IETF

Internet Engineering Task Force. Technical subdivision of the Internet

 

Architecture Board that coordinates the development of Internet standards.

MIB

Management Information Base.

NAS

Network Access Server. Network device that accepts connection requests from

 

remote users, authenticates users through RADIUS, and routes users onto the

 

network. Identical in meaning to RAS.

New Pin mode

Status assigned to a user’s token when its PIN has been compromised or when

 

the authorized user has forgotten the PIN. If the administrator clears the PIN, the

 

old PIN can no longer be used for authentication, and the next authentication

 

attempt with the token initiates the New PIN procedure. If the administrator

 

does not clear the PIN, the old PIN can be used one more time.

Next Tokencode

Status assigned to a user’s token if the token has drifted out of synch with the

mode

RSA Authentication Manager’s system clock or if there has been a series of

 

unsuccessful authentication attempts. Requiring that the user enter two

 

consecutive tokencodes ensures that the user has possession of the token.

node secret

Symmetric key used to encrypt communication between RSA RADIUS Server

 

and RSA Authentication Manager.

PAP

Password Authentication Protocol.

passcode

A one-time authentication string consisting of a user’s PIN followed by the user’s

 

tokencode.

PEAP

Protected Extensible Authentication Protocol. A two-phase authentication

 

protocol where (1) an authentication server is authenticated to a supplicant using

 

a digital certificate and a secure channel is established; and (2) the supplicant is

 

authenticated to the authentication server through the secure channel.

PIN

Personal Identification Number. The numeric or alphanumeric string that

 

identifies a user as being authorized for a specific RSA SecurID token.

Primary

A RADIUS server that acts as the hub for database replication. Compare Replica

RADIUS Server

RADIUS Server.

profile

A record in the RADIUS database describing the checklist attributes and return list

 

attributes that should be associated with a user or group of users.

RADIUS

Remote Authentication Dial-In User Service. A security administration standard

 

that functions as an information clearinghouse, storing authentication

RSA RADIUS Server 6.1 Administrator’s Guide

Glossary 101

Page 113
Image 113
RSA Security 6.1 manual Tokencode