security terminology :: essays research papers

SecurityTerminologyDefine the pursual terms1.Au and thentication ability to identify who it isa. ACL (access control list) is associated w/ a given resource. Describes groups, users, machines and their permissions associated with that particular resource.i.Token- one time only password lynchpinb.CA- certificate of authority- creates certificates -system or entity trusted to generate and distribute digital certificates. tooshie be privately utilize or from a 3rd political party e-commerce site. Verifies identity of user. stylemark method.c.RA- Registration Authority-issues certificates-RA verifies credentials supplied by an agent and then sends the CA an okay to issue a certificate.d.PKI- Public Key Infrastructure- Policies and behaviors that badger the deployment and management of key partner offs. How you issue two keys at one time.e. Kerberos- Authentication method used by Microsoft. Uses 3 different protocols, listed belowi.TGT- fine granting ticket. Allows you to requ est resources on the engagement from servers.ii.TGS- Ticket granting server. Accesses a particular network server for tickets.iii. AS- Authentication Server. Equivalent to a morning check-in at security desk of a hotel. Checks the identity of a server.f. bloke- Challenge handshake corroboration protocol. Was designed to replace the PAP. Communication between server and client proving identity.i.MS-CHAP- Microsoft CHAPg.PAP- Password authentication protocolh.X.509- digital certificate that uniquely identifies a party. Standard structure of a certificate.i.KDC- Key distribution centerj.Biometrics- Authentications found on human anatomy.k.Multifactor- Authentication based on 2 validated authentication methods.l.Mutual Authentication- Client establishes identity to server. Server provides authentication instruction to client to ensure that illicit servers cannot masquerade as genuine servers. both parties have to authenticate.2.Encryption- hiding data using algorithmic rules. prot ection, method of code, algorithms, formulas a.Asymmetric keys- pair of key values one public and one private.b.Symmetric keys- individual(a) encryption key generated.c.DES- Data Encryption standard developed by government.d.Diffie-hellman- encryption algorithm named after its two creators.e.IPSec- used for encryption of transmission control protocol/IP traffic. Method of encrypting any IP transmissions.f.PGP- Pretty good privacy- primarily used in email less secure than the PKI.g.RSA- Rivest-Shamir-Adleman- encryption algorithm named after its 3 creators. Using two pair keys.h.SSL- Secure Socket Loader- used mainly on web servers to transmit securely via HTTPS//3.Network protocols and compositiona.DMZ- Demilitarized zone- Zone used for public access. Used with FTP, web servers and DNS servers. b.IDS- Intrusion catching System- 2 types Active and Passivec.NAT- Network Address Translation- Appends to your logical carriage. Protects midland hosts. Used with proxy servers. Transla tes internal IP to Real IP. Uses unique port table. There is 65,000 portsd.Tunneling- ability to go to 1 point to another as though you are a single proprietary line.