of the binding
      between the attributes and their owner." [FPDAM]

      (C) A public-key certificate binds a subject name to a public key
      value, along with information needed to perform certain
      cryptographic functions. Other attributes of a subject, such as a
      security clearance, may be certified in a separate kind of digital
      certificate, called an attribute certificate. A subject may have
      multiple attribute certificates associated with its name or with
      each of its public-key certificates.

      (C) An attribute certificate might be issued to a subject in the
      following situations:

       - Different lifetimes: When the lifetime of an attribute binding
         is shorter than that of the related public-key certificate, or
         when it is desirable not to need to revoke a subject's public
         key just to revoke an attribute.

       - Different authorities: When the authority responsible for the
         attributes is different than the one that issues the public-key
         certificate for the subject. (There is no requirement that an
         attribute certificate be issued by the same CA that issued the
         associated public-key certificate.)

   $ audit service
      (I) A security service that records information needed to
      establish accountability for system events and for the actions of
      system entities that cause them. (See: security audit.)

   $ audit trail
      See: security audit trail.
ToP   noToC   RFC2828 - Page 15
   $ AUTH
      See: POP3 AUTH.

   $ authentic signature
      (I) A signature (particularly a digital signature) that can be
      trusted because it can be verified. (See: validate vs. verify.)

   $ authenticate
      (I) Verify (i.e., establish the truth of) an identity claimed by
      or for a system entity. (See: authentication.)

      (D) In general English usage, this term usually means "to prove
      genuine" (e.g., an art expert authenticates a Michelangelo
      painting). But the recommended definition carries a much narrower
      meaning. For example, to be precise, an ISD SHOULD NOT say "the
      host authenticates each received datagram". Instead, the ISD
      SHOULD say "the host authenticates the origin of each received
      datagram". In most cases, we also can say "and verifies the
      datagram's integrity", because that is usually implied. (See:
      ("relationship between data integrity service and authentication
      services" under) data integrity service.)

      (D) ISDs SHOULD NOT talk about authenticating a digital signature
      or digital certificate. Instead, we "sign" and then "verify"
      digital signatures, and we "issue" and then "validate" digital
      certificates. (See: validate vs. verify.)

   $ authentication
      (I) The process of verifying an identity claimed by or for a
      system entity. (See: authenticate, authentication exchange,
      authentication information, credential, data origin
      authentication, peer entity authentication.)

      (C) An authentication process consists of two steps:

      1. Identification step: Presenting an identifier to the security
         system. (Identifiers should be assigned carefully, because
         authenticated identities are the basis for other security
         services, such as access control service.)

      2. Verification step: Presenting or generating authentication
         information that corroborates the binding between the entity
         and the identifier. (See: verification.)

      (C) See: ("relationship between data integrity service and
      authentication services" under) data integrity service.
ToP   noToC   RFC2828 - Page 16
   $ authentication code
      (D) ISDs SHOULD NOT use this term as a synonym for any form of
      checksum, whether cryptographic or not. The word "authentication"
      is misleading because the mechanism involved usually serves a data
      integrity function rather than an authentication function, and the
      word "code" is misleading because it implies that either encoding
      or encryption is involved or that the term refers to computer
      software. (See: message authentication code.)

   $ authentication exchange
      (I) A mechanism to verify the identity of an entity by means of
      information exchange.

      (O) "A mechanism intended to ensure the identity of an entity by
      means of information exchange." [I7498 Part 2]

   $ Authentication Header (AH)
      (I) An Internet IPsec protocol [R2402] designed to provide
      connectionless data integrity service and data origin
      authentication service for IP datagrams, and (optionally) to
      provide protection against replay attacks.

      (C) Replay protection may be selected by the receiver when a
      security association is established. AH authenticates upper-layer
      protocol data units and as much of the IP header as possible.
      However, some IP header fields may change in transit, and the
      value of these fields, when the packet arrives at the receiver,
      may not be predictable by the sender. Thus, the values of such
      fields cannot be protected end-to-end by AH; protection of the IP
      header by AH is only partial when such fields are present.

      (C) AH may be used alone, or in combination with the IPsec ESP
      protocol, or in a nested fashion with tunneling. Security services
      can be provided between a pair of communicating hosts, between a
      pair of communicating security gateways, or between a host and a
      gateway. ESP can provide the same security services as AH, and ESP
      can also provide data confidentiality service. The main difference
      between authentication services provided by ESP and AH is the
      extent of the coverage; ESP does not protect IP header fields
      unless they are encapsulated by AH.

