Was this page helpful?
Your feedback about this content is important. Let us know what you think.
Additional feedback?
1500 characters remaining
Export (0) Print
Expand All

1.1 Glossary

The following terms are specific to this document:

authentication: The ability of one entity to determine the identity of another entity.

authentication server: The entity that verifies that a person or thing is who or what it claims to be (typically using a cryptographic protocol) and issues a ticket or token attesting to the validity of the claim. The total set of authentication protocol security support providers (SSPs) that are typically available on a Windows server release.

authenticator: The entity requesting the authentication of a peer.

code page: An ordered set of characters of a specific script in which a numerical index (code-point value) is associated with each character. Code pages are a means of providing support for character sets (1) and keyboard layouts used in different countries. Devices such as the display and keyboard can be configured to use a specific code page and to switch from one code page (such as the United States) to another (such as Portugal) at the user's request.

dictionary attack: A technique for defeating an authentication mechanism by systematically searching through a large number of possibilities to deduce shared secrets.

EAP: See Extensible Authentication Protocol (EAP).

EAP method: An authentication mechanism that integrates with the Extensible Authentication Protocol (EAP); for example, EAP-TLS, Protected EAP v0 (PEAPv0), EAP-MSCHAPv2, and so on.

EAP peer: A network access client that is requesting access to a network using EAP as the authentication method

EAP server: The backend authentication server; typically a RADIUS (as specified in [RFC2865]) server.

EAP-CHAP: The Extensible Authentication Protocol for the Microsoft Challenge Handshake Authentication Protocol.

encryption: In cryptography, the process of obscuring information to make it unreadable without special knowledge.

Extensible Authentication Protocol (EAP): A framework for authentication that is used to provide a pluggable model for adding authentication protocols for use in network access authentication, as specified in [RFC3748].

Group Policy: A mechanism that allows the implementer to specify managed configurations for users and computers in an Active Directory service environment.

master session key: A temporary cryptographic key that is used to derive other cryptographic keys to be used to encrypt and decrypt parts of a session-based protocol.

mutual authentication: A mode in which each party verifies the identity of the other party, as described in [RFC3748] section 7.2.1.

peer: The entity being authenticated by the authenticator.

session: A collection of multimedia senders and receivers and the data streams that flow between them. A multimedia conference is an example of a multimedia session.

MAY, SHOULD, MUST, SHOULD NOT, MUST NOT: These terms (in all caps) are used as defined in [RFC2119]. All statements of optional behavior use either MAY, SHOULD, or SHOULD NOT.

© 2015 Microsoft