Definitions, Acronyms & Abbreviations 3DES Triple DES. Block cipher algorithm that applies the base DES algorithm three times using two or three different keys. AES Advanced Encryption Standard. A symmetric encryption technique based on the Rijndael algorithm. Selected as the proposed replacement for DES as the standard encryption for U.S. Government use. COTS Commercial Off The Shelf. A commercially produced general purpose computing platform such as a PC, workstation, or network server. DES Data Encryption Standard. A single key block cipher algorithm. Due to short key length (56 bits) , DES is no longer considered secure. Life extended by Triple DES algorithm (see 3DES) DH Diffie-Hellman. A public encryption key algorithm used to generate a secret shared key between two nodes via an insecure communications channel. Dongle A hardware device used for some software-piracy protection schemes. Protection consists of software detection that the dongle is connected to the computer. Firewire An external data interface standard supported by a wide range of computing platforms and peripherals. Capable of point-to-point data transfer rates of up to 400MBits/Second. Defined by IEEE 1394b standard. GUI Graphical User Interface. A program interface that makes use of a computer's graphics capabilities and pointing device (mouse) to make the program easier to use. GUID Globally Unique Identifier. A unique 128-bit number produced by an application or operating system to identify a particular component, application, file, database entry or user HTML HyperText Markup Language used to define basic web page content. HTTP HyperText Transfer Protocol. Lightweight network protocol used for the delivery of HTML and other web page content. IPSec Internet Protocol Security extensions. Protocol for negotiating encryption and authorization at the IP level of the network protocol stack. LAN Local Area Network. A computer network generally limited to a relatively small geographic area, a single campus or building, for example. MD5 Message Digest 5. A one-way hash or message digest function defined in RFC 1321. Possible hash collision attack revealed recently (2004) NAT Network Address Translation. A firewall method for translating multiple internal IP addresses or network addresses into a single globally unique IP address. PIN Personal Identification Number. A (typically) all-numeric password used to provide a first level of security for a more robust device such as a smartcard or other SCD Rijndael A symmetric block cipher with key sizes of 128, 192 or 256 bits. Selected by NIST as the planned replacement for DES. See AES. RSA A public key encryption algorithm developed by R. Rivest, A. Shamir, and L. Adleman SCD Secure Computing Device. A processing and memory unit in a tamper-resistant package providing protection against unauthorized physical, electrical or other access to the data and software contained in the device. A smartcard is one common form of SCD. SHA Secure Hash Algorithm. A one-way hash or message digest function developed by NIST. Current version is called SHA2. SSL Secure Sockets Layer. A protocol for providing encrypted communications on the internet. In the protocol stack, SSL is between TCP/IP and application protocols such as HTTP and FTP. TCP/IP Transmission Control Protocol/Internet Protocol. Network and Data link protocol stack on which many higher level protocols are built. TPS Transactions per Second. Sustainable number of complete 'atomic' operations per second that can occur between two systems. URL Uniform Resource Locator. A character string defining the address and access method of a resource on the internet. USB Universal Serial Bus. An external data interface standard supported by a wide range of computing platforms and peripherals. Capable of point-to-point data transfer rates of up to 480 MBits/Second WAN Wide Area Network. A computer network spanning a relatively large geographic area. Typically connects multiple LANs. The Internet is the ubiquitous example of a WAN.