   $ authentication information
      (I) Information used to verify an identity claimed by or for an
      entity. (See: authentication, credential.)

      (C) Authentication information may exist as, or be derived from,
      one of the following:
ToP   noToC   RFC2828 - Page 17
       - Something the entity knows. (See: password).
       - Something the entity possesses. (See: token.)
       - Something the entity is. (See: biometric authentication.)

   $ authentication service
      (I) A security service that verifies an identity claimed by or for
      an entity. (See: authentication.)

      (C) In a network, there are two general forms of authentication
      service: data origin authentication service and peer entity
      authentication service.

   $ authenticity
      (I) The property of being genuine and able to be verified and be
      trusted. (See: authenticate, authentication, validate vs. verify)

   $ authority
      (D) "An entity, responsible for the issuance of certificates."

      (C) ISDs SHOULD NOT use this term as a synonym for AA, CA, RA,
      ORA, or similar terms, because it may cause confusion. Instead,
      use the full term at the first instance of usage and then, if it
      is necessary to shorten text, use the style of abbreviation
      defined in this Glossary.

      (C) ISDs SHOULD NOT use this definition for any PKI entity,
      because the definition is ambiguous with regard to whether the
      entity actually issues certificates (e.g., attribute authority or
      certification authority) or just has accountability for processes
      that precede or follow signing (e.g., registration authority).
      (See: issue.)

   $ authority certificate
      (D) "A certificate issued to an authority (e.g. either to a
      certification authority or to an attribute authority)." [FPDAM]
      (See: authority.)

      (C) ISDs SHOULD NOT use this term or definition because they are
      ambiguous with regard to which specific types of PKI entities they

   $ authority revocation list (ARL)
      (I) A data structure that enumerates digital certificates that
      were issued to CAs but have been invalidated by their issuer prior
      to when they were scheduled to expire. (See: certificate
      expiration, X.509 authority revocation list.)
ToP   noToC   RFC2828 - Page 18
      (O) "A revocation list containing a list of public-key
      certificates issued to authorities, which are no longer considered
      valid by the certificate issuer." [FPDAM]

   $ authorization
   $ authorize
      (I) (1.) An "authorization" is a right or a permission that is
      granted to a system entity to access a system resource. (2.) An
      "authorization process" is a procedure for granting such rights.
      (3.) To "authorize" means to grant such a right or permission.
      (See: privilege.)

      (O) SET usage: "The process by which a properly appointed person
      or persons grants permission to perform some action on behalf of
      an organization. This process assesses transaction risk, confirms
      that a given transaction does not raise the account holder's debt
      above the account's credit limit, and reserves the specified
      amount of credit. (When a merchant obtains authorization, payment
      for the authorized amount is guaranteed--provided, of course, that
      the merchant followed the rules associated with the authorization
      process.)" [SET2]

   $ automated information system
      (I) An organized assembly of resources and procedures--i.e.,
      computing and communications equipment and services, with their
      supporting facilities and personnel--that collect, record,
      process, store, transport, retrieve, or display information to
      accomplish a specified set of functions.

   $ availability
      (I) The property of a system or a system resource being accessible
      and usable upon demand by an authorized system entity, according
      to performance specifications for the system; i.e., a system is
      available if it provides services according to the system design
      whenever users request them. (See: critical, denial of service,
      reliability, survivability.)

      (O) "The property of being accessible and usable upon demand by an
      authorized entity." [I7498 Part 2]

   $ availability service
      (I) A security service that protects a system to ensure its

      (C) This service addresses the security concerns raised by denial-
      of-service attacks. It depends on proper management and control of
      system resources, and thus depends on access control service and
      other security services.
ToP   noToC   RFC2828 - Page 19
   $ back door
      (I) A hardware or software mechanism that (a) provides access to a
      system and its resources by other than the usual procedure, (b)
      was deliberately left in place by the system's designers or
      maintainers, and (c) usually is not publicly known. (See: trap

      (C) For example, a way to access a computer other than through a
      normal login. Such access paths do not necessarily have malicious
      intent; e.g., operating systems sometimes are shipped by the
      manufacturer with privileged accounts intended for use by field
      service technicians or the vendor's maintenance programmers. (See:
      trap door.)

   $ back up vs. backup
      (I) Verb "back up": To store data for the purpose of creating a
      backup copy. (See: archive.)

      (I) Noun/adjective "backup": (1.) A reserve copy of data that is
      stored separately from the original, for use if the original
      becomes lost or damaged. (See: archive.) (2.) Alternate means to
      permit performance of system functions despite a disaster to
      system resources. (See: contingency plan.)

