Exam 23: Internet Authentication Applications

A software utility initially developed at MIT and available both in the public domain and in commercially supported versions,________ is the defacto standard for remote authentication.

_____ is a markup language that uses sets of embedded tags or labels to characterize text elements within a document so as to indicate their appearance,function,meaning,or context.

The ticket-granting ticket is not reusable.

_______ systems are automated methods of verifying or recognizing identity on the basis of some physiological or behavioral characteristic.

An obvious security risk is that of impersonation.

A principal element of an identity management system is _______.

______ is the set of hardware,software,people,policies,and procedures needed to create,manage,store,distribute,and revoke digital certificates based on asymmetric cryptography.

________ allows end entities to restore their encryption/decryption key pair from an authorized key backup facility.

The _________ is an optional bit string field used to identify uniquely the issuing CA in the event the X.500 name has been reused for different entities.

Kerberos does not support interrealm authentication.

The focus of _________ is defining an identity for each user,associating attributes with the identity,and enforcing a means by which a user can verify identity.

_______ certificates are used in most network security applications,including IP security,secure sockets layer,secure electronic transactions,and S/MIME.

In a generic identity management architecture _______ are entities that obtain and employ data maintained and provided by identity and attribute providers,often to support authorization decisions and to collect audit information.

The certification _________ is the issuer of certificates and certificate revocation lists.

CMP,defined in RFC 2510,is designed to be a flexible protocol able to accommodate a variety of technical,operational,and business models.

_______ is an XML-based language for the exchange of security information between online business partners.

_______ is a minimal set of conventions for invoking code using XML over HTTP that enables applications to request services from one another with XML-based requests and receive responses as data formatted with XML.

An integer value unique within the issuing CA that is unambiguously associated with the certificate is the ________.

The overall scheme of Kerberos is that of a trusted third-party authentication service.

The ticket contains the user's ID,the server's ID,a __________,a lifetime after which the ticket is invalid,and a copy of the same session key sent in the outer message to the client.