HP-UX AAA Server A.07.01 Administrator's Guide

ManualsBrandsHP ManualsSoftwareHP-UX AAA Server (RADIUS) Software

451

452

453

454

455

456

457

458

459

460

C - D

Challenge Handshake Authentication Protocol

Log-in security procedure for dial-in access. Rather than send an unencrypted password, a random

number is sent to the client as a challenge. The challenge is one-way hashed with the password,

and the result is sent back to the server. The server does the same with its copy of the password

and verifies that it gets the same result to authenticate the user, abbreviated as CHAP.

CHAP Challenge Handshake Authentication Protocol.

Client NAS, proxy server, or other networking device that uses the AAA Server services to authenticate

and authorize users.

Common

Open Policy

Service

A query and response protocol that can be used to exchange policy information between a policy

server (Policy Decision Point or PDP) and its clients (Policy Enforcement Points or PEPs, such as

a router), abbreviated as COPS.

COPS Common Open Policy Service.

DHCP

(Dynamic

Host

Configuration

Protocol)

Protocol that automatically and dynamically assigns IP addressees.

Dialed Number Identification Service

Each request is authenticated locally or forwarded to a remote server according to the number

called to access a network service.

DNIS Dialed Number Identification Service.

E - F - G

EAP Extensible Authentication Protocol.

Extensible Authentication Protocol

Described in RFC 2284, abbreviated as EAP.

Finite State

Machine

The Finite State Machine is the component of the AAA Server software that controls the flow of

access request authentication and accounting request handling, abbreviated as FSM.

Forwarding

Server

The AAA Server that receives an Access-Request from a client and forwards that request to another

AAA server for authentication.

FSM Finite State Machine.

GTC (Generic

Token Card)

Carries user specific token cards for authentication. The main feature in GTC is Digital

Certificate/Token Card-based Authentication.

H - I - J - K

Hard token Also called token devices. A physical authentication device such as a SmartCard that displays

the OTP.

Hint When a user requests access to a service of a specific configuration, a client may provide this

information in an Access-Request as a hint to the AAA Server. The server may reject the request

based on the hints or supply the service as specified by the hints, by the server’s configuration,

or by a combination of the hints and the server’s configuration.

IETF Internet Engineering Task Force.

453