   $ baggage
      (D) ISDs SHOULD NOT use this term to describe a data element
      except when stated as "SET(trademark) baggage" with the following

      (O) SET usage: An "opaque encrypted tuple, which is included in a
      SET message but appended as external data to the PKCS encapsulated
      data. This avoids superencryption of the previously encrypted
      tuple, but guarantees linkage with the PKCS portion of the
      message." [SET2]

   $ bandwidth
      (I) Commonly used to mean the capacity of a communication channel
      to pass data through the channel in a given amount of time.
      Usually expressed in bits per second.

   $ bank identification number (BIN)
      (N) The digits of a credit card number that identify the issuing
      bank. (See: primary account number.)

      (O) SET usage: The first six digits of a primary account number.
ToP   noToC   RFC2828 - Page 20
   $ Basic Encoding Rules (BER)
      (I) A standard for representing ASN.1 data types as strings of
      octets. [X690] (See: Distinguished Encoding Rules.)

   $ bastion host
      (I) A strongly protected computer that is in a network protected
      by a firewall (or is part of a firewall) and is the only host (or
      one of only a few hosts) in the network that can be directly
      accessed from networks on the other side of the firewall.

      (C) Filtering routers in a firewall typically restrict traffic
      from the outside network to reaching just one host, the bastion
      host, which usually is part of the firewall. Since only this one
      host can be directly attacked, only this one host needs to be very
      strongly protected, so security can be maintained more easily and
      less expensively. However, to allow legitimate internal and
      external users to access application resources through the
      firewall, higher layer protocols and services need to be relayed
      and forwarded by the bastion host. Some services (e.g., DNS and
      SMTP) have forwarding built in; other services (e.g., TELNET and
      FTP) require a proxy server on the bastion host.

   $ BCA
      See: brand certification authority.

   $ BCI
      See: brand CRL identifier.

   $ Bell-LaPadula Model
      (N) A formal, mathematical, state-transition model of security
      policy for multilevel-secure computer systems. [Bell]

      (C) The model separates computer system elements into a set of
      subjects and a set of objects. To determine whether or not a
      subject is authorized for a particular access mode on an object,
      the clearance of the subject is compared to the classification of
      the object. The model defines the notion of a "secure state", in
      which the only permitted access modes of subjects to objects are
      in accordance with a specified security policy. It is proven that
      each state transition preserves security by moving from secure
      state to secure state, thereby proving that the system is secure.

      (C) In this model, a multilevel-secure system satisfies several
      rules, including the following:
ToP   noToC   RFC2828 - Page 21
       - "Confinement property" (also called "*-property", pronounced
         "star property"): A subject has write access to an object only
         if classification of the object dominates the clearance of the

       - "Simple security property": A subject has read access to an
         object only if the clearance of the subject dominates the
         classification of the object.

       - "Tranquillity property": The classification of an object does
         not change while the object is being processed by the system.

   $ BER
      See: Basic Encoding Rules.

   $ beyond A1
      (O) (1.) Formally, a level of security assurance that is beyond
      the highest level of criteria specified by the TCSEC. (2.)
      Informally, a level of trust so high that it cannot be provided or
      verified by currently available assurance methods, and
      particularly not by currently available formal methods.

   $ BIN
      See: bank identification number.

   $ bind
      (I) To inseparably associate by applying some mechanism, such as
      when a CA uses a digital signature to bind together a subject and
      a public key in a public-key certificate.

   $ biometric authentication
      (I) A method of generating authentication information for a person
      by digitizing measurements of a physical characteristic, such as a
      fingerprint, a hand shape, a retina pattern, a speech pattern
      (voiceprint), or handwriting.

   $ bit
      (I) The smallest unit of information storage; a contraction of the
      term "binary digit"; one of two symbols--"0" (zero) and "1" (one)
      --that are used to represent binary numbers.

   $ BLACK
      (I) Designation for information system equipment or facilities
      that handle (and for data that contains) only ciphertext (or,
      depending on the context, only unclassified information), and for
      such data itself. This term derives from U.S. Government COMSEC
      terminology. (See: RED, RED/BLACK separation.)
ToP   noToC   RFC2828 - Page 22
   $ block cipher
      (I) An encryption algorithm that breaks plaintext into fixed-size
      segments and uses the same key to transform each plaintext segment
      into a fixed-size segment of ciphertext. (See: mode, stream

      (C) For example, Blowfish, DEA, IDEA, RC2, and SKIPJACK. However,
      a block cipher can be adapted to have a different external
      interface, such as that of a stream cipher, by using a mode of
      operation to "package" the basic algorithm.

