履歴
11/19/2000 オリジナル
11/21/2000 抜け及び短縮形欄を追加
2/9/2001 2000年度成果版原案
3/1/2001 2000年度成果版
o Paragraph Marking: Definitions and explanations are stated in
paragraphs that are marked as follows:
- "I" identifies a RECOMMENDED Internet definition.
- "N" identifies a RECOMMENDED non-Internet definition.
- "O" identifies a definition that is not recommended as the first
choice for Internet documents but is something that authors of
Internet documents need to know.
- "D" identifies a term or definition that SHOULD NOT be used in
Internet documents.
- "C" identifies commentary or additional usage guidance.
原語 訳語 意味(英語) 意味(日本語) 出典
822 822 See: RFC 822 RFC1983
1822 1822 BBN Report 1822, "The Specification of RFC791
the Interconnection of a Host and an
IMP". The specification of interface
between a host and the ARPANET.
1822 1822 BBN Report 1822, "The Specification of RFC793
the Interconnection of a Host and an
IMP". The specification of interface
between a host and the ARPANET.
(Computer) Account (計算機の)アカウン This term describes the authorization to RFC2504
ト access a specificcomputer system or
network. Each end-user has to use an
account,which consists most probably of
a combination of user name andpassword
or another means of proving that the
end-user is theperson the account is
assigned to.
(Media) stream (メディア)ストリーム A single media instance, e.g., an audio RFC2326
stream or a videostream as well as a
single whiteboard or shared
applicationgroup. When using RTP, a
stream consists of all RTP and
RTCPpackets created by a source within
an RTP session. This isequivalent to the
A person of a DSM-CC stream.
(Service Call) Party (サービス呼)パーテ definition who is involved in a telephone RFC2848
ィ network call that results from the
execution of a PINT service request, or a
telephone network-based resource that
is involved (such as an automatic Fax
Sender or a Text-to-Speech Unit).
(SIP) transaction (SIP)トランザクショ A SIP transaction occurs between a RFC2543
ン client and a server and comprises all
messages from the first request sent
from the client to the server up to a final
(non-1xx) response sent from the server
to the client. A transaction is identified
by the CSeq sequence number (Section
6.17) within a single call leg. The ACK
request has the same CSeq number as
the corresponding INVITE request, but
comprises a transaction of its own.
*-property *-特性 (N) (Pronounced "star property".) See: RFC2824
"confinement property"
under Bell-LaPadula Model.
:-) :-) This odd symbol is one of the ways a RFC1983
person can portray "mood" in the very
flat medium of computers--by using
"smiley faces". This is
"metacommunication", and there are
literally hundreds of such symbols, from
the obvious to the obscure. This
particular example expresses
"happiness". Don't see it? Tilt your
head to the left 90 degrees. Smiles are
also used to denote sarcasm. [Source:
[simple] node [単純]節 A monomedia object which may be RFC1614
retrieved and displayed as a single unit.
復帰改行 The characters carriage return and line RFC821
feed (in that order).
空白 The space character. RFC821
10Base2 10Base2 A physical layer communications RFC1983
specification for 10Mbps, baseband data
transmission over a coaxial cable
(Thinnet) with a maximum cable segment
length of 200 meters.
10Base5 10Base5 A physical layer communications RFC1983
specification for 10Mbps, baseband data
transmission over a coaxial cable
(Thicknet) with a maximum cable
segment length of 500 meters.
10BaseF 10BaseF A physical layer communications RFC1983
specification for 10Mbps, baseband data
transmission over a fiber-optic cable.
10BaseT 10BaseT A physical layer communications RFC1983
specification for 10Mbps, baseband data
transmission over a twisted-pair copper
wire.
16CIF 16CIF Picture source format with 1408 x 1152 RFC2190
pixels for luminance and 704 x 576 pixels
for chrominance.
3DES 3DES See: triple DES. RFC2824
4CIF 4CIF Picture source format with 704 x 576 RFC2190
pixels for luminance and 352 x 288 pixels
for chrominance.
7bit Data 7ビットデータ 7bit data refers to data that is all RFC2045
represented as relatively short lines with
998 octets or less between CRLF line
separation sequences [RFC-821]. No
octets with decimal values greater than
127 are allowed and neither are NULs
(octets with decimal value 0). CR
(decimal value 13) and LF (decimal value
10) octets only occur as part of CRLF
line separation sequences.
