Terminology
-
National Institute of Standards and Technology *
(NIST) A division of the United States Department of Commerce that publishes official standards for both government and private sector computer systems. These standards are published as Federal Information Processing Standards(FIPS) publications. In 1987, NIST was directed to define standards for ensuring the security of sensitive but unclassified information in government computer systems.
*http://msdn.microsoft.com/library/default.asp?url=/library/en-us/secgloss/security/security_glossary.asp -
Negotiate
A security support provider (SSP) that acts as an application layer between Security Support Provider Interface (SSPI) and the other SSPs. When an application calls into SSPI to log on to a network, it can specify an SSP to process the request. If the application specifies Negotiate, Negotiate analyzes the request and picks the best SSP to handle the request based on customer-configured security policy.
-
Nonce
A randomly generated value used to defeat "replay" attacks.
-
Nonrepudiation
The ability to identify users who performed certain actions, thus irrefutably countering any attempts by a user to deny responsibility. For example, a system may log the ID of a user whenever a file is deleted.