SSL Certificate Glossary of Terms: A
The American Bar Association (ABA) Digital Signature Guidelines are a structure of legal codes for using encrypted digital SSL certificates, digital ids and digital signatures in e-commerce.
In terms of SSL certificates, refers to interaction or relation with a system usually provoking an exchange of information. Example: a secure online payment gateway using Secure Server Certificates.
Method of restricting access to the resources of a system. Restrictions apply to authorized programs (for secure authentication), procedures (such as encryption), or secure server network systems of any other kind. They assist in IIternet security and online security e.g. limiting access to an SSL secure server or online payment system. (Synonyms: controlled access, limited access.)
A hierarchical level of security that is used in order to detect the sensitivity of data, and the clearance or authorization of users. Similar to how Digital Certificate help provide secure authentication for intranet and internet security.
An official pronouncement by the command or management authority which approves the system to function within a certain security mode using a prearranged set of safeguards. Based on the certification, accreditation is a system's formal authorization for operation. Like an SSL certificate that brings secure authentication, the accreditation statement attaches security responsibility to the management or operating authority, proving that necessary safeguards are in place to provide network security, Internet Security and Extranet security.
ActiveX controls are software modules for Web pages. They have full system access. A Digital Signature system called Authenticode which simply offers just "run/don't run" options is the only security tool, causing Internet security and online security problems.
The management restrictions and additional controls instituted in order to supply a satisfactory level of data protection. In most cases the SSL Encryption provided by an SSL certificate in combination with techniques such as password protection is often enough to provide a satisfactory level of data protection. It is the same as procedural security and is more regularly referred to as administrative controls.
In Internet security an algorithm typically refers to cryptographic algorithms used in encryption or decryption of data files and/or messages and to generate Digital Signatures.
An access control quality, whereby secure servers allow users to access general-purpose or public services and resources without requiring a user-specific account. Because users may log in without disclosing their identities and without authentication, this can compromise the server's defenses.
A Firewall system where service is given by processes which keep total TCP connection state and sequencing. Application level firewalls provide protection, Internet security and online security by re-addressing traffic.
A collection of older digitized files. Sometimes, as on web sites or Internet bulletin boards, the files may be stored in a compressed format, reducing their size.
Confidence in a secure web server's security features and architecture. This confidence is based on sound security planning and policies. Simulation and penetration testing can determine the strength of the security features.
Asymmetric Cryptography is a method for encrypting computer files. It uses two "keys"; text encrypted with the one key can only be decrypted by the other.
One of the keys is kept private by one party. The second key is called the "public key", and it should be available to everyone who has legitimate need of access.
Secure server network logs often show activities or alterations to a system signaling an attack or attempted attack. Attack signature especially indicates a particular kind of attack, which is often decided by examination of audit.
Gathering records to check their conformity with an SSL security policy.
A time-sequential record of system actions that is sufficient to reconstruct, review and examine an operation or transaction from start to finish, also known as a security audit trail.
To verify the identity of a user, device, or other entity in a computer system, often as a prerequisite to allowing access to resources in a system. Data that has been stored or transmitted in a way that is likely to expose it to possible unauthorized modification. Authenticate is related to secure authentication and secure SSL authentication which provides Internet security and Network Security. Identities may be authenticated biometrically (for example, by fingerprint), or by something the user knows (i.e., a password), or something the user has (i.e., a token or digital certificate).
The act of determining a message has not been changed since leaving its point of origin. Authentication, secure authentication or secure SSL authentication of a user, is usually derived from something that the user understands, is or has. Many SSL Authentication systems which provide SSL Internet Security and online payment system security are now shifting toward public key encryption.
An Internet IPsec protocol, A field that immediately follows the IP header in an IP datagram and provides authentication and integrity checking for the datagram. Also protection against replay attacks; it secures authentication like SSL digital ID validation.
A portable device used for authenticating a user. Authentication tokens operate by challenge/response, time-based code sequences, or other techniques. This may include paper-based lists of one-time passwords.
A record containing information that can be shown to have been recently generated using the session key known only by the client and server.
SSL Certificate security must be genuine and verifiable. In SSL Internet security and network security, it is imperative that authenticity is not assumed.
A technology that makes it possible to identify who published a piece of software and to verify that it has not been tampered with. It also confirms that the digital certificate used to sign the code was issued by the certificate authority originally.
The act of granting access or other rights to a user, process, or program that has been authenticated.