Manualshelf

Common Data Security Architecture (CDSA) White Paper

ManualsBrandsHP ManualsSoftwareHP-UX Security Products and Features Software
12345678910
Chapter 1 5
Common Data Security Architecture (CDSA) White Paper
Glossary of CDSA Terms and Acronyms
Common Security Services Manager (CSSM)
A central, extensible infrastructure that defines APIs for access to
cryptography, certificate, trust, or storage services.
Cryptography Service Provider (CSP)
A CSP (whether software and/or hardware-based) provides data
encryption/decryption, digital signatures, cryptographic hashing, key
generation, random-number generation services.
Diffie-Hellman key exchange
A protocol developed by Whitfield Diffie and Martin Hellman in 1976 that
allows participants to agree on a symmetric-cipher key over an insecure
channel.
Data Encryption Standard (DES)
A widely used encryption algorithm that applies a 56-bit key to each 64-bit
block of data. DES is specified in ANSI X3.92 and X3.106 standards and in
the FIPS 46 and 81 standards.
Data Storage Library (DL)
Provides persistent storage for security-related CDSA objects, such as
certificates, CRLs, public keys, or trust information. A DL can use a
commercial database package, custom hardware, or a file system as the
underlying storage repository. The DL provides the following services:
management of data stores, including creation, deletion, import, export of
data stores; storage and management of security objects; management of
attributes associated with stored security objects.
Globally Unique ID (GUID)
A set of descriptive attributes that provides the means to attach add-in
modules to the CSSM Applications.
International Organization for Standardization (ISO)
A non-governmental, worldwide federation of national standards bodies
representing 130 nations, based in Geneva, Switzerland. ISO’s mission is to
foster increased cooperation in the spheres of scientific, technological, and
economic activity through standardization of criteria and components..
Message Authentication Code (MAC)
A function that produces fixed length output from variable-length input and
a key. Might be hash-based, cipher-based, or stream-cipher based.