Glossary
- Authentication
- The process of identifying an individual, usually based on a username
and password.
- Authorization
- The process of granting or denying a user access to network resources
once the user has been authenticated through the username and password.
- Accoutning
- The process of keeping track of a user's activity while accessing
the network resources. Accounting data is used for trend analysis, capacity
planning, billing, auditing and cost allocation.
- ARAP
- Short for Apple Remote Access Protocol,
an Apple authentication protocol which uses challenges and responses,
like CHAP, to avoid sending clear text passwords through the network.
- AV pair
- Attribute-Value pair, an entity consisting of a name and a value.
- CHAP
- Short for Challenge Handshake Authentication
Protocol, a type of authentication in which the authentication
agent (typically a network server) sends the client program a random
value that is used only once and an ID value. Both the sender and peer
share a predefined secret. The peer concatenates the random value (or
nonce), the ID and the secret and calculates a one-way hash using MD5.
The hash value is sent to the authenticator, which in turn builds that
same string on its side, calculates the MD5 sum itself and compares
the result with the value received from the peer. If the values match,
the peer is authenticated.
- Dictionary
- Set of known RADIUS attribute names and their types.
- Key
- see Secret.
- MS-CHAP, MS-CHAPv2
- Short for Microsoft Challenge Handshake
Authentication Protocol is a Microsoft authentication
protocol that, like CHAP, avoids sending passwords in clear text.
- NAS
- Network Access Server. The device that
accepts PPP connections and places clients on the network that the NAS
serves. NAS is also called Terminal server.
- Packet
- A piece of data sent over a network and encapsulating RADIUS or TACACS
message in a well-known format.
- PAP
- Short for Password Authentication Protocol,
the most basic form of authentication, in which a user's name and password
are transmitted over a network "in the clear" (that is, in
an unencrypted form) and compared to a table of name-password pairs.
- ProgID
- A ProgID, or programmatic identifier, is a registry entry that can
be associated with a CLSID. The format of a ProgID is <Vendor>.<Component>.<Version>,
separated by periods and with no spaces, as in Word.Document.6.
Like the CLSID, the ProgID identifies a class, but with less precision.
- Proxy server
- A server that sits between a client application and a real server.
It intercepts all requests to the real server to see if it can fulfill
the requests itself. If not, it forwards the request to the real server.
- RADIUS
- Short for Remote Authentication Dial-In
User Service, an authentication and accounting system
used by many Internet Service Providers (ISPs). When you dial in to
the ISP you must enter your username and password. This information
is passed to a RADIUS server, which checks that the information is correct,
and then authorizes access to the ISP system.
- Secret (Key)
- A string well known to both client and server and used to validate
and/or encrypt data, transmitted between them.
- Server
- A process receiving requests from its clients, processing them and
replying to a client.
- Server extension
- External module developed as COM server implementing some defined
interfaces and used by ClearBox Server.
- Server Manager
- Graphic utility used to manage ClearBox Server, configure and monitor
it.
- State server
- Some kind of database maintained by server extension where information
on users currently logged onto the network is stored.
- Synchronization
- Process used by ClearBox Server to compensate loss of accounting data
by synchronizing state server and NAS.
- TACACS+
- Short for Terminal Access Controller
Access Control System, a protocol developed
by Cisco Systems. Allows to exchange authentication, authorization and
accounting data between a device that provides network access to users
(the "TACACS+ client") and a device that contains authentication
information for those users (the "TACACS+ server").
- VSA
- Vendor Specific Attributes; RADIUS attributes defined by vendors using
the provision of attribute 26.
© 2001-2003 XPerience Technologies. www.xperiencetech.com
|