CertTrust - SSL Certificate - SSL - Server Certificates - Web Server Certificates - High Assurance SSL Certificates - Extended Validation SSL Certificates
Go Daddy $14.99 SSL Sale!







C

CERT
Computer Emergency Response Team (network, Internet, security) The CERT was formed by ARPA in November 1988 in response to the needs exhibited during the Internet worm incident. The CERT charter is to work with the Internet community to facilitate its response to computer security events involving Internet hosts, to take proactive steps to raise the community's awareness of computer security issues, and to conduct research targeted at improving the security of existing systems. CERT products and services include 24-hour technical assistance for responding to computer security incidents, product vulnerability assistance, technical documents, and tutorials. In addition, the team maintains a number of mailing lists (including one for CERTAdvisories), and provides an anonymous FTP server, at "cert.org", where security-related documents and tools are archived.

Certificate
A file that attests to the identity of an organization or web browser user and is used to verify that data being exchanged over a network is from the intended source. The certificate is digitally signed either by a Certificate Authority or is self-signed. There are CA certificates, client CA certificates, client certificates, and server certificates

Certificate Revocation List
A list maintained by the Certificate Authority of all certificates that are revoked, but not expired. A certificate may be revoked because the user's private key is assumed to be compromised, the user is no longer certified by this Certificate Authority, or the Certificate Authorities private key is assumed to be compromised.

Certification
The complete assessment of the technical and nontechnical security functions of a system and other safeguards that are made for the accreditation process, which establishes the degree to which a particular plan and implementation meet a certain set of security conditions.

Certification Authority (CA)
A third party organisation which is used to confirm the relationship between a party to the https transaction and that party's public key. Certification authorities may be widely known and trusted institutions for internet based transactions, though where https is used on companies internal networks, an internal department within the company may fulfil this role.

Certificate Signing Request (CSR)
A Certificate Signing Request (CSR) is a text file generated by a Web server that contains information about your organization (name, address etc) as well as your server's public key

Challenge-Handshake Authentication Protocol (CHAP)
An authentication method that can be used when connecting to an Internet Service Provider. CHAP allows you to login to your provider automatically, without the need for a terminal screen. It is more secure than the Password Authentication Protocol (another widely used authentication method) since it does not send passwords in text format.

Challenge / Response
A method for SSL Server Security. A security procedure in which one communicator requests authentication of another communicator, and the latter replies with a pre-established appropriate reply.

Checksum
A checksum is a value that is used to check the integrity of data. Checksums are generated by a function that is dependent upon the data in question. For security purposes, checksums are generated by one-way hash functions. Once a checksum has been generated, it is either stored with or transmitted with the data in question. The integrity of the data can be checked by generating a new checksum. If the two checksums are identical, then the file has not changed. If the two checksums are different, then the data (or file) in question has been altered.

Chosen ciphertext attack
An attack where the cryptanalyst may choose the ciphertext to be decrypted.

Chosen plaintext attack
A form of cryptanalysis where the cryptanalyst may choose the plaintext to be encrypted.

Cipher
An encryption - decryption algorithm.

Ciphertext
Encrypted data.

Ciphertext-only attack
A form of cryptanalysis where the cryptanalyst has some ciphertext but nothing else.

Classification
An assembly of classified information to which a hierarchical, restrictive security label is attached in order to heighten the protection of the data, which provides network security and online security.

Also the level of protection required in order to apply certain information.

Classified
Information officially mandated by a security policy that is to be given data confidentiality service and is to be denoted with a special security label in order to signify the status of its protection.

Code
The machine-readable form of a computer program, produced by conversion of the human-written program (source code) into binary code by a compiler or interpreter

Communications Security (COMSEC)
Communications security. The protection resulting from all measures designed to deny authorized persons information of value which might be derived from the possession and study of telecommunications, or to mislead unauthorized persons in their interpretation of the results of such possession and study.

Concealment System
A technique of gaining confidentiality by concealing vulnerable information by embedding it in irrelevant data.

Confidentiality
The idea of possessing sensitive data in confidence, restricted to a precise set of individuals or organizations.

Cookie
A small piece of data, originally intended to keep state between web browser accesses to a server. Now used in many SSL Secured servers.

Cryptanalysis
The art of decoding text. Cryptanalysis is a complex process, involving statistical analysis, analytical reasoning, math tools and pattern-finding. It is a way to figure out how to break down Internet Security.

Crypto
Widely used as an abbreviation for cryptography, cryptographic, cryptology or even encryption.

Cryptographic Algorithm
A process or sequence of rules or steps that is well-define and is used to convert a key stream or ciphertext from plaintext and vice versa. Crypto-algorithm is an older usage.

Cryptographic Checksum
A one-way function attached to a file in order to construct a unique "fingerprint" of the file for reference at a later time. Recurrently part of the development of generating a digital signature. cryptographic key

See key cryptography the process -- principles, means and methods -- for making information unintelligible or for restoring encrypted information back to intelligible form.

Cryptology
Cryptology incorporates cryptanalysis, or code breaking, as well as code making; it is a slightly more general subject area than cryptography.

Cryptoperiod
The time span necessary for a particular key to be authorized and to be used in a cryptographic system, which is a characteristic of PKI key management.

Cryptosecurity
The validation and security protection coming from the appropriate application of technically solid cryptosystems such as encrypted SSL certificates.

Cryptosystem
An absolute and completely functional system for cryptography. It includes a solid Crypto-algorithm, necessities for the system's required functions and proper key choice and administration.

Go Daddy $14.99 SSL Sale!
SSL Certificate, Server Certificates, Web Server Certificates, High Assurance SSL Certificates and Extended Validation SSL Certificates Solutions.
© 2006 - 2008 CERTTRUST. ALL RIGHTS RESERVED.