|
ISO 18014
ISO/IEC 18014 ''Information technology — Security techniques — Time-stamping services'' is an international standard that specifies time-stamping techniques. It comprises four parts: * ''Part 1: Framework'' * ''Part 2: Mechanisms producing independent tokens'' * ''Part 3: Mechanisms producing linked tokens'' * ''Part 4: Traceability of time sources'' Part 1: Framework In this first part of ISO/IEC 18014, several things are explained and developed: * The identification of the objectives of a time authority. * The description of a general model on which time stamping services are based. * The definition of time stamping services. * The definition of the basic protocols of time stamping. * The specifications of the protocols between the involved entities. Key words: audit, non-repudiation, security, time-stamp Part 2: Mechanisms producing independent tokens A time-stamping service provides evidence that a data item existed before a certain point in time. Time-stamp se ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Timestamp
A timestamp is a sequence of characters or encoded information identifying when a certain event occurred, usually giving date and time of day, sometimes accurate to a small fraction of a second. Timestamps do not have to be based on some absolute notion of time, however. They can have any epoch, can be relative to any arbitrary time, such as the power-on time of a system, or to some arbitrary time in the past. A distinction is sometimes made between the terms datestamp, timestamp and date-timestamp: * Datestamp or DS: A date, for example -- according to ISO 8601 * Timestamp or TS: A time of day, for example :: using 24-hour clock * Date-timestamp or DTS: Date and time, for example --, :: History The term "timestamp" derives from rubber stamps used in offices to stamp the current date, and sometimes time, in ink on paper documents, to record when the document was received. Common examples of this type of timestamp are a postmark on a letter or the "in" and "out" times on a ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
International Standard
An international standard is a technical standard developed by one or more international standards organizations. International standards are available for consideration and use worldwide. The most prominent such organization is the International Organization for Standardization (ISO). Other prominent international standards organizations including the International Telecommunication Union (ITU) and the International Electrotechnical Commission (IEC). Together, these three organizations have formed the World Standards Cooperation alliance. Purpose International standards can be applied directly or adapted to meet local conditions. When adopted, they lead to the creation of national standards that are either equivalent to or largely align with the international standards in technical content, though they may have: (i) editorial variations, such as differences in appearance, the use of symbols, measurement units, or the choice of a point over a comma as the decimal marker, and (ii) va ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Audit
An audit is an "independent examination of financial information of any entity, whether profit oriented or not, irrespective of its size or legal form when such an examination is conducted with a view to express an opinion thereon." Auditing also attempts to ensure that the books of accounts are properly maintained by the concern as required by law. Auditors consider the propositions before them, obtain evidence, roll forward prior year working papers, and evaluate the propositions in their auditing report. Audits provide third-party assurance to various stakeholders that the subject matter is free from material misstatement. The term is most frequently applied to audits of the financial information relating to a legal person. Other commonly audited areas include: secretarial and compliance, internal controls, quality management, project management, water management, and energy conservation. As a result of an audit, stakeholders may evaluate and improve the effectiveness of ris ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Non-repudiation
In law, non-repudiation is a situation where a statement's author cannot successfully dispute its authorship or the validity of an associated contract. The term is often seen in a legal setting when the authenticity of a signature is being challenged. In such an instance, the authenticity is being "repudiated". For example, Mallory buys a cell phone for $100, writes a paper cheque as payment, and signs the cheque with a pen. Later, she finds that she can't afford it, and claims that the cheque is a forgery. The signature guarantees that only Mallory could have signed the cheque, and so Mallory's bank must pay the cheque. This is non-repudiation; Mallory cannot repudiate the cheque. In practice, pen-and-paper signatures are not hard to forge, but digital signatures can be very hard to break. In security In general, ''non-repudiation'' involves associating actions or changes with a unique individual. For example, a secure area may use a key card access system where non-repudia ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Security
Security is protection from, or resilience against, potential harm (or other unwanted coercion). Beneficiaries (technically referents) of security may be persons and social groups, objects and institutions, ecosystems, or any other entity or phenomenon vulnerable to unwanted change. Security mostly refers to protection from hostile forces, but it has a wide range of other senses: for example, as the absence of harm (e.g., freedom from want); as the presence of an essential good (e.g., food security); as resilience against potential damage or harm (e.g. secure foundations); as secrecy (e.g., a secure telephone line); as containment (e.g., a secure room or cell); and as a state of mind (e.g., emotional security). Security is both a feeling and a state of reality. One might feel secure when one is not actually so; or might feel insecure despite being safe. This distinction is usually not very clear to express in the English language. The term is also used to refer to acts ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Time Stamp
