Common Data Security Architecture (CDSA) White Paper
Glossary of CDSA Terms and Acronyms
Common Security Services Manager (CSSM)
A central, extensible infrastructure that defines APIs for access to cryptography, certificate, trust, or storage services.
Cryptography Service Provider (CSP)
A CSP (whether software and/or hardware-based) provides data encryption/decryption, digital signatures, cryptographic hashing, key generation, random-number generation services.
Diffie-Hellman key exchange
A protocol developed by Whitfield Diffie and Martin Hellman in 1976 that allows participants to agree on a symmetric-cipher key over an insecure channel.
Data Encryption Standard (DES)
A widely used encryption algorithm that applies a 56-bit key to each 64-bit block of data. DES is specified in ANSI X3.92 and X3.106 standards and in the FIPS 46 and 81 standards.
Data Storage Library (DL)
Provides persistent storage for security-related CDSA objects, such as certificates, CRLs, public keys, or trust information. A DL can use a commercial database package, custom hardware, or a file system as the underlying storage repository. The DL provides the following services: management of data stores, including creation, deletion, import, export of data stores; storage and management of security objects; management of attributes associated with stored security objects.
Globally Unique ID (GUID)
A set of descriptive attributes that provides the means to attach add-in modules to the CSSM Applications.
International Organization for Standardization (ISO)
A non-governmental, worldwide federation of national standards bodies representing 130 nations, based in Geneva, Switzerland. ISO’s mission is to foster increased cooperation in the spheres of scientific, technological, and economic activity through standardization of criteria and components..
Message Authentication Code (MAC)
A function that produces fixed length output from variable-length input and a key. Might be hash-based, cipher-based, or stream-cipher based.
