rfc2828.txt

著名的RFC文档,其中有一些文档是已经翻译成中文的的.

      (I) Evaluation usage: A specific level on a hierarchical scale
      representing successively increased confidence that a target of
      evaluation adequately fulfills the requirements. (E.g., see:
      TCSEC.)

   $ asymmetric cryptography
      (I) A modern branch of cryptography (popularly known as "public-
      key cryptography") in which the algorithms employ a pair of keys
      (a public key and a private key) and use a different component of
      the pair for different steps of the algorithm. (See: key pair.)

      (C) Asymmetric algorithms have key management advantages over
      equivalently strong symmetric ones. First, one key of the pair
      does not need to be known by anyone but its owner; so it can more
      easily be kept secret. Second, although the other key of the pair
      is shared by all entities that use the algorithm, that key does
      not need to be kept secret from other, non-using entities; so the
      key distribution part of key management can be done more easily.

      (C) For encryption: In an asymmetric encryption algorithm (e.g.,
      see: RSA), when Alice wants to ensure confidentiality for data she
      sends to Bob, she encrypts the data with a public key provided by
      Bob. Only Bob has the matching private key that is needed to
      decrypt the data.

      (C) For signature: In an asymmetric digital signature algorithm
      (e.g., see: DSA), when Alice wants to ensure data integrity or
      provide authentication for data she sends to Bob, she uses her
      private key to sign the data (i.e., create a digital signature
      based on the data). To verify the signature, Bob uses the matching
      public key that Alice has provided.




Shirey                       Informational                     [Page 12]

RFC 2828               Internet Security Glossary               May 2000


      (C) For key agreement: In an asymmetric key agreement algorithm
      (e.g., see: Diffie-Hellman), Alice and Bob each send their own
      public key to the other person. Then each uses their own private
      key and the other's public key to compute the new key value.

   $ attack
      (I) An assault on system security that derives from an intelligent
      threat, i.e., an intelligent act that is a deliberate attempt
      (especially in the sense of a method or technique) to evade
      security services and violate the security policy of a system.
      (See: penetration, violation, vulnerability.)

       - Active vs. passive: An "active attack" attempts to alter system
         resources or affect their operation. A "passive attack"
         attempts to learn or make use of information from the system
         but does not affect system resources. (E.g., see: wiretapping.)

       - Insider vs. outsider: An "inside attack" is an attack initiated
         by an entity inside the security perimeter (an "insider"),
         i.e., an entity that is authorized to access system resources
         but uses them in a way not approved by those who granted the
         authorization. An "outside attack" is initiated from outside
         the perimeter, by an unauthorized or illegitimate user of the
         system (an "outsider"). In the Internet, potential outside
         attackers range from amateur pranksters to organized criminals,
         international terrorists, and hostile governments.

      (C) The term "attack" relates to some other basic security terms
      as shown in the following diagram:

      + - - - - - - - - - - - - +  + - - - - +  + - - - - - - - - - - -+
      | An Attack:              |  |Counter- |  | A System Resource:   |
      | i.e., A Threat Action   |  | measure |  | Target of the Attack |
      | +----------+            |  |         |  | +-----------------+  |
      | | Attacker |<==================||<=========                 |  |
      | |   i.e.,  |   Passive  |  |         |  | |  Vulnerability  |  |
      | | A Threat |<=================>||<========>                 |  |
      | |  Agent   |  or Active |  |         |  | +-------|||-------+  |
      | +----------+   Attack   |  |         |  |         VVV          |
      |                         |  |         |  | Threat Consequences  |
      + - - - - - - - - - - - - +  + - - - - +  + - - - - - - - - - - -+

   $ attribute authority
      (I) A CA that issues attribute certificates.

      (O) "An authority, trusted by the verifier to delegate privilege,
      which issues attribute certificates." [FPDAM]




Shirey                       Informational                     [Page 13]

RFC 2828               Internet Security Glossary               May 2000


   $ attribute certificate
      (I) A digital certificate that binds a set of descriptive data
      items, other than a public key, either directly to a subject name
      or to the identifier of another certificate that is a public-key
      certificate. [X509]

      (O) "A set of attributes of a user together with some other
      information, rendered unforgeable by the digital signature created
      using the private key of the CA which issued it." [X509]

      (O) "A data structure that includes some attribute values and
      identification information about the owner of the attribute
      certificate, all digitally signed by an Attribute Authority. This
      authority's signature serves as the guarantee of the binding
      between the attributes and their owner." [FPDAM]

      (C) A public-key certificate binds a subject name to a public key
      value, along with information needed to perform certain
      cryptographic functions. Other attributes of a subject, such as a
      security clearance, may be certified in a separate kind of digital
      certificate, called an attribute certificate. A subject may have
      multiple attribute certificates associated with its name or with
      each of its public-key certificates.

      (C) An attribute certificate might be issued to a subject in the
      following situations:

       - Different lifetimes: When the lifetime of an attribute binding
         is shorter than that of the related public-key certificate, or
         when it is desirable not to need to revoke a subject's public
         key just to revoke an attribute.

       - Different authorities: When the authority responsible for the
         attributes is different than the one that issues the public-key
         certificate for the subject. (There is no requirement that an
         attribute certificate be issued by the same CA that issued the
         associated public-key certificate.)

   $ audit service
      (I) A security service that records information needed to
      establish accountability for system events and for the actions of
      system entities that cause them. (See: security audit.)

   $ audit trail
      See: security audit trail.






Shirey                       Informational                     [Page 14]

RFC 2828               Internet Security Glossary               May 2000


   $ AUTH
      See: POP3 AUTH.

