Cisco Systems OL-24201-01

Glossary

GL-7

User Guide for Cisco Secure Access Control System 5.3

OL-24201-01

digital envelope An encrypted message with the encrypted session key.

digital signature A hash of a message that uniquely identifies the sender of the message and proves the message hasn't

changed since transmission.

DSA digital signature algorithm. An asymmetric cryptographic algorithm that produces a digital signature

in the form of a pair of large numbers. The signature is computed using rules and parameters such that

the identity of the signer and the integrity of the signed data can be verified.

(DSS Digital Signature Standard. The US Government standard that specifies the Digital Signature

Algorithm (DSA), which involves asymmetric cryptography.

disassembly The process of taking a binary program and deriving the source code from it.

disruption A circumstance or event that interrupts or prevents the correct operation of system services and

functions.

DIT directory information tree (also known as the naming context). The hierarchy of objects that make up

the local directory structure. More than one DIT may be supported by an LDAP server. The Root DSE

will provide this information.

DN Distinguished Name. A DN is comprised of a series of RDNs that uniquely describe the naming

attributes on the path UP the DIT from the required entry to the directory root. A DN is written LEFT

to RIGHT and looks something like this:

domain A sphere of knowledge, or a collection of facts about some program entities or a number of network

points or addresses, identified by a name. On the Internet, a domain consists of a set of network

addresses. In the Internet's domain name system, a domain is a name with which name server records

are associated that describe sub-domains or host. In Windows NT and Windows 2000, a domain is a

set of network resources (applications, printers, and so forth) for a group of users. The user need only

to log in to the domain to gain access to the resources, which may be located on a number of different

servers in the network.

domain name Locates an organization or other entity on the Internet. For example, the domain name "www.sans.org"

locates an Internet address for "sans.org" at Internet point 199.0.0.2 and a particular host server named

"www". The "org" part of the domain name reflects the purpose of the organization or entity (in this

example, "organization") and is called the top-level domain name. The "sans" part of the domain name

defines the organization or entity and together with the top-level is called the second-level domain

name.

DNS Domain Name System. The way that Internet domain names are located and translated into IP

addresses. A domain name is a meaningful and easy-to-remember "handle" for an Internet address.

DSA Directory

System Agent

X.500 term for any DAP or LDAP enabled directory service e.g. an LDAP server.

DSE DSA Specific

Entry

An entry in a local directory server.

due diligence The requirement that organizations must develop and deploy a protection plan to prevent fraud, abuse,

and additional deploy a means to detect them if they occur.