Glossary

Authorization Computation service provider module. Synonymous with Authorization Computation Module (ACM).

A mechanism whereby the action of a user or a machine can be traced to that user or machine. A user's action may be audited and stored in a data bank called an audit trail. Subsequent searching of the audit trail can match events to the event instigator. In the commercial world, accountability is important to establish accurate billing procedures.

Application Programming Interface.

An interface between CDSA and applications designed to use CDSA services.

Cryptographic algorithms using one key to encrypt and a second key to decrypt. They are often called public-key algorithms. One key is called the public key, and the other is called the private key or secret key.

A process whereby an application obtains a service provider module handle, via an ATTACH call to CSSM. A service provider module can be a dynamic load module added at runtime on demand or a statically resident module.

A user or machine's identity must be established before establishing a connection to a computer. Authentication is the process of proving identity to the satisfaction of the permission-granting authority.

Permission for an entity to perform an action upon an object. Authorization is evaluated by a set of access control rules. Evaluation typically includes authentication of the requesting entity. The result of the evaluation should be conveyed to an agent that can enable the requested action upon the target object.

A scheme designed for two entities to establish trust in the identity and integrity of each other.

The gathering of data from a personal, unique source, such as fingerprints, retina patterns, or human voice, for the purposes of verification or authorization.

Biometric Identification Record.

A cryptographic toolkit from RSA Data Security Incorporated.

Biometric Service Provider.

A combination of an asymmetric public key and other identifying private information, which is digitally signed by a private key so it can be verified.

An entity that guarantees or sponsors a certificate. For example, a credit card company signs a cardholder's certificate to assure that the cardholder is who he or she claims to be. The credit card company is a certificate authority. Certificate authorities issue, verify, and revoke certificates.

The hierarchical chain of all other certificates used to sign the current certificate. This includes the Certificate Authority (CA) who signs the certificate, the CA who signed that CA's certificate, and so on. There is no limit to the depth of the certificate chain.

The Certificate Authority (CA) can sign certificates it issues or cosign certificates issued by another CA. In a general signing model, an object signs an arbitrary set of one or more objects. Hence, any number of signers can attest to an arbitrary set of objects. The arbitrary objects could be, for example, pieces of a document for libraries of executable code.

A start date and a stop date for the validity of a certificate. If a certificate expires, the Certificate Authority (CA) may issue a new certificate.

An entity that guarantees or sponsors a certificate. For example, a credit card company signs a cardholder's certificate to ensure that the cardholder is who he or she claims to be. The credit card company is a certificate authority. Certificate authorities issue, verify, and revoke certificates.

Certificate Library service provider module. Synonymous with Certificate Library Module (CLM).

A set of layered security services that address communications and data security problems in the emerging Internet and Intranet application space. CDSA consists of three basic layers:

The central layer of the Common Data Security Architecture (CDSA) that defines the following service components:

CSSM binds together all the security services required by applications. In particular, it facilitates linking digital certificates to cryptographic actions and trust protocols.

Information is revealed only to those who are authorized to see it. Confidentiality can be provided through an authorization and access control mechanism. It can also be provided through encryption and decryption operations, which limit data access to those who possess the cryptographic keys required to decrypt the information.

Certificate Revocation List. An official list of certificates that are no longer valid.

A method or defined mathematical process for implementing a cryptography operation. A Cryptographic algorithm may specify the procedure for encrypting and decrypting a byte stream, digitally signing an object, computing the hash of an object, or generating a random number.

Modules that provide secure key storage and cryptographic functions. The modules may be software only or hardware with software drivers. The cryptographic functions provided may include:

The art and science of using mathematics to secure information and create a high degree of trust in the electronic media.

The name of the PKCS#11 Version 1.0 standard published by RSA Laboratories. The standard specifies the interface for accessing cryptographic services performed by a removable device. For additional information, refer to http://www.rsasecurity.com.

The binding of some identification to a public key in a particular domain, as attested to directly or indirectly by the digital signature of the owner of that domain. A digital certificate is an unforgeable credential in cyberspace. The certificate is issued by a trusted authority and covered by that party's digital signature. The certificate may attest to the certificate holder's identity or may authorize certain actions by the certificate holder. A certificate may include multiple signatures and may attest to multiple objects or multiple actions.

A data block that was created by applying a cryptographic signing algorithm to some other data using a secret key. Digital signatures may be used to:

Typical digital signing algorithms include RSA signaturing and DSS, the Digital Signature Standard defined by NIST FIPS Pub 186.

Database Library service provider module.

Embedded Integrity Services Library.

Elective module manager: an extensibility mechanism in CDSA supporting the dynamic addition of new categories of service, beyond the basic set of Cryptographic Service Provider (CSP), Trust Policy (TP), Authorization Computation (AC), Certificate Library (CL), and Data Storage Library (DL).

