Security Solutions

A-6

Appendix A: Glossary

authorization

server

A device that makes authorization decisions that are enforced by other infra-

structure devices.

AVP Attribute-Value Pairs. A data structure that is expressed in terms of an

attribute name and an assigned value.

back door A disguised or hidden entry point in a software program or system that allows

end-users to circumvent normal authentication or controls. An open back door

can be intentional (for maintenance use) or unintentional. If a back door is

discovered by malicious users or software, they may gain entry to a system

and cause damage.

biometrics The use of the unique attributes of a human body that can be used to absolutely

differentiate one person from another, for example, fingerprints, voice prints,

retinal patterns.

Bluetooth An industrial standard for wireless personal area networks. Bluetooth is

designed to operate at short distances, for example, between a cellular tele-

phone and a wireless headset.

BSD Berkeley Software Distribution. A version of UNIX that was distributed in the

1970s from the University of California, Berkeley.

CA Certificate Authority. A trusted third party that verifies the identity of parties

that want to communicate with one another. CAs are responsible for generat-

ing, distributing, and revoking digital authentication certificates, which

uniquely identify the owner of the certificate and the owner’s data. See also

certificate.

CBC Cipher Block Chaining. A block cipher mode of operation wherein the

previous encrypted block is used to transform the next block prior to its

encryption. For more information, see NIST Special Publication 800-38A at

http://csrc.nist.gov/publications/nistpubs/800-38a/sp800-38a.pdf.

CCMP Counter Mode with CBC Message Authentication Mode Protocol. An 802.11i

encryption protocol that uses AES. For more information, see the IEEE

802.11i-2004 standard at http://standards.ieee.org/getieee802/download/

802.11i-2004.pdf.