7-bit data 7ビットデータ Text data with lines less than 998 RFC2311
characters long, wherenone of the
characters have the 8th bit set, and
there are no NULLcharacters. and
occur only as part of a
end ofline delimiter.
7-bit data 7ビットデータ Text data with lines less than 998 RFC2633
characters long, where none of the
characters have the 8th bit set, and
there are no NULL characters. and
occur only as part of a
end of line delimiter.
802.x 802.x The set of IEEE standards for the RFC1983
definition of LAN protocols. See also:
8bit Data 8ビットデータ 8bit data refers to data that is all RFC2045
represented as relatively short lines with
998 octets or less between CRLF line
separation sequences [RFC-821]), but
octets with decimal values greater than
127 may be used. As with "7bit data"
CR and LF octets only occur as part of
CRLF line separation sequences and no
NULs are allowed.
8-bit data 8ビットデータ Text data with lines less than 998 RFC2311
characters, and wherenone of the
characters are NULL characters.
and occur onlyas part of a
end of line delimiter.
8-bit data 8ビットデータ Text data with lines less than 998 RFC2633
characters, and where none of the
characters are NULL characters.
and occur only as part of a
end of line delimiter.
A Host or End ホスト又はエンドシス A host delivers/receives IP packets RFC1932
System テム to/from other systems, but does not
relay IP packets.
A Router or ルータ又は中間シス A router delivers/receives IP packets RFC1932
Intermediate System テム to/from other systems, and relays IP
packets among systems.
AA AA See ADMINISTRATIVE AUTHORITY. RFC1330
AAAA Server AAAAサーバ An AAAA Server is a server or servers RFC2881
that provide authentication,
authorization, accounting, and auditing
services. These may be co-located with
the NAS, or more typically, are located
on a separate server and communicate
with the NAS's User Management I
ABA Guidelines ABAガイドライン (N) "American Bar Association RFC2828
(ABA) Digital Signature Guidelines"
[ABA], a framework of legal
principles for using digital
signatures and digital certificates in
electronic commerce.
ABR (available bit 可能ビット率 ABR (available bit rate) uses a complex RFC1821
rate) feedback mechanism to control loss.
Absolute URI, 絶対URI See Relative Uniform Resource Locators RFC2557
AbsoluteURI [RELURL].
abstract service 抽象サービス型 A service type name which is associated RFC2609
type with a variety of different protocols. An
example is given in Section A. Section 2
discusses various ways that abstract
types can be accommodated.
abstract syntax 抽象文法 A description of a data structure that is RFC1208
independent of machine-oriented
structures and encodings.
abstract syntax 抽象文法 A description of a data structure that is RFC1983
independent of machine-oriented
structures and encodings. [Source:
RFC1208]
Abstract Syntax 抽象構文記法1(AS The language used by the OSI protocols RFC1983
Notation One N.1) for describing abstract syntax. This
(ASN.1) language is also used to encode SNMP
packets. ASN.1 is defined in ISO
documents 8824.2 and 8825.2. See also:
Basic Encoding Rules.
Abstract Syntax 抽象構文記法1(AS (N) A standard for describing data RFC2828
Notation One N.1) objects. [X680]
(ASN.1)
(C) OSI standards use ASN.1 to
specify data formats for protocols.
OSI defines functionality in layers.
Information objects at higher
layers are abstractly defined to be
implemented with objects at
lower layers. A higher layer may
define transfers of abstract
objects between computers, and a
lower layer may define transfers
concretely as strings of bits. Syntax
is needed to define abstract
objects, and encoding rules are
needed to transform between
abstract objects and bit strings.
(See: Basic Encoding Rules.)
(C) In ASN.1, formal names are
written without spaces, and
separate words in a name are
indicated by capitalizing the first
letter of each word except the first
word. For example, the name
of a CRL is
"certificateRevocationList".
ABTS_LS ABTS_LS Abort Sequence Protocol - Last RFC2625
Sequence. A protocol for aborting an
exchange based on the ABTS recipient
setting the Last_Sequence bit in the
BA_ACC ELS to the ABTS
ACC ACC See: access control center. RFC2828
Acceptable Use 受け入れ可能使用 Many transit networks have policies RFC1983
Policy (AUP) 方針 which restrict the use to which the
network may be put. For example, some
networks may only be used for non-
commercial purposes. Some AUPs limit
the type of material which can be made
available to the public (e.g., pornographic
material). Enforcement of AUPs varies
with the network. See also: netiquette.