   $ Blowfish
      (N) A symmetric block cipher with variable-length key (32 to 448
      bits) designed in 1993 by Bruce Schneier as an unpatented,
      license-free, royalty-free replacement for DES or IDEA. [Schn]

   $ brand
      (I) A distinctive mark or name that identifies a product or
      business entity.

      (O) SET usage: The name of a payment card. Financial institutions
      and other companies have founded payment card brands, protect and
      advertise the brands, establish and enforce rules for use and
      acceptance of their payment cards, and provide networks to
      interconnect the financial institutions. These brands combine the
      roles of issuer and acquirer in interactions with cardholders and
      merchants. [SET1]

   $ brand certification authority (BCA)
      (O) SET usage: A CA owned by a payment card brand, such as
      MasterCard, Visa, or American Express. [SET2] (See: certification
      hierarchy, SET.)

   $ brand CRL identifier (BCI)
      (O) SET usage: A digitally signed list, issued by a BCA, of the
      names of CAs for which CRLs need to be processed when verifying
      signatures in SET messages. [SET2]

   $ break
      (I) Cryptographic usage: To successfully perform cryptanalysis and
      thus succeed in decrypting data or performing some other
      cryptographic function, without initially having knowledge of the
      key that the function requires. (This term applies to encrypted
      data or, more generally, to a cryptographic algorithm or
      cryptographic system.)
ToP   noToC   RFC2828 - Page 23
   $ bridge
      (I) A computer that is a gateway between two networks (usually two
      LANs) at OSI layer 2. (See: router.)

   $ British Standard 7799
      (N) Part 1 is a standard code of practice and provides guidance on
      how to secure an information system. Part 2 specifies the
      management framework, objectives, and control requirements for
      information security management systems [B7799]. The certification
      scheme works like ISO 9000. It is in use in the UK, the
      Netherlands, Australia, and New Zealand and might be proposed as
      an ISO standard or adapted to be part of the Common Criteria.

   $ browser
      (I) An client computer program that can retrieve and display
      information from servers on the World Wide Web.

      (C) For example, Netscape's Navigator and Communicator, and
      Microsoft's Explorer.

   $ brute force
      (I) A cryptanalysis technique or other kind of attack method
      involving an exhaustive procedure that tries all possibilities,

      (C) For example, for ciphertext where the analyst already knows
      the decryption algorithm, a brute force technique to finding the
      original plaintext is to decrypt the message with every possible

   $ BS7799
      See: British Standard 7799.

   $ byte
      (I) A fundamental unit of computer storage; the smallest
      addressable unit in a computer's architecture. Usually holds one
      character of information and, today, usually means eight bits.
      (See: octet.)

      (C) Larger than a "bit", but smaller than a "word". Although
      "byte" almost always means "octet" today, bytes had other sizes
      (e.g., six bits, nine bits) in earlier computer architectures.

   $ CA
      See: certification authority.
ToP   noToC   RFC2828 - Page 24
   $ CA certificate
      (I) "A [digital] certificate for one CA issued by another CA."

      (C) That is, a digital certificate whose holder is able to issue
      digital certificates. A v3 X.509 public-key certificate may have a
      "basicConstraints" extension containing a "cA" value that
      specifically "indicates whether or not the public key may be used
      to verify certificate signatures."

   $ call back
      (I) An authentication technique for terminals that remotely access
      a computer via telephone lines. The host system disconnects the
      caller and then calls back on a telephone number that was
      previously authorized for that terminal.

   $ capability
      (I) A token, usually an unforgeable data value (sometimes called a
      "ticket") that gives the bearer or holder the right to access a
      system resource. Possession of the token is accepted by a system
      as proof that the holder has been authorized to access the
      resource named or indicated by the token. (See: access control
      list, credential, digital certificate.)

      (C) This concept can be implemented as a digital certificate.
      (See: attribute certificate.)

   $ CAPI
      See: cryptographic application programming interface.

   $ CAPSTONE chip
      (N) An integrated circuit (the Mykotronx, Inc. MYK-82) with a Type
      II cryptographic processor that implements SKIPJACK, KEA, DSA,
      SHA, and basic mathematical functions to support asymmetric
      cryptography, and includes the key escrow feature of the CLIPPER
      chip. (See: FORTEZZA card.)

