access control

prevention of unauthorized use of a resource, including the prevention of use of a resource in an unauthorized manner

prevention of unauthorized use of a resource, including the prevention of use of a resource in an unauthorized manner

access control list (ACL)

list of entities, together with their access right, which are authorized to have access to a resource

list of entities, together with their access right, which are authorized to have access to a resource

active threat

threat of a deliberate unauthorized change to the state of the system
EXAMPLE: Examples of security-relevant active threats may include modification of messages, replay of messages, and insertion of spurious messages, masquerading as an authorized entity and denial of service.

threat of a deliberate unauthorized change to the state of the system
EXAMPLE: Examples of security-relevant active threats may include modification of messages, replay of messages, and insertion of spurious messages, masquerading as an authorized entity and denial of service.

authorization

granting of rights, which includes the granting of access based on access rights

granting of rights, which includes the granting of access based on access rights

ciphertext

data produced, through the use of encipherment; the semantic content of the resulting data is not available

data produced, through the use of encipherment; the semantic content of the resulting data is not available

cleartext

intelligible data, the semantic content of which is available

intelligible data, the semantic content of which is available

cryptography

principles, means and methods for the transformation of data in order to hide its information content, prevent its undetected modification or prevent its unauthorized use

principles, means and methods for the transformation of data in order to hide its information content, prevent its undetected modification or prevent its unauthorized use

decryption

decryption reversal of a corresponding reversible encipherment

decryption reversal of a corresponding reversible encipherment

digital signature

signature data appended to, or a cryptographic transformation of, a data unit that allows a recipient of the data unit to prove the source and integrity of the data unit and protect against forgery, e.g. by the recipient
NOTE: See also cryptography.

signature data appended to, or a cryptographic transformation of, a data unit that allows a recipient of the data unit to prove the source and integrity of the data unit and protect against forgery, e.g. by the recipient
NOTE: See also cryptography.

end-to-end encipherment

encipherment of data within or at the source end system, with the corresponding decipherment occurring only within or at the destination end system

encipherment of data within or at the source end system, with the corresponding decipherment occurring only within or at the destination end system

EA

enrolment authority

hash-code

string of bits which is the output of a hash-function

string of bits which is the output of a hash-function

hash-function

function which maps strings of bits to fixed-length strings of bits, satisfying the following two properties: a) for a given output, it is computationally infeasible to find an input which maps to this output; and b) for a given output, it is computationally infeasible to find a second input which maps to the same output
NOTE: Computational feasibility depends on the specific security…

function which maps strings of bits to fixed-length strings of bits, satisfying the following two properties: a) for a given output, it is computationally infeasible to find an input which maps to this output; and b) for a given output, it is computationally infeasible to find a second input which maps to the same output
NOTE: Computational feasibility depends on the specific security requirements and environment.

challenge

data item chosen at random and sent by the verifier to the claimant, which is used by the claimant, in conjunction with secret information held by the claimant, to generate a response which is sent to the verifier
EXAMPLE: In ISO 24534-4 the term challenge is also used in case an ERT does not have enabled encryption capabilities and the challenge is merely copied without any secret…

data item chosen at random and sent by the verifier to the claimant, which is used by the claimant, in conjunction with secret information held by the claimant, to generate a response which is sent to the verifier
EXAMPLE: In ISO 24534-4 the term challenge is also used in case an ERT does not have enabled encryption capabilities and the challenge is merely copied without any secret information applied.

key

sequence of symbols that controls the operations of a cryptographic transformation (e.g. encipherment, decipherment, cryptographic check function computation, signature generation, or signature verification)

sequence of symbols that controls the operations of a cryptographic transformation (e.g. encipherment, decipherment, cryptographic check function computation, signature generation, or signature verification)

manipulation detection

mechanism which is used to detect whether a data unit has been modified (either accidentally or intentionally)

mechanism which is used to detect whether a data unit has been modified (either accidentally or intentionally)

masquerade

pretence by an entity to be a different entity

pretence by an entity to be a different entity

mutual authentication

entity authentication which provides both entities with assurance of each other’s identity

entity authentication which provides both entities with assurance of each other’s identity

passive threat

threat of unauthorized disclosure of information without changing the state of the system

threat of unauthorized disclosure of information without changing the state of the system

password

confidential authentication information, usually composed of a string of characters

confidential authentication information, usually composed of a string of characters

privacy

right of individuals to control or influence what information related to them may be collected and stored and by whom and to whom that information may be disclosed

right of individuals to control or influence what information related to them may be collected and stored and by whom and to whom that information may be disclosed

private decipherment key

private key which defines the private decipherment transformation

private key which defines the private decipherment transformation

private key

key of an entity's asymmetric key pair which should only be used by that entity
NOTE: In the case of an asymmetric signature system the private key defines the signature transformation. In the case of an asymmetric encipherment system the private key defines the decipherment transformation.

key of an entity's asymmetric key pair which should only be used by that entity
NOTE: In the case of an asymmetric signature system the private key defines the signature transformation. In the case of an asymmetric encipherment system the private key defines the decipherment transformation.

private signature key

private key which defines the private signature transformation

private key which defines the private signature transformation

public encipherment key

public key which defines the public encipherment transformation

public key which defines the public encipherment transformation

public key

key of an entity's asymmetric key pair which can be made public
NOTE: In the case of an asymmetric signature system the public key defines the verification transformation. In the case of an asymmetric encipherment system the public key defines the encipherment transformation. A key that is “publicly” known is not necessarily globally available. The key is only made available to all members of…

key of an entity's asymmetric key pair which can be made public
NOTE: In the case of an asymmetric signature system the public key defines the verification transformation. In the case of an asymmetric encipherment system the public key defines the encipherment transformation. A key that is “publicly” known is not necessarily globally available. The key is only made available to all members of a pre-specified group.
cryptographic key that can be obtained and used by anyone to encrypt messages intended for a
particular recipient, such that the encrypted messages can be deciphered only by using a second key that is known only to the recipient (the private key)

public key certificate

certificate public key information of an entity signed by the certification authority and therefore rendered unforgeable
NOTE: A public key certificate also specifies the role of the entity for which the public key information is provided, e.g. manufacturer or registration authority.

certificate public key information of an entity signed by the certification authority and therefore rendered unforgeable
NOTE: A public key certificate also specifies the role of the entity for which the public key information is provided, e.g. manufacturer or registration authority.

public verification key

public key which defines the public verification transformation

public key which defines the public verification transformation

read only

property that data content cannot be changed by a reader/interrogator

property that data content cannot be changed by a reader/interrogator

registration certificate

vehicle registration document (paper or smart card) issued by the registration authority for vehicles in which the vehicle and its owner or lessee are registered

vehicle registration document (paper or smart card) issued by the registration authority for vehicles in which the vehicle and its owner or lessee are registered