rfc2504.txt

著名的RFC文档,其中有一些文档是已经翻译成中文的的.

   Cookies

      Cookies register information about a visit to a web site for
      future use by the server.  A server may receive information of
      cookies of other sites as well which create concern in terms of
      breach of privacy.

   Cracker

      This term is used to describe attackers, intruders or other bad
      guys that do not play by the rules and try to circumvent security
      mechanisms and/or attack individuals and organisations.

   Daemons (inetd, talkd, etc.)

      These are processes that run on computer systems to provide
      services to other computer systems or processes.  Typically,
      daemons are considered "servers".

   Decrypting

      The process of reversing the encryption of a file or message to
      recover the original data in order to use or read it.

   Default Account

      Some systems and server software come with preconfigured accounts.
      These accounts may be set up with a predefined (user name and)
      password to allow anyone access and are often put there to make it
      convenient for users to login initially.  Default accounts should
      be turned off or have their predefined passwords changed, to
      reduce the risk of abuse to the system.

   Dial-in Service

      A way of providing access to computer systems or networks via a
      telecommunications network.  A computer uses a modem to make a
      telephone call to a another modem, which in turn provides 'network
      access service'.  See also: PPP.

   Digital Signature

      A digital signature is created by a mathematical computer program.
      It is not a hand-written signature nor a computer-produced picture
      of one.  The signature is like a wax seal that requires a special
      stamp to produce it, and is attached to an Email message or file.
      The origin of the message or file may then be verified by the
      digital signature (using special tools).



Guttman, et. al.             Informational                     [Page 23]

RFC 2504                Users' Security Handbook           February 1999


   Downloaded Software

      Software packages retrieved from the Internet (using, for example,
      the FTP protocol).

   Downloading

      The act of retrieving files from a server on the network.

   Email Packages

      To communicate via electronic mail, an end-user usually makes use
      of an Email client that provides the user-interface to create,
      send, retrieve and read Email. Various different Email packages
      provide the same set of basic functions but have different user-
      interfaces and perhaps, special/extra functions.  Some Email
      packages provide encryption and digital signature capabilities.

   Email Security Software

      Software which provides security through digital signatures and
      encryption (and decryption) to enable the end-user to protect
      messages and documents prior to sending them over a possibly
      insecure network.  PGP is an example of such software.

   Encrypting / Encryption

      This is a mathematical process of scambling data for privacy
      protection.

   Encryption Software

      The software that actually provides the needed functionality for
      end users to encrypt messages and files. PGP is one example.

   End-User

      An (human) individual that makes use of computer systems and
      networks.

   Files (programs, data, text and so on)

      Files include user data, but also programs, the computer operating
      system and the system's configuration data.







Guttman, et. al.             Informational                     [Page 24]

RFC 2504                Users' Security Handbook           February 1999


   File Server

      A computer system that provides a way of sharing and working on
      files stored on the system among users with access to these files
      over a network.

   File Transfer

      The process of transferring files between two computer systems
      over a network, using a protocol such as FTP or HTTP.

   Fixes, Patches and installing them

      Vendors, in response to the discovery of security vulnerabilities,
      provide sets of files that have to be installed on computer
      systems.  These files 'fix' or 'patch' the computer system or
      programs and remove the security vulnerability.

   FTP (File Transfer Protocol)

      A protocol that allows for the transfer of files between an FTP
      client and FTP server.

   Group of Users

      Security software often allow permissions to be set for groups (of
      users) as opposed to individuals.

   Help Desk

      A support entity that can be called upon to get help with a
      computer or communication problem.

   Internet

      A collection of interconnected networks that use a common set of
      protocols called the TCP/IP stack to enable communication between
      the connected computer systems.

   Key Escrow

      Keys are used to encrypt and decrypt files.  key escrow is used to
      store keys for use by third parties to access the data in
      encrypted files.







Guttman, et. al.             Informational                     [Page 25]

RFC 2504                Users' Security Handbook           February 1999


   Keys Used to Encrypt and Decrypt Files

      To make use of encryption, an end-user has to provide some secret,
      in the form of some data, usually called a key.

   Log In, Logging into a System

      This is an action performed by an end-user, when he authenticates
      himself to a computer system.

   Log In Prompt

      The characters that are displayed when logging into a system to
      ask for user name and password.

   Logged In

      If an end-user has successfully proven to have legitimate access
      to a system, he is considered to be logged in.

   Logging

      Systems and server software often provide the ability to keep
      track of events.  Events may be configured to be written out to a
      file known as a log.  The log file can be read later and allows
      for system failures and security breaches to be identified.

   Masquerade (see Remote Log In)

      Anyone who pretends to be someone they are not in order to obtain
      access to a computer account is said to be in 'masquerade'.  This
      may be accomplished by providing a false user name, or stealing
      someone else's password and logging in as him.

   Network File System (NFS, file sharing with PCs, etc.)

      NFS is an application and protocol suite that provides a way of
      sharing files between clients and servers. There are other
      protocols which provide file access over networks.  These provide
      similar functionality, but do not interoperate with each other.

   Networking Features of Software

      Some software has features which make use of the network to
      retrieve or share data.  It may not be obvious that software has
      networking features.





Guttman, et. al.             Informational                     [Page 26]

RFC 2504                Users' Security Handbook           February 1999


   Network Services

      Services which are not provided on the local computer system the
      end-user is working on but on a server located in the network.

   One-Time Passwords (OTP)

      Instead of using the same password over and over again, a
      different password is used on each subsequent log in.

   Passphrase

      A passphrase is a long password.  It is often composed of several
      words and symbols to make it harder to guess.

   Password-Locked Screensaver

      A screen saver obscures the normal display of a monitor.  A
      password-locked screensaver can only be deactivated if the end-
      user's password is supplied.  This prevents a logged-in system
      from being abused and hides the work currently being done from
      passers-by.

   Patch

      See "Fixes, Patches and installing them"

   Permissions

      Another word for the access controls that are used to control the
      access to files and other resources.

   PGP (Pretty Good Privacy)

      PGP is an application package that provides tools to encrypt and
      digitally sign files on computer systems.  It is especially useful
      to encrypt and/or sign files and messages before sending them via
      Email.

   Plug-in Modules

      Software components that integrate into other software (such as
      web browsers) to provide additional features.








Guttman, et. al.             Informational                     [Page 27]

RFC 2504                Users' Security Handbook           February 1999


   Point-of-Contact, Security

      In case of security breaches or problems, many organisations
      provide a designated point-of-contact which can alert others and
      take the appropriate actions.

   PPP (Point to Point Protocol)

      PPP is the mechanism which most end-users establish a network
      connection between their PC and their Internet service provider
      with.  Once connected, the PC is able to transmit and receive data
      to any other system on the network.

   Privacy Programs

      Another term for encryption software that highlights the use of
      this software to protect the confidentiality and therefore privacy
      of the end-users that make use of it.

   Remote Access Software

      This software allows a computer to use a modem to connect to
      another system.  It also allows a computer to 'listen' for calls
      on a modem (this computer provi