   $ card
      See: cryptographic card, FORTEZZA card, payment card, PC card,
      smart card, token.

   $ card backup
      See: token backup.

   $ card copy
      See: token copy.
ToP   noToC   RFC2828 - Page 25
   $ card restore
      See: token restore.

   $ cardholder
      (I) An entity that has been issued a card.

      (O) SET usage: "The holder of a valid payment card account and
      user of software supporting electronic commerce." [SET2] A
      cardholder is issued a payment card by an issuer. SET ensures that
      in the cardholder's interactions with merchants, the payment card
      account information remains confidential. [SET1]

   $ cardholder certificate
      (O) SET usage: A digital certificate that is issued to a
      cardholder upon approval of the cardholder's issuing financial
      institution and that is transmitted to merchants with purchase
      requests and encrypted payment instructions, carrying assurance
      that the account number has been validated by the issuing
      financial institution and cannot be altered by a third party.

   $ cardholder certification authority (CCA)
      (O) SET usage: A CA responsible for issuing digital certificates
      to cardholders and operated on behalf of a payment card brand, an
      issuer, or another party according to brand rules. A CCA maintains
      relationships with card issuers to allow for the verification of
      cardholder accounts. A CCA does not issue a CRL but does
      distribute CRLs issued by root CAs, brand CAs, geopolitical CAs,
      and payment gateway CAs. [SET2]

   $ CAST
      (N) A design procedure for symmetric encryption algorithms, and a
      resulting family of algorithms, invented by C.A. (Carlisle Adams)
      and S.T. (Stafford Tavares). [R2144, R2612]

   $ category
      (I) A grouping of sensitive information items to which a non-
      hierarchical restrictive security label is applied to increase
      protection of the data. (See: compartment.)

   $ CAW
      See: certification authority workstation.

   $ CBC
      See: cipher block chaining.

   $ CCA
      See: cardholder certification authority.
ToP   noToC   RFC2828 - Page 26
   $ CCITT
      (N) Acronym for French translation of International Telephone and
      Telegraph Consultative Committee. Now renamed ITU-T.

   $ CERT
      See: computer emergency response team.

   $ certificate
      (I) General English usage: A document that attests to the truth of
      something or the ownership of something.

      (C) Security usage: See: capability, digital certificate.

      (C) PKI usage: See: attribute certificate, public-key certificate.

   $ certificate authority
      (D) ISDs SHOULD NOT use this term because it looks like sloppy use
      of "certification authority", which is the term standardized by

   $ certificate chain
      (D) ISDs SHOULD NOT use this term because it duplicates the
      meaning of a standardized term. Instead, use "certification path".

   $ certificate chain validation
      (D) ISDs SHOULD NOT use this term because it duplicates the
      meaning of standardized terms and mixes concepts in a potentially
      misleading way. Instead, use "certificate validation" or "path
      validation", depending on what is meant. (See: validate vs.

   $ certificate creation
      (I) The act or process by which a CA sets the values of a digital
      certificate's data fields and signs it. (See: issue.)

   $ certificate expiration
      (I) The event that occurs when a certificate ceases to be valid
      because its assigned lifetime has been exceeded. (See: certificate
      revocation, validity period.)

   $ certificate extension
      See: extension.
ToP   noToC   RFC2828 - Page 27
   $ certificate holder
      (D) ISDs SHOULD NOT use this term as a synonym for the subject of
      a digital certificate because the term is potentially ambiguous.
      For example, the term could also refer to a system entity, such as
      a repository, that simply has possession of a copy of the
      certificate. (See: certificate owner.)

   $ certificate management
      (I) The functions that a CA may perform during the life cycle of a
      digital certificate, including the following:

       - Acquire and verify data items to bind into the certificate.
       - Encode and sign the certificate.
       - Store the certificate in a directory or repository.
       - Renew, rekey, and update the certificate.
       - Revoke the certificate and issue a CRL.

      (See: archive management, certificate management, key management,
      security architecture, token management.)

   $ certificate owner
      (D) ISDs SHOULD NOT use this term as a synonym for the subject of
      a digital certificate because the term is potentially ambiguous.
      For example, the term could also refer to a system entity, such as
      a corporation, that has acquired a certificate to operate some
      other entity, such as a Web server. (See: certificate holder.)

   $ certificate policy
      (I) "A named set of rules that indicates the applicability of a
      certificate to a particular community and/or class of application
      with common security requirements." [X509] (See: certification
      practice statement.)

