rfc2828.txt
来自「RFC 的详细文档!」· 文本 代码 · 共 1,556 行 · 第 1/5 页
TXT
1,556 行
$ association
(I) A cooperative relationship between system entities, usually
for the purpose of transferring information between them. (See:
security association.)
$ assurance
(I) (1.) An attribute of an information system that provides
grounds for having confidence that the system operates such that
the system security policy is enforced. (2.) A procedure that
ensures a system is developed and operated as intended by the
system's security policy.
$ assurance level
(I) Evaluation usage: A specific level on a hierarchical scale
representing successively increased confidence that a target of
evaluation adequately fulfills the requirements. (E.g., see:
TCSEC.)
$ asymmetric cryptography
(I) A modern branch of cryptography (popularly known as "public-
key cryptography") in which the algorithms employ a pair of keys
(a public key and a private key) and use a different component of
the pair for different steps of the algorithm. (See: key pair.)
(C) Asymmetric algorithms have key management advantages over
equivalently strong symmetric ones. First, one key of the pair
does not need to be known by anyone but its owner; so it can more
easily be kept secret. Second, although the other key of the pair
is shared by all entities that use the algorithm, that key does
not need to be kept secret from other, non-using entities; so the
key distribution part of key management can be done more easily.
(C) For encryption: In an asymmetric encryption algorithm (e.g.,
see: RSA), when Alice wants to ensure confidentiality for data she
sends to Bob, she encrypts the data with a public key provided by
Bob. Only Bob has the matching private key that is needed to
decrypt the data.
(C) For signature: In an asymmetric digital signature algorithm
(e.g., see: DSA), when Alice wants to ensure data integrity or
provide authentication for data she sends to Bob, she uses her
private key to sign the data (i.e., create a digital signature
based on the data). To verify the signature, Bob uses the matching
public key that Alice has provided.
Shirey Informational [Page 12]
RFC 2828 Internet Security Glossary May 2000
(C) For key agreement: In an asymmetric key agreement algorithm
(e.g., see: Diffie-Hellman), Alice and Bob each send their own
public key to the other person. Then each uses their own private
key and the other's public key to compute the new key value.
$ attack
(I) An assault on system security that derives from an intelligent
threat, i.e., an intelligent act that is a deliberate attempt
(especially in the sense of a method or technique) to evade
security services and violate the security policy of a system.
(See: penetration, violation, vulnerability.)
- Active vs. passive: An "active attack" attempts to alter system
resources or affect their operation. A "passive attack"
attempts to learn or make use of information from the system
but does not affect system resources. (E.g., see: wiretapping.)
- Insider vs. outsider: An "inside attack" is an attack initiated
by an entity inside the security perimeter (an "insider"),
i.e., an entity that is authorized to access system resources
but uses them in a way not approved by those who granted the
authorization. An "outside attack" is initiated from outside
the perimeter, by an unauthorized or illegitimate user of the
system (an "outsider"). In the Internet, potential outside
attackers range from amateur pranksters to organized criminals,
international terrorists, and hostile governments.
(C) The term "attack" relates to some other basic security terms
as shown in the following diagram:
+ - - - - - - - - - - - - + + - - - - + + - - - - - - - - - - -+
| An Attack: | |Counter- | | A System Resource: |
| i.e., A Threat Action | | measure | | Target of the Attack |
| +----------+ | | | | +-----------------+ |
| | Attacker |<==================||<========= | |
| | i.e., | Passive | | | | | Vulnerability | |
| | A Threat |<=================>||<========> | |
| | Agent | or Active | | | | +-------|||-------+ |
| +----------+ Attack | | | | VVV |
| | | | | Threat Consequences |
+ - - - - - - - - - - - - + + - - - - + + - - - - - - - - - - -+
$ attribute authority
(I) A CA that issues attribute certificates.
(O) "An authority, trusted by the verifier to delegate privilege,
which issues attribute certificates." [FPDAM]
Shirey Informational [Page 13]
RFC 2828 Internet Security Glossary May 2000
$ attribute certificate
(I) A digital certificate that binds a set of descriptive data
items, other than a public key, either directly to a subject name
or to the identifier of another certificate that is a public-key
certificate. [X509]
(O) "A set of attributes of a user together with some other
information, rendered unforgeable by the digital signature created
using the private key of the CA which issued it." [X509]
(O) "A data structure that includes some attribute values and
identification information about the owner of the attribute
certificate, all digitally signed by an Attribute Authority. This
authority's signature serves as the guarantee of the binding
between the attributes and their owner." [FPDAM]
(C) A public-key certificate binds a subject name to a public key
value, along with information needed to perform certain
cryptographic functions. Other attributes of a subject, such as a
security clearance, may be certified in a separate kind of digital
certificate, called an attribute certificate. A subject may have
multiple attribute certificates associated with its name or with
each of its public-key certificates.
(C) An attribute certificate might be issued to a subject in the
following situations:
- Different lifetimes: When the lifetime of an attribute binding
is shorter than that of the related public-key certificate, or
when it is desirable not to need to revoke a subject's public
key just to revoke an attribute.
