The Security Lexicon
IDEA (International Data Encryption Algorithm)
is a block cipher of 64-bit with a 128-bit key and 8 iterative rounds. IDEA has a large class of weak keys (251) but is generally considered as the best and more secure block cipher. This algorithm is patented by ASCOM ltd.IEEE P1363
is the standard for implementation of RSA, Diffie-Hellman , etc.IETF
The Internet Engineering Task Force is the standardization body for Internet protocol standards. Its security area working groups specify means for incorporating security into the Internet's layered protocols. Examples include IP layer security (IPSec), transport layer security (TLS), Domain Name System security (DNSsec) and Generic Security Service API (GSS-API).IF -(based cryptography)
is a general term used to talk about cryptographic algorithms which security relies on the difficulty of the Integer Factorization problem.iKP (Internet Keyed Payment Protocol)
is an architecture dedicated to secure payments with three parties: The buyer, the seller, and the "acquirer." This third party often is a bank, or a credit card organism. It authorizes the transaction.It was designed by IBM.
IPsec (IP secure)
is a standard to secure IP communication. It operates under the transport layer thus being transparent to the applications. It adds two dedicated headers: the Authentication Header and the Encapsulating Security Payload to the cipher IP packet. It uses standard algorithms such as DES, SHA-1, and MD5. The current version is 6.0Impersonation
is the acting as another person for instance signing messages as one another or decrypting messages intended for another one.Information Technology Security Evaluation Criteria (ITSEC)
are English, German, French, and Dutch "standards" for security evaluation of Information Technology systems or product. They define several degrees of rigor for the testing and the levels of assurance that each confers. These standards move to an international ISO standard the Common Criteria for Information Technology Security Evaluation.ISO 10536
is the main standard for close-coupled contactless smart cards (cards work at a very short distance from the reader i.e. less than 1 cm) .ISO 14443
is the main standard for proximity contactless smart cards (cards work at a distance to the reader up to 20cm).ISO 15408
see CCISO 15693
is the main standard for vicinity contactless smart cards cards (cards work at a distance over 10cm, up to about 70cm).ISO 17799
is one main security standard. It is a comprehensive set of controls comprising best practices in information security. It encompasses Business Continuity Planning, System Access Control, System Development and Maintenance, Physical and Environmental Security, Compliance, Personnel Security, Security Organization,Computer & Network Management, Asset Classification and Control and Security Policy.ISO 27005
is the security standard dedicated to risk assessment and risk management for IT systems.ISO 7816
is the international standard for integrated circuit cards (smartcards) with contacts. It is comprised of 10 parts. The four main parts are the following:- Part 1: Physical characteristics (ISO/IEC 7816 -1:1987, Revised edition March 1998) defines the physical dimensions of contact smartcards, location of the magnetic stripe and embossing area and how much mechanical and electromagnetic stress the card must be able to withstand.
- Part 2: Dimensions and Locations of Contacts (ISO/IEC 7816-2:1988, Revised edition 1999) defines the location, purpose and electrical characteristics of the metallic contacts.
- Part 3: Electronic Signals and Transmission Protocols (ISO/IEC 7816-3:1997) defines the voltage and current requirements for electrical contacts and an asynchronous half-duplex character transmission protocol (T=0). Amendment 1 (1992): Protocol T=1, an asynchronous half duplex block transmission protocol; Amendment 2 (1994): Revision of Protocol Type Selection; Amendment 3 (1998): Introduction of 3 Volt ICCs.
- Part 4: Inter-Industry Commands for Interchange (ISO 7816-4:1995) establishes a set of commands for CPU cards across all industries to provide access, security and transmission of data. Amendment 1 (1997): Revision Secure Messaging.