Sidebar
Glossary
Access Control List: ACL is a set of rules that matches users (or computing devices) with the information resources they're allowed to access.
Basic Authentication: The most common method by which Web clients authenticate themselves to Web serversby username and password. Passwords are transmitted in the clear between client and server.
Digest Authentication: A username/password authentication method that addresses security flaws in basic authorization by obfuscating passwords more securely.
MD5 Algorithm: MD5 is a commonly used "message-digest" or "hashing" algorithm. It takes an arbitrary set of data as input and produces a unique 128-bit "fingerprint" of this information (this fingerprint is also called a "hash").
Discretionary Access Control: In the Web community, DAC refers to authentication mechanisms whereby the user may supply different credentials at his or her discretion. For example, a user of a system secured by DAC doesn't always have to enter the same username and password every time he or she logs onto a Web site.
Mandatory Access Control: In the Web community, MAC refers to authentication mechanisms whereby the user has no direct control over the credentials supplied to the system. For example, a Web server may be configured to serve information only to clients located within a certain IP address range. Users attempting to access the server from outside this range will be denied access no matter what their identity. (Note that nondiscretionary access control is essentially the same as MAC.)
Packet Filtering: A border security mechanism that decides whether or not to drop packets based on information in the packet header, and rules configured by a network administrator. Most firewalls provide some form of packet filtering capabilities. Packet filters can be configured to screen on protocol type, IP address, or port number.
Network Address Translation: NAT converts internal IP addresses on a private network into globally unique public IP addresses for use on the Internet. NAT lets network administrators conserve IP addresses by using nonroutable Internet addresses on the intranet. NAT is also useful for hiding all TCP/IP-level information about your network from the external Internet.
IP Security Protocol: IPSec is a set of protocols developed by the Internet Engineering Task Force (IETF) that are designed to ensure secure data packet exchange. IPSec is primarily intended for use with virtual private networking (VPN) equipment. It's the security subcomponent of the more general Internet Protocol version 6 (IPv6) networking protocol.
PS