- Different authorities: When the authority responsible for the
attributes is different than the one that issues the public-key
certificate for the subject. (There is no requirement that an
attribute certificate be issued by the same CA that issued the
associated public-key certificate.)
$ audit service
(I) A security service that records information needed to
establish accountability for system events and for the actions of
system entities that cause them. (See: security audit.)
$ audit trail
See: security audit trail.
Shirey Informational [Page 14]
RFC 2828 Internet Security Glossary May 2000
$ AUTH
See: POP3 AUTH.
$ authentic signature
(I) A signature (particularly a digital signature) that can be
trusted because it can be verified. (See: validate vs. verify.)
$ authenticate
(I) Verify (i.e., establish the truth of) an identity claimed by
or for a system entity. (See: authentication.)
(D) In general English usage, this term usually means "to prove
genuine" (e.g., an art expert authenticates a Michelangelo
painting). But the recommended definition carries a much narrower
meaning. For example, to be precise, an ISD SHOULD NOT say "the
host authenticates each received datagram". Instead, the ISD
SHOULD say "the host authenticates the origin of each received
datagram". In most cases, we also can say "and verifies the
datagram's integrity", because that is usually implied. (See:
("relationship between data integrity service and authentication
services" under) data integrity service.)
(D) ISDs SHOULD NOT talk about authenticating a digital signature
or digital certificate. Instead, we "sign" and then "verify"
digital signatures, and we "issue" and then "validate" digital
certificates. (See: validate vs. verify.)
$ authentication
(I) The process of verifying an identity claimed by or for a
system entity. (See: authenticate, authentication exchange,
authentication information, credential, data origin
authentication, peer entity authentication.)
(C) An authentication process consists of two steps:
1. Identification step: Presenting an identifier to the security
system. (Identifiers should be assigned carefully, because
authenticated identities are the basis for other security
services, such as access control service.)
2. Verification step: Presenting or generating authentication
information that corroborates the binding between the entity
and the identifier. (See: verification.)
(C) See: ("relationship between data integrity service and
authentication services" under) data integrity service.
Shirey Informational [Page 15]
RFC 2828 Internet Security Glossary May 2000
$ authentication code
(D) ISDs SHOULD NOT use this term as a synonym for any form of
checksum, whether cryptographic or not. The word "authentication"
is misleading because the mechanism involved usually serves a data
integrity function rather than an authentication function, and the
word "code" is misleading because it implies that either encoding
or encryption is involved or that the term refers to computer
software. (See: message authentication code.)
$ authentication exchange
(I) A mechanism to verify the identity of an entity by means of
information exchange.
(O) "A mechanism intended to ensure the identity of an entity by
means of information exchange." [I7498 Part 2]
$ Authentication Header (AH)
(I) An Internet IPsec protocol [R2402] designed to provide
connectionless data integrity service and data origin
authentication service for IP datagrams, and (optionally) to
provide protection against replay attacks.
(C) Replay protection may be selected by the receiver when a
security association is established. AH authenticates upper-layer
protocol data units and as much of the IP header as possible.
However, some IP header fields may change in transit, and the
value of these fields, when the packet arrives at the receiver,
may not be predictable by the sender. Thus, the values of such
fields cannot be protected end-to-end by AH; protection of the IP
header by AH is only partial when such fields are present.
(C) AH may be used alone, or in combination with the IPsec ESP
protocol, or in a nested fashion with tunneling. Security services
can be provided between a pair of communicating hosts, between a
pair of communicating security gateways, or between a host and a
gateway. ESP can provide the same security services as AH, and ESP
can also provide data confidentiality service. The main difference
between authentication services provided by ESP and AH is the
extent of the coverage; ESP does not protect IP header fields
unless they are encapsulated by AH.
$ authentication information
(I) Information used to verify an identity claimed by or for an
entity. (See: authentication, credential.)
(C) Authentication information may exist as, or be derived from,
one of the following:
Shirey Informational [Page 16]
RFC 2828 Internet Security Glossary May 2000
- Something the entity knows. (See: password).
- Something the entity possesses. (See: token.)
- Something the entity is. (See: biometric authentication.)
$ authentication service
(I) A security service that verifies an identity claimed by or for
an entity. (See: authentication.)
(C) In a network, there are two general forms of authentication
service: data origin authentication service and peer entity
authentication service.
$ authenticity
(I) The property of being genuine and able to be verified and be
trusted. (See: authenticate, authentication, validate vs. verify)
$ authority
(D) "An entity, responsible for the issuance of certificates."
[FPDAM]
(C) ISDs SHOULD NOT use this term as a synonym for AA, CA, RA,
ORA, or similar terms, because it may cause confusion. Instead,
use the full term at the first instance of usage and then, if it
is necessary to shorten text, use the style of abbreviation
defined in this Glossary.
(C) ISDs SHOULD NOT use this definition for any PKI entity,
because the definition is ambiguous with regard to whether the
entity actually issues certificates (e.g., attribute authority or
certification authority) or just has accountability for processes
that precede or follow signing (e.g., registration authority).
(See: issue.)
$ authority certificate
⌨️ 快捷键说明
复制代码Ctrl + C
搜索代码Ctrl + F
全屏模式F11
增大字号Ctrl + =
减小字号Ctrl + -
显示快捷键?