SSL Glossary

A1

Anonymous Login

An access control quality, which can be a weakness, where a lot of secure servers allow users to access general-purpose or public services and resources without owning a user-specific account that is pre-established, something like a user name or secret password, lowering internet security and network security because there is no secure authentication.

Application Level Gateway

A firewall system where service is given by processes which keep total TCP connection state and sequencing. Application level firewalls provide protection, Internet security and online security by re-addressing traffic.

Archive

Often a secured site that has a lot of files, perhaps accumulated over a span of time. Sometimes the files are publicly accessible. Also can be a protected SSL secure server folder containing related files that are often in a compressed format in order to reduce the size of the file and to lessen the transmission -- upload or download -- time on Internet electronic bulletin boards or download sites. Because of the compression, archive files look as if they have undergone encryption and password protected with authentication, so they are not a threat or malware scanning software.

Assurance

SSL secure web servers need a degree of confidence which the security features and architecture where a system exactly arbitrates and imposes the security policy. It is usually neglected in security planning. Assurance may be partially decided by penetration testing or simulation.

Asymmetric Cryptography

Asymmetric Cryptography uses two keys to work together so that text encrypted with the one key can only be decrypted by the other.

One of the keys is kept private by one party, eliminating the need to share keys. This way, security is not compromised. The second key is called the "public key", and it should be available to everyone who has legitimate need of access.

Attack Signature

Secure server network logs often show activities or alterations to a system signaling an attack or attempted attack. Attack signature especially indicates a particular kind of attack, which is often decided by examination of audit.

Audit

Gathering records to check their conformity with an SSL security policy.

Audit Trail

A time-sequential record of system actions that is sufficient to reconstruct, review and examine an operation or transaction from start to finish, also known as a security audit trail.