beautypg.com

Ol. an, Ietf – RSA Security 6.1 User Manual

Page 113

background image

RSA RADIUS Server 6.1 Administrator’s Guide

Glossary

101

IETF

Internet Engineering Task Force. Technical subdivision of the Internet
Architecture Board that coordinates the development of Internet standards.

MIB

Management Information Base.

NAS

Network Access Server. Network device that accepts connection requests from
remote users, authenticates users through RADIUS, and routes users onto the
network. Identical in meaning to

RAS

.

New Pin mode

Status assigned to a user’s token when its PIN has been compromised or when
the authorized user has forgotten the PIN. If the administrator clears the PIN, the
old PIN can no longer be used for authentication, and the next authentication
attempt with the token initiates the New PIN procedure. If the administrator
does not clear the PIN, the old PIN can be used one more time.

Next Tokencode
mode

Status assigned to a user’s token if the token has drifted out of synch with the
RSA Authentication Manager’s system clock or if there has been a series of
unsuccessful authentication attempts. Requiring that the user enter two
consecutive tokencodes ensures that the user has possession of the token.

node secret

Symmetric key used to encrypt communication between RSA RADIUS Server
and RSA Authentication Manager.

PAP

Password Authentication Protocol.

passcode

A one-time authentication string consisting of a user’s

PIN

followed by the user’s

tokencode

.

PEAP

Protected Extensible Authentication Protocol. A two-phase authentication
protocol where (1) an authentication server is authenticated to a supplicant using
a digital certificate and a secure channel is established; and (2) the supplicant is
authenticated to the authentication server through the secure channel.

PIN

Personal Identification Number. The numeric or alphanumeric string that
identifies a user as being authorized for a specific RSA SecurID

token

.

Primary
RADIUS Server

A RADIUS server that acts as the hub for database replication. Compare

Replica

RADIUS Server

.

profile

A record in the RADIUS database describing the

checklist attribute

s and

return list

attribute

s that should be associated with a user or group of users.

RADIUS

Remote Authentication Dial-In User Service. A security administration standard
that functions as an information clearinghouse, storing authentication