Digital Certificate Operation in a Complex Environment
navigation search
search query:

3. Glossary G - N

GSI Grid Security Infrastructure GSI is based on public key encryption, X.509 certificates, and the Secure Sockets Layer (SSL) communication protocol. See
Hash A fixed-size result obtained by applying a mathematical function (the hashing algorithm) to the data supplied (possibly a password or a longer message). Usually, a hash value will be much shorter than the original data.
Most importantly, a hash is a one-way function. It is considered to be impossible (currently) to compute the original data (back) from the hash.
Thus, a hash may also known as a 'message digest'). Typical hashing algorithms include MD2, MD4, MD5, and SHA-1.
See also MAC.
High Level Assurance See Assurance Levels.
IDEA International Data Encryption Algorithm Symmetric key algorithm. Uses 128-bit key. Patented for commercial use and therefore not much used. Used in PGP.
Identification Associating an identity with a subject (e.g. a network ID with a request). The entity only needs to be identified later (e.g. to send a network packet to it). This means that 'who' or 'what' comprises the identity is not important (merely that the packet was delivered correctly).
Often, identification is taken to mean "Identification+Authentication" (and vice versa: "Authentication=Identification+Authentication"), but strictly these are two separate concepts.
See our primer document for more background on identification and authentication.
IETF Internet Engineering Task Force The IETF is an organisation whose purpose is to coordinate the operation, management and evolution of the Internet. IETF publications are written by individuals or small working groups and published as 'Request For Comments' (RFC)s. Rather than formally promulgated though an institution such as ITU or ANSI, RFCs are reviewed by the Internet at large or by technical experts acting on their own initiative.
See PKIX and TLS .
ITU-T Internet Engineering Task Force International Telecommunication Union (ITU) includes the ITU Telecommunication Standardization Sector (ITU-T) "ITU-T's mission is to ensure an efficient and on-time production of high quality standards (Recommendations) covering all fields of telecommunications." "ITU-T was created on 1 March 1993, replacing the former International Telegraph and Telephone Consultative Committee (CCITT) whose origins go back to 1865. The public and the private sectors cooperate within ITU-T forthe development of standards that benefit telecommunicationusers worldwide".
JCAS JISC Committee for Authentication and Security Defunct as of January 2000. Now taken over by the JISC Committee for Networking (JCN) and the JISC Committee for the Information Environment (JCIE)
JISC Joint Information Systems Committee JISC promotes the innovative application and use of information systems and information technology in further and higher education across the UK. It is effectively a funding body for information systems and technology, established via several of the existing UK research councils.
Key Cryptographic keys are chosen parameters, each connected with a specific type of cryptographic algorithm. Their size, lifetime and usage depends on the algorithm being used. They may be just large random numbers or have certain characteristics (e.g. prime numbers). See also symmetric encryption and asymmetric encryption.
LICS Local Institution Certificate Store The (theoretical, at present) LICS is a web-application used to store and retrieve encrypted PKCS#12 containers. It has a relationship with the institution's RA but should be independent of the CA. It is designed to be partly a key store for those users storing their certificates and keys centrally and a local username-DN 'mapper' for pseudonymity purposes.
For more information, see our ideas pages.
LURCIS Leeds User Registration and Certificate Issuing System PKI system at Leeds University. LURCIS is a system for managing registration of end users of the IT services at Leeds. At present, the only direct users of LURCIS are registration staff throughout the University. The default behaviour of the system is to store the user's private keys and certificates on a central server. This is seen by some to problematic for trust outside the University, but does avoid the problem of user (and certificate/private key) mobility.
MAC Message Authentication Code Provides message integrity like a message digest, but additionally supports message authentication. MACs can be used with any iterative cryptographic hash function like MD5, SHA-1 together with a shared secret key.
Medium Level Assurance See Assurance Levels.
Message digest AKA thumbprint or hash Distillation of the information contained in a file [or message] into a single large number, typically between 128 and 256 bits in length. If any part of the file is changed, it should be computationally unfeasible to find another file with the same message digest value. Also called one-way hash functions because they produce values that are difficult to invert, resistant to attack, effectively unique, and widely distributed. See also hash.
MITM Man-In-The-Middle Attack The man in the middle attack is an attack where the attacker is able to read, and possibly modify at will, messages between two parties without letting either party know that they have been attacked. The attacker must be able to observe and intercept messages going between the two victims. (From Wikipedia)
MIMAS Manchester Information and Associated Services Project partner in the DCOCE project. (See some background to MIMAS' role in this project).
MIMAS hosts Zetoc - gateway for British Library table of contents. Getting a password for Zetoc depends on authentication from the user's institution.
NSA National Security Agency (USA)

Up: Contents Previous: 2. Glossary D - F Next: 4. Glossary O - P

Oxford University Computing Services Mimas Athens access management services Oxfore e-Science Centre Systems and Electronic Resources Service Joint Information Systems Committee