Internet Security Terms
Authentication: The verification of the identity of a user or
host. When you
communicate over a network, authentication ensures that you are
communicating with the intended party and not an imposter.
Encryption : The encoding of data such that only the intended
read it. Encryption hides the data from eavesdroppers and ensures that only
the intended recipient can read it.
Certificate: A file that contains information about a
browser, server, proxy,
or other network entity. It includes identifying information, the entity's public
key, and a signature made by a Certification Authority.
Certification Authority (CA): A trusted third party that uses
its private key
to create unique signatures for certificates. It publishes its public key, which
servers and clients can use to verify signatures made by that CA.
Cipher: A mathematical algorithm used for encryption. Some
as those used in software exported from the US, can easily be broken.
Others are strong and cannot be broken using ordinary computing facilities.
Key pair: A matching public and private key, where the
private key contains
the prime factors of the number contained in the public key.
Private key: A key that a server or client keeps
confidential. Only this key
can decrypt data that is encrypted with its counterpart, the public key.
Public key: A key that a server or client publishes for use
by other servers
or clients. Others can use this key to encrypt the data they send to the key's
owner, but no one can use it to decrypt the same data.
Secure server: A server that uses the Secure Sockets Layer
protocol to encrypt data for transfer over TCP/IP networks, including the
Internet. Secure servers provide security and privacy on the World Wide
Session key: A key that both client and server use to encrypt
transactions for a single session. For each session, the client generates a
session key, encrypts it with the server's public key, and sends it to the
SSL: The Secure Sockets Layer, a protocol developed by
authentication and encryption over TCP/IP networks, including the Internet.