Filter
Top Products
Glossary
GL-4
User Guide for Cisco Secure Access Control System 5.3
OL-24201-01
certificate-based
authentication
The use of Secure Sockets Layer (SSL) and certificates to authenticate and encrypt HTTP traffic.
certificate
Digital representation of user or device attributes, including a public key, that is signed with an
authoritative private key.
CGI
common gateway interface. This mechanism is used by HTTP servers (web servers) to pass parameters
to executable scripts in order to generate responses dynamically.
CHAP
Challenge-Handshake Authentication Protocol. A protocol that uses a challenge/response
authentication mechanism where the response varies every challenge to prevent replay attacks.
CHAP is an authentication technique where after a link is established, a server sends a challenge to the
requestor. The requestor responds with a value obtained by using a one-way hash function. The server
checks the response by comparing it its own calculation of the expected hash value. If the values match,
the authentication is acknowledged otherwise the connection is usually terminated.
challenge-response
A common authentication technique whereby an individual is prompted (the challenge) to provide
some private information (the response). Most security systems that rely on smart cards are based on
challenge-response. A user is given a code (the challenge) which he or she enters into the smart card.
The smart card then displays a new code (the response) that the user can present to log in.
checksum
A value that is computed by a function that is dependent on the contents of a data object and is stored
or transmitted together with the object, for the purpose of detecting changes in the data.
cipher
A cryptographic algorithm for Encryption and Decryption. The method used to transform a readable
message (called plaintext or cleartext) into an unreadable, scrambled, or hidden message (called
ciphertext).
ciphertext
The encrypted form of the message being sent. Ciphertext is data that has been encrypted. It is the
output of the encryption process and can be transformed back into a readable form (plaintext) with the
appropriate decryption key.
client
A system entity that requests and uses a service provided by another system entity, called a "server." In
some cases, the server may itself be a client of some other server.
client/server
Describes the relationship between two computer programs in which one program, the client, makes a
service request from another program, the server, which fulfills the request. Although the client/server
idea can be used by programs within a single computer, it is a more important idea in a network. In a
network, the client/server model provides a convenient way to interconnect programs that are
distributed efficiently across different locations.
collision
Occurs when multiple systems transmit simultaneously on the same wire.
command sets
Contains a set of permitted commands for TACACS+ based, per-command authorization.
community string
A character string used to identify valid sources for Simple Network Management Protocol (SNMP)
requests, and to limit the scope of accessible information. Ravlin units use a community string, such as
a password, allowing only a limited set of management stations to access its MIB.
computer network
A collection of host computers together with the sub-network or inter-network through which they can
exchange data.
confidentiality
The need to ensure that information is disclosed only to those who are authorized to view it.