Instruction manual

GLOSSARY

Authentication

Identifying and validating a given user.

Data integrity

Traditionally, data integrity checking has involved attaching a checksum to a string of data to

check against accidental data corruption. More sophisticated security algorithms add other

validators such as time and date stamps to make sure data is not intercepted or altered.

Data Encryption Standard (DES)

Is a symmetric block cipher algorithm used as a confidentiality mechanism for the encapsulating

security payload (ESP).

Data privacy

To prevent data from being read by humans or machines during transmission, data privacy

algorithms such as Data Encryption Standard (DES) encrypt and then decrypt the data before and

after transmission.

Denial of service (DOS) attack

A method of flooding a site with "spoofed" (artificially generated) packets. A DOS tries to

generate enough traffic deny service to legitimate users. One recent method has been called

“smurfing.”

Encapsulating Security Payload

Provides confidentiality for IP datagrams by encrypting the payload data to be protected.

Encryption

The use of algorithms such as MD5 or SHA to encrypt (code) and the decrypt (decode) a

password. Most encryption algorithms rely upon some sort of private key.

Filtrating

The process of statistically sampling the queue size and dropping packets when the queue reaches

a threshold. Common methods are random early detection (RED) weighted random early detection

(WRED).

Firewall

Usually a combination of hardware and software that protects an organization's network from

external attacks or intrusions. Most firewalls make use of a proxy server that performs a validation

and filtering function for the organization.

Hash Values

Locator numbers that replace a given value with a location in a table. The locator number is later

used to retrieve the original data. Hashing is analogous to storing a coat on a coat rack. The hash

ID is saved and used later for retrieval.