Exam 23: Internet Authentication Applications

_______ is movement of data in a business process.

The approach taken by Kerberos is using authentication software tiedto a secure authentication server.

The overall scheme of Kerberos is that of a trusted third-partyauthentication service.

Initialization begins the process of enrolling in a PKI.

________ allows end entities to restore their encryption/decryption key pair from an authorized key backup facility.

Update is not required when the certificate lifetime expires or as aresult of certificate revocation.

The _________ is an optional bit string field used to identify uniquely the issuing CA in the event the X.500 name has been reused for different entities.

________ requires that a user prove his or her identity for each service invoked and, optionally, requires servers to prove their identity to clients.

_____ is a markup language that uses sets of embedded tags or labels to characterize text elements within a document so as to indicate their appearance, function, meaning, or context.

An integer value unique within the issuing CA that is unambiguously associated with the certificate is the ________.

______ is the set of hardware, software, people, policies, and procedures needed to create, manage, store, distribute, and revoke digital certificates based on asymmetric cryptography.

A principal element of an identity management system is _______.

X.509 provides a format for use in revoking a key before it expires.

_______ is an XML-based language for the exchange of security information between online business partners.

A full-service Kerberos environment consisting of a Kerberos server that has the user ID and password of all participating users in its database and shares a secret key with each server, all users and servers being registered with the Kerberos server, is referred to as a Kerberos ______.

_______ is the process whereby a user first makes itself known to a CA prior to that CA issuing a certificate or certificates for that user.

_______ certificates are used in most network security applications, including IP security, secure sockets layer, secure electronic transactions, and S/MIME.

The ticket contains the user's ID, the server's ID, a __________, a lifetime after which the ticket is invalid, and a copy of the same session key sent in the outer message to the client.

In Kerberos, the ___________ decrypts the ticket and authenticator, verifies the request, and creates ticket for requested server.

________ is a set of SOAP extensions for implementing message integrity and confidentiality in Web services.