Glossary :: Encryption in SAS(R) 9.3, Second Edition

block cipher

a type of encryption algorithm that divides a message into blocks and encrypts each block.

Certificate Revocation List

a list of revoked digital certificates. CRLs are published by Certification Authorities (CAs), and a CRL contains only the revoked digital certificates that were issued by a specific CA. Short form: CRL.

Certification Authority

a commercial or private organization that provides security services to the e-commerce market. A Certification Authority creates and maintains digital certificates, which help to preserve the confidentiality of an identity. Microsoft, VeriSign, and Thawte are examples of commercial Certification Authorities.

ciphertext

unintelligible data.

CRL

See Certificate Revocation List.

cryptography

the science of encoding and decoding information to protect its confidentiality.

data security technologies

software features that protect data that is exchanged in client/server data transfers across a network.

DER

See Distinguished Encoding Rules.

digital certificate

an electronic document that binds a public key to an individual or an organization. A digital certificate usually contains a public key, a user's name, an expiration date, and the name of a Certification Authority.

digital signature

a digital code that is appended to a message. The digital signature is used to verify to a recipient that the message was sent by a particular business, organization, or individual, and that the message has not been changed en route. The message can be any kind of file that is transmitted electronically.

Distinguished Encoding Rules

a format that is used for creating SSL files in Windows operating environments. Short form: DER.

PEM

See Privacy Enhanced Mail.

PKCS #12

See Public Key Cryptography Standard #12.

plaintext

intelligible data.

port forwarding

See SSH tunnel.

Privacy Enhanced Mail

a format that is used for creating OpenSSL files. Short form: PEM.

public key

a number that is associated with a specific entity such as an individual or an organization. A public key can be known by everyone who needs to have trusted interactions with that entity. A public key is always associated with a single private key, and can be used to verify digital signatures that were generated using that private key.

Public Key Cryptography Standard #12

a personal information exchange syntax standard. It defines a file format that is used to store private keys with accompanying public-key certificates. Short form: PKCS #12.

public-key cryptography

the science that uses public and private key pairs to protect confidential information. The public key can be known by anyone. The private key is known only to the owner of the key pair. The public key is used primarily for encryption, but it can also be used to verify digital signatures. The private key is used primarily for decryption, but it can also be used to generate a digital signature.

SAS/SECURE

an add-on product that uses the RC2, RC4, DES, and TripleDES encryption algorithms. SAS/SECURE requires a license, and it must be installed on each computer that runs a client and a server that will use the encryption algorithms. SAS/SECURE provides a high level of security.

SASProprietary algorithm

a fixed encoding algorithm that is included with Base SAS software. The SASProprietary algorithm requires no additional SAS product licenses. It provides a medium level of security.

Secure Shell

See SSH.

Secure Sockets Layer

an encryption protocol for securely communicating across the Internet. SSL uses encryption algorithms RC2, RC4, DES, TripleDES, and AES.

SSH

a protocol that enables users to access a remote computer via a secure connection. SSH is available through various commercial products and as freeware. OpenSSH is a free version of the SSH protocol suite of network connectivity tools. Short form: SSH.

SSH tunnel

a secure, encrypted connection between the SSH client, which runs on the same computer as a SAS client, and an SSH server, which runs on the same computer as a SAS server. The SSH client and server act as agents between the SAS client and the SAS server, tunneling information via the SAS client's port to the SAS server's port. Port forwarding is another term for tunneling.

SSL

See Secure Sockets Layer.

SSL (Secure Sockets Layer)

a protocol that provides network security and privacy. SSL uses encryption algorithms RC2, RC4, DES, TripleDES, and AES. SSL provides a high level of security. It was developed by Netscape Communications.

stream cipher

a type of encryption algorithm that encrypts data one byte at a time.

TLS

the successor to Secure Sockets Layer (SSL) V3.0. The Internet Engineering Task Force (IETF) adopted SSL V3.0 as the de facto standard, made some modifications, and renamed it TLS. TLS is virtually SSLV3.1. Short form: TLS.

Transport Layer Security

See TLS.

trust list

a file created by a user that contains the digital certificates for Certification Authorities, if more than one Certification Authority is used.