Glossary
GL-2
User Guide for Cisco Secure Access Control System 5.4
OL-26225-01
accounts The capability of ACS to record user sessions in a log file.
ACS System
Administrators
Administrators with differ ent access privileges defined under the System Configuration section of the ACS
web interface. They administer and manage ACS deployments in you r network.
ARP address resolution protocol. A protocol for mapping an Internet Protocol addr ess to a physical machine
address that is recognized in the local network. A table, usually called the ARP cache, is used to
maintain a correlation between each MAC address and its corresponding IP address. ARP provides the
protocol rules for making this correlation and providing address conversion in both directions.
AES advanced encryption standard. A Federal Information Processing Standard (FIPS) Publication t hat will
specify a cryptographic algorithm for use by U.S. Government organizations to protect sensitive
(unclassified) information. This standard specifies Rijndael as a FIPS-approved symmetric encryption
algorithm that may be used by U.S. Government organizations (and others) to protect sensitive
information.
anonymous (LDAP) An LDAP session is described as anonymous if no user DN or secret is supplied when initiating the
session (sending the bind).
anti-virus A software program designed to identify an d remove a known or potential computer virus
API application program interface. The specific methodology by which a programmer writing an
application program may make requests of the operating system or another application.
applet Java programs; an application program that uses the client's web browser to provide a user interface.
ARP Address Resolution Protocol. A protocol used to obtain the physical addresses (such as MAC
addresses) of hardware units in a network environment. A host obtains such a physical address by
broadcasting an ARP request, which contains the IP address of the target hardware unit. If the request
finds a unit with that IP address, the unit replies with its physical hardware address.
ARPANET Advanced Research Projects Agency Network. A pioneer packet-switched network that was built in the
early 1970s under contract to the US Government, led to the development of toda y's Internet, and was
decommissioned in June 1990.
Asymmetrical Key
Exchange
Asymmetric or public key cryptography is based on the concept of a key pair. Each half of the pair (one
key) can encrypt information so that only the other half (the other key) ca n decrypt it. One part of the
key pair, the private key, is known only by the designated owner; the other part, the public key, is
published widely but is still associated with the owner.
attribute (LDAP) The data in an entry is contained in attribute-value pairs. Eac h attribute has a name (and sometimes a
short form of the name) and belongs to an objectClass. The attributes characteristics are fully described
by an ASN.1 definition. One or more objectClasses may be included in a Schema. Depending on the
ASN.1 definition of the attribute there can be more that one attribute-value pair of the same named
attribute in an entry. One (or more) attribute(s), the naming attribute or RDN will always uniquely
identify an entry.
auditing The information gathering and analysis of assets to ensure such things as policy compliance an d
security from vulnerabilities.
authenticated
(LDAP)
A session is described as authenticated if a user DN and secret is supplied when initiating the session
(sending the bind).
authentication The process of confirming the correctness of the claimed iden tity.