Glossary
- authentication
- See client authentication.
- block cipher
- a type of encryption algorithm that divides a
message into blocks and encrypts each block. See also stream cipher.
- Certificate Revocation List (CRL)
- a list of revoked digital certificates. CRLs are
published by Certification Authorities (CAs), and a CRL contains only
the revoked digital certificates that were issued by a specific CA.
- Certification Authority
- a commercial or private organization that provides
security services to the e-commerce market. A Certification Authority
creates and maintains digital certificates, which help to preserve
the confidentiality of an identity. Microsoft, VeriSign, and Thawte
are examples of commercial Certification Authorities.
- ciphertext
- unintelligible data. See also encryption.
- client authentication (authentication)
- the process of verifying the identity of a person
or process for security purposes.
- credentials
- evidence that is submitted to support a claim
of identity (for example, a user ID and password) or privilege (for
example, a passphrase or encryption key).
- CRL
- See Certificate Revocation List.
- cryptography
- the science of encoding and decoding information
to protect its confidentiality. See also encryption.
- data security technology
- a set of software features that protect data that
is exchanged in client/server data transfers across a network.
- DER
- See Distinguished Encoding Rules.
- digital certificate
- an electronic document that binds a public key
to an individual or an organization. A digital certificate usually
contains a public key, a user's name, an expiration date, and the
name of a Certification Authority.
- digital signature
- a digital code that is appended to a message.
The digital signature is used to verify to a recipient that the message
was sent by a particular business, organization, or individual, and
that the message has not been changed en route. The message can be
any kind of file that is transmitted electronically.
- Distinguished Encoding Rules (DER)
- a format that is used for creating SSL files in
Windows operating environments.
- encryption
- the conversion of data by the use of algorithms
or other means into an unintelligible form in order to secure data
(for example, passwords) in transmission and in storage.
- PEM
- See Privacy Enhanced Mail.
- PKCS #12
- See Public Key Cryptography Standard #12.
- plaintext
- information that a sender wishes to transmit to
a receiver, and that is used as input to an algorithm for the purpose
of encryption. See also ciphertext.
- port forwarding
- See tunneling.
- Privacy Enhanced Mail (PEM)
- a format that is used for creating OpenSSL files.
- private key
- a number that is known only to its owner. The
owner uses the private key to read (decrypt) an encrypted message. See also public key, encryption.
- public key
- a number that is associated with a specific entity
such as an individual or an organization. A public key can be known
by everyone who needs to have trusted interactions with that entity.
A public key is always associated with a single private key, and can
be used to verify digital signatures that were generated using that
private key.
- Public Key Cryptography Standard #12 (PKCS #12)
- a personal information exchange syntax standard.
It defines a file format that is used to store private keys with accompanying
public-key certificates. See also Secure Sockets Layer.
- public-key cryptography
- the science that uses public and private key pairs
to protect confidential information. The public key can be known by
anyone. The private key is known only to the owner of the key pair.
The public key is used primarily for encryption, but it can also be
used to verify digital signatures. The private key is used primarily
for decryption, but it can also be used to generate a digital signature.
- SASProprietary algorithm
- a fixed encoding algorithm that is included with
Base SAS software. The SASProprietary algorithm requires no additional
SAS product licenses. It provides a medium level of security.
- Secure Shell (SSH)
- a network protocol that enables users to access
a remote computer via a secure connection. SSH is available through
various commercial products and as freeware. OpenSSH is a free version
of the SSH protocol suite of network connectivity tools.
- Secure Sockets Layer (SSL)
- an encryption protocol for securely communicating
across the Internet. SSL uses encryption algorithms RC2, RC4, DES,
TripleDES, and AES.
- SSH
- See Secure Shell.
- SSL
- See Secure Sockets Layer.
- stream cipher
- a type of encryption algorithm that encrypts data
one byte at a time. See also block cipher.
- TLS
- See Transport Layer Security.
- Transport Layer Security (TLS)
- the successor to Secure Sockets Layer (SSL), a
cryptographic protocol that is designed to provide communication security
over the Internet. TLS uses asymmetric cryptography for authentication
and confidentiality of the key exchange, symmetric encryption for
data/message confidentiality, and message authentication codes for
message integrity. Several versions of the protocols are in widespread
use in applications such as web browsing, electronic mail, Internet
faxing, instant messaging and voice-over-IP (VoIP). See also Secure Sockets Layer.
- trust list
- a file created by a user that contains the digital
certificates for Certification Authorities, if more than one Certification
Authority is used.
- tunneling (port forwarding)
- a secure, encrypted connection between the SSH
client, which runs on the same computer as a SAS client, and an SSH
server, which runs on the same computer as a SAS server. The SSH client
and server act as agents between the SAS client and the SAS server,
tunneling information via the SAS client's port to the SAS server's
port. See also Secure Shell.
Copyright © SAS Institute Inc. All Rights Reserved.