Chapter 14 Flashcards
public key infrastructure (PKI)
An entire system of hardware and software, policies
and procedures, and people, used to create, distribute, manage, store, and revoke digital
certifi cates.
X.509
A common PKI standard developed by the ITU-T that incorporates the single
sign-on authentication method.
certificate authority (CA)
The entity (usually a server) that issues digital certifi cates to users.
many-to-one mapping
When multiple certifi cates are mapped to a single recipient.
registration authority (RA)
Used to verify requests for certifi cates.
certificate revocation list (CRL)
A list of certifi cates no longer valid or that have been
revoked by the issuer.
Online Certificate Status Protocol (OCSP)
An alternative to using a certifi cate
revocation list (CRL).It contains less information than a CRL does, and does not
require encryption.
key escrow
When certifi cate keys are held in case third parties, such as government or
other organizations, need access to encrypted communications.
key recovery agent
Software that can be used to archive and restore keys if necessary.
web of trust
A decentralized model used for sharing certifi cates without the need for a
centralized CA.
Secure Sockets Layer (SSL)
A cryptographic protocol that provides secure Internet
communications such as web browsing, instant messaging, e-mail, and VoIP.
Transport Layer Security (TLS)
The successor to SSL. Provides secure Internet communications.
This is shown in a browser as HTTPS.
Secure Shell (SSH)
A protocol that can create a secure channel between two computers
or network devices.
Point-to-Point Tunneling Protocol (PPTP)
A tunneling protocol used to support VPNs.
Generally includes security mechanisms, and no additional software or protocols need to
be loaded.
A VPN device or server must have inbound port 1723 open to enable incoming
PPTP connections.
Internet Protocol Security (IPsec)
A TCP/IP protocol that authenticates and encrypts
IP packets, effectively securing communications between computers and devices using
the protocol.