      (C) A certificate policy can help a certificate user decide
      whether a certificate should be trusted in a particular
      application. "For example, a particular certificate policy might
      indicate applicability of a type of certificate for the
      authentication of electronic data interchange transactions for the
      trading goods within a given price range." [R2527]

      (C) A v3 X.509 public-key certificate may have a
      "certificatePolicies" extension that lists certificate policies,
      recognized by the issuing CA, that apply to the certificate and
      govern its use. Each policy is denoted by an object identifier and
      may optionally have certificate policy qualifiers.
ToP   noToC   RFC2828 - Page 28
      (C) SET usage: Every SET certificate specifies at least one
      certificate policy, that of the SET root CA. SET uses certificate
      policy qualifiers to point to the actual policy statement and to
      add qualifying policies to the root policy. (See: SET qualifier.)

   $ certificate policy qualifier
      (I) Information that pertains to a certificate policy and is
      included in a "certificatePolicies" extension in a v3 X.509
      public-key certificate.

   $ certificate reactivation
      (I) The act or process by which a digital certificate, which a CA
      has designated for revocation but not yet listed on a CRL, is
      returned to the valid state.

   $ certificate rekey
      (I) The act or process by which an existing public-key certificate
      has its public key value changed by issuing a new certificate with
      a different (usually new) public key. (See: certificate renewal,
      certificate update, rekey.)

      (C) For an X.509 public-key certificate, the essence of rekey is
      that the subject stays the same and a new public key is bound to
      that subject. Other changes are made, and the old certificate is
      revoked, only as required by the PKI and CPS in support of the
      rekey. If changes go beyond that, the process is a "certificate

      (O) MISSI usage: To rekey a MISSI X.509 public-key certificate
      means that the issuing authority creates a new certificate that is
      identical to the old one, except the new one has a new, different
      KEA key; or a new, different DSS key; or new, different KEA and
      DSS keys. The new certificate also has a different serial number
      and may have a different validity period. A new key creation date
      and maximum key lifetime period are assigned to each newly
      generated key. If a new KEA key is generated, that key is assigned
      a new KMID. The old certificate remains valid until it expires,
      but may not be further renewed, rekeyed, or updated.

   $ certificate renewal
      (I) The act or process by which the validity of the data binding
      asserted by an existing public-key certificate is extended in time
      by issuing a new certificate. (See: certificate rekey, certificate

      (C) For an X.509 public-key certificate, this term means that the
      validity period is extended (and, of course, a new serial number
      is assigned) but the binding of the public key to the subject and
ToP   noToC   RFC2828 - Page 29
      to other data items stays the same. The other data items are
      changed, and the old certificate is revoked, only as required by
      the PKI and CPS to support the renewal. If changes go beyond that,
      the process is a "certificate rekey" or "certificate update".

   $ certificate request
      (D) ISDs SHOULD NOT use this term because it looks like imprecise
      use of a term standardized by PKCS #10 and used in PKIX. Instead,
      use the standard term, "certification request".

   $ certificate revocation
      (I) The event that occurs when a CA declares that a previously
      valid digital certificate issued by that CA has become invalid;
      usually stated with a revocation date.

      (C) In X.509, a revocation is announced to potential certificate
      users by issuing a CRL that mentions the certificate. Revocation
      and listing on a CRL is only necessary before certificate

   $ certificate revocation list (CRL)
      (I) A data structure that enumerates digital certificates that
      have been invalidated by their issuer prior to when they were
      scheduled to expire. (See: certificate expiration, X.509
      certificate revocation list.)

      (O) "A signed list indicating a set of certificates that are no
      longer considered valid by the certificate issuer. After a
      certificate appears on a CRL, it is deleted from a subsequent CRL
      after the certificate's expiry. CRLs may be used to identify
      revoked public-key certificates or attribute certificates and may
      represent revocation of certificates issued to authorities or to
      users. The term CRL is also commonly used as a generic term
      applying to all the different types of revocation lists, including
      CRLs, ARLs, ACRLs, etc." [FPDAM]

   $ certificate revocation tree
      (I) A mechanism for distributing notice of certificate
      revocations; uses a tree of hash results that is signed by the
      tree's issuer. Offers an alternative to issuing a CRL, but is not
      supported in X.509. (See: certificate status responder.)

   $ certificate serial number
      (I) An integer value that (a) is associated with, and may be
      carried in, a digital certificate; (b) is assigned to the
      certificate by the certificate's issuer; and (c) is unique among
      all the certificates produced by that issuer.

(next page on part 2)

Next Section