Search Results

An XML-based data format used to exchange authentication information between a client and a service.

A networking mechanism that allows users to access multiple network resources while only having to provide authentication once.

A network protocol used to access network directory databases, which store information about authorized users and their privilege, as well as other organizational information. LDAP is based on the X.500 series of directory standards. However, since X.500 is co...

A means of establishing checks and balances against the possibility that critical systems or procedures can be compromised by insider threats, preventing ethical conflicts and/or abuses of power.

A framework for autonegotiation of secure authentication methods that use hardware identifiers like fingerprint readers or smart card scanners. This autonegotiation happens before full connection in three scenarios: when the user is accessing a wireless netwo...

A secure report that proves that a client is running an authorized OS and has up-to-date patches and security scanner configurations, ensuring the device meets security standards before accessing the network.

A client-server protocol that enables centralized management of user authentication and access control across various network services. When using RADIUS, all three members of the AAA triad must be implemented using it. Authentication, authorization, and accou...

A type of network security zone where hosts that face the Internet are placed for secure external data retrieval by the internal network. If communication is required between hosts on either side of the perimeter network, a host within is configured to act as ...

A network segment that's isolated from the rest of a private network by one or more firewalls that accepts connections from the Internet over designated ports. Screened subnets use two firewalls placed on either side of the perimeter network zone. One is place...

A measure of a wireless signal's strength as measured at the receiver, measured using either decibel units or an index value. If a client vendor prefers to use index values to measure the signal strength, the most common ranges are 0-60, 0-127, or 0-255. When ...

A mechanism used in wireless networks to select the data transmission rate at the physical layer that is optimal under current channel conditions.

A unique string used to identify wireless networks. SSIDs have a maximum length of 32 bytes, and only use ASCII characters for maximum compatibilit.

A security protocol designed to enhance the security of WEP without introducing breaking changes.

A password-based authentication and password-authenticated key agreement method. SAE is a variant of the Dragonfly Key Exchange. Dragonfly was based on the Diffie-Hellman key exchange that didn't have any authentication, so SAE added authentication by making t...

An amendment to the normal 802.11 standard that enhances the ability of wireless devices to maintain connectivity while moving between meshed access points.

A network protocol suite used to secure data through authentication and encryption as the data travels across the network or the Internet. IPsec has two core protocols. Application Header (AH) Encapsulating Security Payload (ESP) IPsec operates in two ...

aliases: ESP A core protocol of IPsec. ESP is used to encrypt only the payload, and doesn't compute an ICV exactly like AH does. Instead, ESP attaches three fields to the packet: a header a trailer an ICV computed without the IP header With ...

aliases: AH A core protocol of IPSec. AH performs a cryptographic hash on the whole packet, including the IP header, along with a secret shared key. It adds these values as an Integrity Check Value (ICV). The receiving host performs the same hashing...