A timestamp is a sequence of characters or encoded information identifying when a certain event occurred, usually giving date and time of day, sometimes accurate to a small fraction of a second. Timestamps do not have to be based on some absolute notion of time, however. They can have any epoch, can be relative to any arbitrary time, such as the power-on time of a system, or to some arbitrary time in the past. A distinction is sometimes made between the terms datestamp, timestamp and date-timestamp: * Datestamp or DS: A date, for example -- according to ISO 8601 * Timestamp or TS: A time of day, for example :: using 24-hour clock * Date-timestamp or DTS: Date and time, for example --, :: History The term "timestamp" derives from rubber stamps used in offices to stamp the current date, and sometimes time, in ink on paper documents, to record when the document was received. Common examples of this type of timestamp are a postmark on a letter or the "in" and "out" times on a ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Access Token
In computer systems, an access token contains the security credentials for a login session and identifies the user, the user's groups, the user's privileges, and, in some cases, a particular application. In some instances, one may be asked to enter an access token (e.g. 40 random characters) rather than the usual password (it therefore should be kept secret just like a password). Overview An ''access token'' is an object encapsulating the security identity of a process or thread. A token is used to make security decisions and to store tamper-proof information about some system entity. While a token is generally used to represent only security information, it is capable of holding additional free-form data that can be attached while the token is being created. Tokens can be duplicated without special privilege, for example to create a new token with lower levels of access rights to restrict the access of a launched application. An access token is used by Windows when a process or th ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Cryptography
Cryptography, or cryptology (from "hidden, secret"; and ''graphein'', "to write", or ''-logy, -logia'', "study", respectively), is the practice and study of techniques for secure communication in the presence of Adversary (cryptography), adversarial behavior. More generally, cryptography is about constructing and analyzing Communication protocol, protocols that prevent third parties or the public from reading private messages. Modern cryptography exists at the intersection of the disciplines of mathematics, computer science, information security, electrical engineering, digital signal processing, physics, and others. Core concepts related to information security (confidentiality, data confidentiality, data integrity, authentication, and non-repudiation) are also central to cryptography. Practical applications of cryptography include electronic commerce, Smart card#EMV, chip-based payment cards, digital currencies, password, computer passwords, and military communications. ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Representation Term
A representation term is a word, or a combination of words, that semantically represent the data type (value domain) of a data element. A representation term is commonly referred to as a ''class word'' by those familiar with data dictionaries. ISO/IEC 11179-5:2005 defines ''representation term'' as a ''designation of an instance of a representation class'' As used in ISO/IEC 11179, the representation term is that part of a data element name that provides a semantic pointer to the underlying data type. A '' Representation class'' is a class of representations. This ''representation class'' provides a way to classify or group data elements. A ''Representation Term'' may be thought of as an attribute of a data element in a metadata registry that classifies the data element according to the type of data stored in the data element. Representation terms are typically "approved" by the organization or standards body using them. For example, the UN publishes its approved list as part ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Data Structure
In computer science, a data structure is a data organization and storage format that is usually chosen for Efficiency, efficient Data access, access to data. More precisely, a data structure is a collection of data values, the relationships among them, and the Function (computer programming), functions or Operator (computer programming), operations that can be applied to the data, i.e., it is an algebraic structure about data. Usage Data structures serve as the basis for abstract data types (ADT). The ADT defines the logical form of the data type. The data structure implements the physical form of the data type. Different types of data structures are suited to different kinds of applications, and some are highly specialized to specific tasks. For example, Relational database, relational databases commonly use B-tree indexes for data retrieval, while compiler Implementation, implementations usually use hash tables to look up Identifier (computer languages), identifiers. Data s ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Cryptography Standards
There are a number of standards related to cryptography. Standard algorithms and protocols provide a focus for study; standards for popular applications attract a large amount of cryptanalysis. Encryption standards * Data Encryption Standard (DES, now obsolete) * Advanced Encryption Standard (AES) * RSA the original public key algorithm * OpenPGP Hash standards * MD5 128-bit (obsolete) * SHA-1 160-bit (obsolete) * SHA-2 available in 224, 256, 384, and 512-bit variants * HMAC keyed hash * PBKDF2 Key derivation function (RFC 2898) Digital signature standards * Digital Signature Standard (DSS), based on the Digital Signature Algorithm (DSA) * RSA * Elliptic Curve DSA Public-key infrastructure (PKI) standards * X.509 Public Key Certificates Wireless Standards * Wired Equivalent Privacy (WEP), severely flawed and superseded by WPA * Wi-Fi Protected Access (WPA) better than WEP, a 'pre-standard' partial version of 802.11i * 802.11i a.k.a. WPA2, uses AES and other improvements o ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