   $ authentic signature
      (I) A signature (particularly a digital signature) that can be
      trusted because it can be verified. (See: validate vs. verify.)

   $ authenticate
      (I) Verify (i.e., establish the truth of) an identity claimed by
      or for a system entity. (See: authentication.)

      (D) In general English usage, this term usually means "to prove
      genuine" (e.g., an art expert authenticates a Michelangelo
      painting). But the recommended definition carries a much narrower
      meaning. For example, to be precise, an ISD SHOULD NOT say "the
      host authenticates each received datagram". Instead, the ISD
      SHOULD say "the host authenticates the origin of each received
      datagram". In most cases, we also can say "and verifies the
      datagram's integrity", because that is usually implied. (See:
      ("relationship between data integrity service and authentication
      services" under) data integrity service.)

      (D) ISDs SHOULD NOT talk about authenticating a digital signature
      or digital certificate. Instead, we "sign" and then "verify"
      digital signatures, and we "issue" and then "validate" digital
      certificates. (See: validate vs. verify.)

   $ authentication
      (I) The process of verifying an identity claimed by or for a
      system entity. (See: authenticate, authentication exchange,
      authentication information, credential, data origin
      authentication, peer entity authentication.)

      (C) An authentication process consists of two steps:

      1. Identification step: Presenting an identifier to the security
         system. (Identifiers should be assigned carefully, because
         authenticated identities are the basis for other security
         services, such as access control service.)

      2. Verification step: Presenting or generating authentication
         information that corroborates the binding between the entity
         and the identifier. (See: verification.)

      (C) See: ("relationship between data integrity service and
      authentication services" under) data integrity service.





Shirey                       Informational                     [Page 15]

RFC 2828               Internet Security Glossary               May 2000


   $ authentication code
      (D) ISDs SHOULD NOT use this term as a synonym for any form of
      checksum, whether cryptographic or not. The word "authentication"
      is misleading because the mechanism involved usually serves a data
      integrity function rather than an authentication function, and the
      word "code" is misleading because it implies that either encoding
      or encryption is involved or that the term refers to computer
      software. (See: message authentication code.)

   $ authentication exchange
      (I) A mechanism to verify the identity of an entity by means of
      information exchange.

      (O) "A mechanism intended to ensure the identity of an entity by
      means of information exchange." [I7498 Part 2]

   $ Authentication Header (AH)
      (I) An Internet IPsec protocol [R2402] designed to provide
      connectionless data integrity service and data origin
      authentication service for IP datagrams, and (optionally) to
      provide protection against replay attacks.

      (C) Replay protection may be selected by the receiver when a
      security association is established. AH authenticates upper-layer
      protocol data units and as much of the IP header as possible.
      However, some IP header fields may change in transit, and the
      value of these fields, when the packet arrives at the receiver,
      may not be predictable by the sender. Thus, the values of such
      fields cannot be protected end-to-end by AH; protection of the IP
      header by AH is only partial when such fields are present.

      (C) AH may be used alone, or in combination with the IPsec ESP
      protocol, or in a nested fashion with tunneling. Security services
      can be provided between a pair of communicating hosts, between a
      pair of communicating security gateways, or between a host and a
      gateway. ESP can provide the same security services as AH, and ESP
      can also provide data confidentiality service. The main difference
      between authentication services provided by ESP and AH is the
      extent of the coverage; ESP does not protect IP header fields
      unless they are encapsulated by AH.

   $ authentication information
      (I) Information used to verify an identity claimed by or for an
      entity. (See: authentication, credential.)

      (C) Authentication information may exist as, or be derived from,
      one of the following:




Shirey                       Informational                     [Page 16]

RFC 2828               Internet Security Glossary               May 2000


       - Something the entity knows. (See: password).
       - Something the entity possesses. (See: token.)
       - Something the entity is. (See: biometric authentication.)

   $ authentication service
      (I) A security service that verifies an identity claimed by or for
      an entity. (See: authentication.)

      (C) In a network, there are two general forms of authentication
      service: data origin authentication service and peer entity
      authentication service.

   $ authenticity
      (I) The property of being genuine and able to be verified and be
      trusted. (See: authenticate, authentication, validate vs. verify)

   $ authority
      (D) "An entity, responsible for the issuance of certificates."
      [FPDAM]

      (C) ISDs SHOULD NOT use this term as a synonym for AA, CA, RA,
      ORA, or similar terms, because it may cause confusion. Instead,
      use the full term at the first instance of usage and then, if it
      is necessary to shorten text, use the style of abbreviation
      defined in this Glossary.

      (C) ISDs SHOULD NOT use this definition for any PKI entity,
      because the definition is ambiguous with regard to whether the
      entity actually issues certificates (e.g., attribute authority or
      certification authority) or just has accountability for processes
      that precede or follow signing (e.g., registration authority).
      (See: issue.)

   $ authority certificate
      (D) "A certificate issued to an authority (e.g. either to a
      certification authority or to an attribute authority)." [FPDAM]
      (See: authority.)

      (C) ISDs SHOULD NOT use this term or definition because they are
      ambiguous with regard to which specific types of PKI entities they
      address.

   $ authority revocation list (ARL)
      (I) A data structure that enumerates digital certificates that
      were issued to CAs but have been invalidated by their issuer prior
      to when they were scheduled to expire. (See: certificate
      expiration, X.509 authority revocation list.)




Shirey                       Informational                     [Page 17]

RFC 2828               Internet Security Glossary               May 2000