Glossary: Glossary

Glossary

authentication: the process of verifying the identity of a person or process within the guidelines of a specific security policy.
block cipher: a type of encryption algorithm that divides a message into blocks and encrypts each block. See also stream cipher.
Certificate Revocation List: a list of revoked digital certificates. CRLs are published by Certification Authorities (CAs), and a CRL contains only the revoked digital certificates that were issued by a specific CA. Short form: CRL.
Certification Authority: a commercial or private organization that provides security services to the e-commerce market. A Certification Authority creates and maintains digital certificates, which help to preserve the confidentiality of an identity. Microsoft, VeriSign, and Thawte are examples of commercial Certification Authorities.
ciphertext: unintelligible data. See also encryption.
CRL: See Certificate Revocation List.
cryptography: the science of encoding and decoding information to protect its confidentiality. See also encryption.
data security technologies: software features that protect data that is exchanged in client/server data transfers across a network.
DER: See Distinguished Encoding Rules.
digital certificate: an electronic document that binds a public key to an individual or an organization. A digital certificate usually contains a public key, a user's name, an expiration date, and the name of a Certification Authority.
digital signature: a digital code that is appended to a message. The digital signature is used to verify to a recipient that the message was sent by a particular business, organization, or individual, and that the message has not been changed en route. The message can be any kind of file that is transmitted electronically.
Distinguished Encoding Rules: a format that is used for creating SSL files in Windows operating environments. Short form: DER.
encryption: the act of transforming intelligible data (plaintext) into an unintelligible form (ciphertext) by means of a mathematical process.
PEM (Privacy Enhanced Mail): a format that is used for creating OpenSSL files.
PKCS #12: See Public Key Cryptography Standard #12.
plaintext: intelligible data. See also encryption and ciphertext.
port forwarding: See SSH tunnel.
private key: a number that is known only to its owner. The owner uses the private key to read (decrypt) an encrypted message. See also public key and encryption.
public key: a number that is associated with a specific entity such as an individual or an organization. A public key can be known by everyone who needs to have trusted interactions with that entity. A public key is always associated with a single private key, and can be used to verify digital signatures that were generated using that private key.
Public Key Cryptography Standard #12: a personal information exchange syntax standard. It defines a file format that is used to store private keys with accompanying public-key certificates. Short form: PKCS #12. See also SSL (Secure Sockets Layer).
public-key cryptography: the science that uses public and private key pairs to protect confidential information. The public key can be known by anyone. The private key is known only to the owner of the key pair. The public key is used primarily for encryption, but it can also be used to verify digital signatures. The private key is used primarily for decryption, but it can also be used to generate a digital signature.
SAS/SECURE: an add-on product that uses the RC2, RC4, DES, and TripleDES encryption algorithms. SAS/SECURE requires a license, and it must be installed on each computer that runs a client and a server that will use the encryption algorithms. SAS/SECURE provides a high level of security.
SASProprietary algorithm: a fixed encoding algorithm that is included with Base SAS software. The SASProprietary algorithm requires no additional SAS product licenses. It provides a medium level of security.
Secure Shell: a protocol that enables users to access a remote computer via a secure connection. SSH is available through various commercial products and as freeware. OpenSSH is a free version of the SSH protocol suite of network connectivity tools. Short form: SSH. See also SSH tunnel.
Secure Sockets Layer: See SSL (Secure Sockets Layer).
SSH: See Secure Shell.
SSH tunnel: a secure, encrypted connection between the SSH client, which runs on the same computer as a SAS client, and an SSH server, which runs on the same computer as a SAS server. The SSH client and server act as agents between the SAS client and the SAS server, tunneling information via the SAS client's port to the SAS server's port. Port forwarding is another term for tunneling. See also Secure Shell.
SSL (Secure Sockets Layer): a protocol that provides network security and privacy. SSL uses encryption algorithms RC2, RC4, DES, TripleDES, and AES. SSL provides a high level of security. It was developed by Netscape Communications.
stream cipher: a type of encryption algorithm that encrypts data one byte at a time. See also block cipher.
TLS (Transport Layer Security): the successor to Secure Sockets Layer (SSL) V3.0. The Internet Engineering Task Force (IETF) adopted SSL V3.0 as the de facto standard, made some modifications, and renamed it TLS. TLS is virtually SSLV3.1. See also SSL (Secure Sockets Layer).
trust list: a file created by a user that contains the digital certificates for Certification Authorities, if more than one Certification Authority is used.

Top of Page