Exam 23: Internet Authentication Applications

An integer value unique within the issuing CA that is unambiguously associated with the certificate is the ________.

Kerberos does not support interrealm authentication.

The overall scheme of Kerberos is that of a trusted third-party authentication service.

The focus of _________ is defining an identity for each user,associating attributes with the identity,and enforcing a means by which a user can verify identity.

The authentication server shares a unique secret key with each server.

________ requires that a user prove his or her identity for each service invoked and,optionally,requires servers to prove their identity to clients.

The certification _________ is the issuer of certificates and certificate revocation lists.

The principal objective for developing a PKI is to enable secure, convenient,and efficient acquisition of private keys.

Federated identity management makes use of a number of standards that provide the building blocks for secure identity information exchange across different domains or heterogeneous systems.

_______ is movement of data in a business process.

In a generic identity management architecture _______ are entities that obtain and employ data maintained and provided by identity and attribute providers,often to support authorization decisions and to collect audit information.

A software utility initially developed at MIT and available both in the public domain and in commercially supported versions,________ is the defacto standard for remote authentication.

Kerberos uses the _______ encryption algorithm.

The approach taken by Kerberos is using authentication software tied to a secure authentication server.

_______ is a minimal set of conventions for invoking code using XML over HTTP that enables applications to request services from one another with XML-based requests and receive responses as data formatted with XML.

One of the earliest and most widely used services is _________.

________ is a process where authentication and permission will be passed on from one system to another,usually across multiple enterprises,reducing the number of authentications needed by the user.

______ is the set of hardware,software,people,policies,and procedures needed to create,manage,store,distribute,and revoke digital certificates based on asymmetric cryptography.

_______ is an XML-based language for the exchange of security information between online business partners.

In a generic identity management architecture a ________ is an identity holder.