Terminology
-
Lightweight Directory Access Protocol (LDAp)
A more easily implemented subset of the X.500 DAP standard for directory services.
* http://msdn.microsoft.com/library/default.asp?url=/library/en-us/secgloss/security/security_glossary.asp -
Little endian
A memory or data format in which the least significant byte is stored at the lower address or arrives first.
-
Local registration authority
(LRA) An intermediary between a publisher and a certification authority (CA). The LRA can, for example, verify a publisher`s credentials before sending them to the CA.
-
Local Security Authority
(LSA) A protected subsystem that authenticates and logs users onto the local system. LSA also maintains information about all aspects of local security on a system, collectively known as the Local Security Policy of the system.
-
Locally unique identifier
(LUID) A 64-bit value that is guaranteed to be unique on the operating system that generated it until the system is restarted.
-
Logon data
Information presented to the system by a security principal for authentication.
-
Logon identifier
An LUID that identifies a logon session. A logon ID is valid until the user logs off. A logon ID is unique while the computer is running; no other logon session will have the same logon ID. However, the set of possible logon IDs is reset when the computer starts up. To retrieve the logon ID from an access token, call the GetTokenInformation function for TokenStatistics; the logon ID is in the AuthenticationId member.
-
Logon session
A logon session begins whenever a user logs on to a computer. All processes in a logon session have the same primary access token. The access token contains information about the security context of the logon session, including the user`s SID, the logon identifier, and the logon SID.
-
Logon SID
A security identifier (SID) that identifies a logon session. You can use the logon SID in a DACL to control access during a logon session. A logon SID is valid until the user logs off. A logon SID is unique while the computer is running; no other logon session will have the same logon SID. However, the set of possible logon SIDs is reset when the computer starts up. To retrieve the logon SID from an access token, call the GetTokenInformation function for TokenGroups.
-
Low-level message functions
Message management functions that operate at a higher level than the base cryptographic functions. These functions provide functionality for encoding data for transmission and for decoding data that has been received. Low-level message functions provide more flexibility than simplified message functions, but require more function calls.