Glossary
This page contains a glossary of terms used in I2A2 documentation
\n
The C language escape code for the ASCII new line character, NL, decimal 10; NL ends I2A2 external protocol messages.
\r
The C language escape code for the ASCII carriage return character, CR, decimal 13; CR is an additional, but optional, I2A2 external protocol message ending character.
\t
The C language escape code for the ASCII TAB character, VT, decimal 11; TAB is the field terminator character in the I2A2 external protocol.
ACL
Access Control List, a resource access limiting facility based on identity
Alias
A two to eight character token, containing lower case alphabetic characters and numbers. The alias is currently borrowed from login names in the Purdue University career account database.
ASP
The Active Server Pages feature of Microsoft Internet Information Services. I2A2 support for ASP may be found in the I2A2 PUIDCL Client Access Library
authz
The abbreviation for the authorizer DBM
Apache Web Server
A UNIX web server, more correctly named The Apache HTTP Server, made available by the Apache Software Foundation at Apache HTTP Server Project. The I2A2 link describes packages for installing the Apache Web server on UNIX systems.
Authentication Realm
An I2A2 concept, defining a specific organizational administration unit for authentication token, both passwords and certificates. Also see the Purdue Realm.
Boolean Expression
A Boolean expression is a logical statement in a mathematical form named after its inventor, George Boole. Boolean expressions are used in I2A2 to express authorization characteristics queries; they evaluate to a true or false answer.
CA
Certificate Authority, an organization that manufactures, distributes and manages certificates.
Career Account
A computer login assigned to each student and staff member on the Purdue West Lafayette campus. A career account is called coordinated when its name matches the person's @Purdue.edu Email address.
Carriage Return
See \r.
ColdFusion
ColdFusion is a Macromedia software package containing a web scripting language that can be used to perform authentication (binding) via the I2A2 LDAP protocol converter.
Coordinated Purdue Career Account
See Career Account.
Certificate
A Public Key Infrastructure (PKI) entity for authentication. Also see PKI and X.509 Certificate.
Characteristic
An authorization association for a PUID. Also see Boolean Expression.
Characteristic Expression
See Boolean Expression.
CN
The LDAP Common Name attribute.
CR
See \r
DBM
Data Base Manager, I2A2 fast access maintainers of identification, authentication, and authorization information.
DN
The LDAP distinguished name.
EGD
Entropy Gathering Daemon, a facility for generating PRNG seeding information for OpenSSL; see it's man page.
Entropy Gathering Daemon
A freeware daemon that generates random information, suitable for seeding OpenSSL's PRNG; also see EGD and OpenSSL
Ethical Use
A statement about the ethical use of I2A2 authentication credentials by web servers and applications.
HRID
A human resources identification number, currently the Social Security Number (SSN). A new system (see HRIS), scheduled for deployment in early 2003, will use a number other than the SSN.
HRIS
Human Resource Information System
I2A2
The infrastructure for identification, authentication and authorization.
IETF
The Internet Engineering Task Force
LDAP
The Lightweight Directory Access Protocol, described in RFC 2241 and the "LDAP bible"
Luhn Check Digit
A base ten check digit, appearing in the last position of a number, computed from the initial digits of the number, used to detect errors of transcription in the digits of the number. The algorithm is described in ANSI/ISO/IEC 7812-1:1993 and is derived from the Luhn formula.
ModSSL
Modules for the Apache web server that implement SSL transactions. Also see Apache Web Server and SSL.
NAS
A Network Access Server, sometimes called a terminal server; both can get authentication and authorization services from a RADIUS protocol server.
New Line
See \n.
NL
See \n.
OAS
The Oracle Application Server, a web based interface to an Oracle database.
OID
The X.500 Object IDentifier, described in ITU-T Rec. X.500, "The Directory: Overview pf Concepts, Models and Service." 1993
OpenSSL
A UNIX SSL library, produced by the OpenSSL Project. Also see SSL.
PAM
A UNIX Pluggable Authentication Module, an API that supports flexible implementation of authentication access policies.
PID
The UNIX process identifier, an integer that uniquely identifies each process running on the computer.
PKI
A public key infrastructure, supporting the use of public keys. See also CA, Certificate Authority and X.509 Certificate.
PRNG
A pseudo-random number generator -- e.g.,as used by OpenSSL.
PUID
The Purdue University identifier, a ten digit public number with Luhn check digit.
Purdue Realm Password
An X.509 certificate issued by the Purdue Certificate Authority. Also see CA, X.509 Certificate, and Purdue Certificates.
Purdue Realm
The authentication realm that contains the Purdue password, also the career account password. Also see Career Account.
RADIUS
The Remote Authentication Dial In User Service (RADIUS), described in RFC 2865.
RDN
The LDAP Relative Distinguished Name.
Realm
An I2A2 authentication organization, responsible for the maintenance of a particular set of authentication tokens.
REFL
The abbreviation for the reflector DBM.
RFC
A Request for Comments, an Internet standards document.
SID
The Purdue student identification number; it often is the Social Security Number.
SN
The LDAP surname attribute.
SSL
The Secure Sockets Layer, a protocol for encrypting the TCP/IP channel between a client and a server, designed by NetScape.
Tab
See \t.
Vertical Tab
See \t.
VT
See \t.
X.509 Certificate
A private key, public key certificate, conforming to the ANSI X.509 standard .