Electronic shrink-wrap. A term used to refer to an aggregate collection of data files identified by a manifest or bill of materials.

False Accept Rate: the probability that biometric data samples are falsely decided by the HRS as matching; that is, they should not match, but do.

False Reject Rate: the probability that biometric data samples are falsely decided by the HRS as not matching; that is, they should match, but do not.

A set of services and associated APIs designed to provide key-based cryptographic operations to applications. GCS predates CDSA. GCS requirements were based on early hardware-based cryptographic devices where cryptographic keys were retained within the device. Some Internet applications require the secured transmission of cryptographic keys. The CDSA Cryptographic Service APIs accommodate both types of requirements.

A set of services and associated APIs defined by the International Engineering Task Force (IETF). The defined APIs support concurrent applications in authenticating each other, delegating rights and privileges to each other, and using confidentiality and integrity verification services to secure communications between the applications.

Graphical User Interface.

Globally unique identifier.

A cryptographic algorithm used to compress a variable-size input stream into a unique, fixed-size output value. The function is one-way, meaning the input value cannot be derived from the output value. A cryptographically strong hash algorithm is collision-free, meaning unique input values produce unique output values. Hashing is typically used in digital signing algorithms. Example hash algorithms include MD and MD2 from RSA Data Security. MD5, also from RSA Data Security, hashes a variable-size input stream into a 128-bit output value. SHA, a Secure Hash Algorithm published by the U.S. Government, produces a 160-bit hash value from a variable-size input stream.

Human Recognition Services. HRS is a CSSM Elective Module Manager intended to provide a high-level generic authentication model suited for any form of human authentication. Particular emphasis has been made in the design on its suitability for authentication using biometric technology.

International Biometric Industry Association.

Information is said to have integrity if that data has not been modified or altered since the point in time when an authorized agent intended the data to be static. Information integrity is important for all data types including authorization data and authentication credentials.

Public-private key pairs are items that need to be securely managed. A key may be lost, stolen, or compromised. If this happens, the key (and in fact, the key pair) must be nulled. Whatever task the key was used for, a new key must be issued and used. In the case of the lost key, a duplicate should be available. If not, the data protected by the lost key may itself be lost. The null public key must be advertised as invalid. It will be listed in a data bank called a revocation list. The new public key must be distributed to those entitled to have it.

The certificate in a certificate chain that has not been used to sign another certificate in that chain. The leaf certificate is signed directly or transitively by all other certificates in the chain.

A digital signature of a file, created using certificates. The digital signature takes the form of a separate file called a manifest. The manifest contains the encrypted digest of the target file and the X509 certificates of the signers. This data is sufficient to guarantee the identity of the signer of a file and the authenticity of the file's contents.

The digital fingerprint of an input stream. A cryptographic hash function is applied to an input message of arbitrary length and returns a fixed-size output, which is called the digest value.

Descriptive information specified by a service provider module and stored in MDS. This information advertises the module's services. CSSM supports application queries for this information. The information may change at runtime.

A platform-independent registration service for managing executable code modules and their associated signed integrity credentials.

A nonrepeating value, usually but not necessarily random.

Object identifier.

A certificate whose associated private key resides in a local CSP. Digital signature algorithms require the private key when signing data. A system may supply certificates it owns along with signed data to allow others to verify the signature. A system uses certificates that it does not own to verify signatures created by others.

Data wrapped inside biometric data for release to an application on successful verification of authenticity of a user. This can be any data that is useful to an application.

Personal Identification Number.

The cryptographic key used to decipher or sign messages in public-key cryptography. This key is kept secret by its owner.

The cryptographic key used to encrypt messages in public-key cryptography. The public key is available to multiple users (for example, the public).

The agreed infrastructure, ultimately to be applied worldwide, in which secure electronic business (eCommerce, banking, legal transactions) and secure electronic welfare (medical welfare, state and government provision for pensions, social security, and so forth) can function securely using the private-public key method of cryptography.

Pointer validation checking.

A function that generates cryptographically strong random numbers that cannot be easily guessed by an attacker. Random numbers are often used to generate session keys.

The prime certificate, such as the official certificate of a corporation or government entity. The root certificate is positioned at the top of the certificate hierarchy in its domain, and it guarantees the other certificates in its certificate chain. The root certificate's public key is the foundation of signature verification in its domain.

RSA Data Security, Incorporated, Bedford, MA. Producers of the BSAFE toolkit.

A cryptographic key used with symmetric algorithms, usually to provide confidentiality.

A specification designed to utilize technology for authenticating the parties involved in payment card purchases on any type of online network, including the Internet. SET focuses on maintaining confidentiality of information, ensuring message integrity, and authenticating the parties involved in a transaction. More information about SET is available at: http://www.setco.org/.

