HP CIFS Server 3.0a Administrator's Guide version A.02.01

ManualsBrandsHP ManualsSoftwareHP-UX Common Internet File System (CIFS) Client/Server Software

Glossary 263

Glossary

A

ACL Access Control List, meta-data that

describes which users are allowed access to

ﬁle data and what type of access is granted

to that data. ACLs deﬁne “access rights.” In

this scheme, users typically belong to

“groups,” and groups are given access rights

as a whole. Typical types of access rights are

read (list), write (modify), or create (insert.)

Different ﬁle systems have varying levels of

ACL support and different ﬁle systems

deﬁne different access rights. For example,

DOS has only one set of rights for a ﬁle

(since only one user is considered to use a

DOS system). A POSIX 6-compliant ﬁle

system allows multiple rights to be assigned

to multiple ﬁles and directories for multiple

users and multiple groups of users.

ASP Application service provider, an

e-business that essentially “rents”

applications to users.

Authentication Scheme to ensure that a

user who is accessing ﬁle data is indeed the

intended user. A secure networked ﬁle

system uses authentication to prevent access

occurring from someone pretending to be the

intended user.

Authorization Ensures that a user has

access only to ﬁle system data that the user

has the right to access. Just because a user is

authenticated does not mean he or she

should be able to read or modify any ﬁle. In

the simplest form or authorization, users are

given read or modify permissions to

individual ﬁles and directories in a ﬁle

system, through the use of access control

information (called an Access Control List,

or ACL.)

C

CIFS Common Internet File System, a

speciﬁcation for a ﬁle access protocol

designed for the Internet.

HP CIFS Hewlett-Packard's

implementation of CIFS for UNIX. HP CIFS

provides both server and client modules for

both HP 9000 servers and workstations.

Credential A piece of information that

identiﬁes a user. A credential may be as

simple as a number that is uniquely

associated with a user (like a social security

number), or it may be complicated and

contain additional identifying information. A

strong credential contains proof, sometimes

called a veriﬁer, that the user of the

credential is indeed the actual user the

credential identiﬁes.

D

Difﬁe-Hellman A protocol used to securely

share a secret key between two users.

Difﬁe-Hellman protocol uses a form of public

key exchange to share the secret key.

Difﬁe-Hellman is known to be susceptible to

an interceptor's attack, but authenticated

Difﬁe-Hellman Key Agreement, a later

enhancement, prevents such a

middle-person attack.

E

Encryption Encryption ensures that data

is viewable only by those who possess a

secret (or private) key. Encrypted data is

meaningless unless the secret key is used to

decrypt the data. Encryption and decryption

of data is called ciphering.