Also known as Above Transport Layer Security (TLS). A security protocol that prevents eavesdropping, tampering, or message forgery over the Internet. An SSL service negotiates a secure session between two communicating endpoints. Basic facilities include certificate-based authentication, end-to-end data integrity, and optional data privacy. SSL has been submitted to the IETF as an Internet Draft for Transport Layer Security (TLS).

A control structure that retains state information shared between a cryptographic service provider and the application agent requesting service from the CSP. A security context specifies CSP and application-specific values, such as required key length and desired hash functions.

An agreed infrastructure for the security of all electronic data transfer. Such an infrastructure would, in theory, lessen the need for organizations to construct trust domains. An international security infrastructure would facilitate the creation of a secure Internet. Presently, global efforts are more focussed on an architecture for Public Key Infrastructure, seen by many as the blueprint for the infrastructure that will facilitate eCommerce.

A conceptual perimeter or boundary of a computer system or local area network inside which the security is at a known level of competence. If data is required to cross this perimeter, it is prudent to pass all such data through a firewall.

An exercise performed by specialists to assess how vulnerable an enterprise is to various forms of security attack. The ideal outcome from this exercise is a recommended range of security measures, hardware, software, and procedural, which give a level of protection commensurate with the value of the assets that need to be protected.

An event where a CSP-provided function is performed, a security service provider module is loaded, or a breach of system security is detected.

A cryptographic key used to encrypt and decrypt data. The key is shared by two or more communicating parties, who use the key to ensure privacy of the exchanged data.

The hierarchical chain of signers, from the root certificate to the leaf certificate, in a certificate chain.

The electronic equivalent to the handwritten signature and the secure strong room. Precise ways of performing these actions may vary, but signing by digital signature and sealing (for transport or storage) by encryption is evolving towards internationally agreed protocols which will be acceptable to the commercial world, the legal profession, and governments.

A mechanism whereby a single action of user authentication and authorization can permit a user to access all computers and systems where he has access permission, without the need to enter multiple passwords. Single sign-on reduces human error, a major component of systems failure.

A card of the same dimensions as the magnetic-stripe credit card, but containing processing ability and memory storage space. Because the card can contain storage credentials and cryptographic keys and perform encryption/decryption operations, its power as a tamper-proof personal token for authentication makes it very attractive to a whole range of computer applications.

Service provider interface.

Simple public key infrastructure. Information about SPKI can be found at http://www.ietf.org/html.charters/spki-charter.html.

A free implementation of the Secure Sockets Layer.

Cryptographic algorithms that use a single secret key for encryption and decryption. Both the sender and receiver must know the secret key. Well known symmetric functions include DES (Data Encryption Standard) and IDEA. DES was endorsed by the U.S. Government as a standard in 1977. It's an encryption block cipher that operates on 64-bit blocks with a 56-bit key. It is designed to be implemented in hardware, and works well for bulk encryption. IDEA (International Data Encryption Algorithm) uses a 128-bit key.

The logical view of a cryptographic device, as defined by a CSP's interface. A token can be hardware, a physical object, or software. A token contains information about its owner in digital form and about the services it provides for electronic-commerce and other communication applications. A token is a secure device. It may provide a limited or a broad range of cryptographic functions. Examples of hardware tokens are SmartCards and PMCIA cards.

Trust Policy service provider module. Synonymous with Trust Policy Module (TPM).

A designated virtual area that has a known and accepted level of security, and thus a known and accepted level of trust. A local area network is an example of a domain that is likely to be trusted. Domains may be geographically wide ranging, and may be made up of subdomains. A domain is only as trustworthy as its weakest component.

A process performed to check the integrity of a message, to determine the sender of a message, or both. Different algorithms are used to support different modes of verification.

A typical procedure supporting integrity verification is the combination of a one-way hash function and a reversible digital signaturing algorithm. A one-way hash of the message is computed. The hash value is signed by encrypting it with a private key. The message and the encrypted hash value are sent to a receiver. The recipient recomputes the one-way hash, decrypts the signed hash value, and compares it with the computed hash. If the values match, then the message has not been tampered since it was signed.

The identity of a sender can be verified by a challenge-response protocol. The recipient sends the message sender a random challenge value. The original sender uses its private key to sign the challenge value and returns the result to the receiver. The receiver uses the corresponding public key to verify the signature over the challenge value. If the signature is valid, the sender is the holder of the private key. If the receiver can reliably associate the corresponding public key with the named/known entity, then the identity of the sender is said to have been verified.

A trust network among people who know and communicate with each other. Digital certificates are used to represent entities in the web of trust. Any pair of entities can determine the extent of trust between the two, based on their relationship in the web.

This standard defines the contents and structure of a digital certificate. The specification is ITU-T Recommendation X.509, Data Networks and Open System Communications Directory: Authentication Framework, 06/97. This certificate format constitutes a widely accepted basis for a public key infrastructure. To support the PKI, certificates of this form are digitally signed and issued by certification authorities (CAs).