Acceptable Use 受け入れ可能使用 A set of rules and guidelines that specify RFC2504
Policy (AUP) 方針 in more or less detail the expectations in
regard to appropriate use of systems or
networks.
Accept-headers 受け入れヘッダ The request headers: Accept, Accept- RFC2295
Charset, Accept-Language, and Accept-
Features.
access アクセスする (I) The ability and means to RFC2828
communicate with or otherwise
interact with a system in order to
use system resources to either
handle information or gain knowledge
of the information the system
contains.
(O) "A specific type of interaction
between a subject and an
object that results in the flow of
information from one to the
other." [NCS04]
(C) In this Glossary, "access" is
intended to cover any ability to
communicate with a system,
including one-way communication in
either direction. In actual practice,
however, entities outside a
security perimeter that can receive
output from the system but
cannot provide input or otherwise
directly interact with the
system, might be treated as not
having "access" and, therefore, be
exempt from security policy
requirements, such as the need for a
security clearance.
Access Channel アクセスチャネル An access channel generically refers to RFC2954
the DS1/E1 or DS3/E3-based UNI
access channel or NNI access channel
across which frame relay data transits.
An access channel is the access
pathway for a single stream of user data.
Access context アクセス内容 The context, in terms of such variables RFC2820
as location, time of day, level of security
of the underlying associations, etc., in
which an access to a security object is
made.
Access control アクセス制御 The prevention of use of a resource by RFC2820
unidentified and/or unauthorized entities
in any other that an authorized manner.
access control アクセス制御 (I) Protection of system resources RFC2828
against unauthorized access; a
process by which use of system
resources is regulated according to
a security policy and is permitted by
only authorized entities
(users, programs, processes, or
other systems) according to that
policy. (See: access, access control
service.)
(O) "The prevention of unauthorized
use of a resource, including
the prevention of use of a resource
in an unauthorized manner."
[I7498 Part 2]
access control アクセス制御センタ (I) A computer containing a database RFC2828
center (ACC) with entries that define a
security policy for an access control
service.
(C) An ACC is sometimes used in
conjunction with a key center to
implement access control in a key
distribution system for
symmetric cryptography.
Access control list アクセス制御リスト A set of control attributes. It is a list, RFC2820
associated with a security object or a
group of security objects. The list
contains the names of security subjects
and the type of access that may be
granted.
Access Control List アクセス制御リスト Most network security systems operate RFC1983
(ACL) by allowing selective use of services. An
Access Control List is the usual means
by which access to, and denial of,
services is controlled. It is simply a list
of the services available, each with a list
of the hosts permitted to use the service.
access control list アクセス制御リスト A set of identifier, rights pairs associated RFC2244
(ACL) with an object. An ACL is used to
determine which operations a user is
permitted to perform on that object. See
section 3.5.
access control list アクセス制御リスト (I) A mechanism that implements access RFC2828
(ACL) control for a system
resource by enumerating the
identities of the system entities that
are permitted to access the
resource. (See: capability.)
Access control アクセス制御方針 A set of rules, part of a security policy, RFC2820
policy by which human users, or their
representatives, are authenticated and
by which access by these users to
applications and other services and
security objects is granted or denied.
access control アクセス制御サービ (I) A security service that protects RFC2828
service ス against a system entity using
a system resource in a way not
authorized by the system's security
policy; in short, protection of system
resources against
unauthorized access. (See: access
control, discretionary access
control, identity-based security
policy, mandatory access control,
rule-based security policy.)
(C) This service includes protecting
against use of a resource in
an unauthorized manner by an entity
that is authorized to use the
resource in some other manner. The
two basic mechanisms for
implementing this service are ACLs
and tickets.
access controls アクセス制御 Access controls define users' access RFC959
privileges to the use of a system, and to
the files in that system. Access controls
are necessary to prevent unauthorized or
accidental use of files. It is the
prerogative of a server-FTP process to
invoke access controls.
Access Gateway アクセス A type of gateway that provides a User RFC2885
to Network Interface (UNI) such as ISDN.
access mode アクセスモード (I) A distinct type of data processing RFC2828
operation--e.g., read,
write, append, or execute--that a
subject can potentially perform
on an object in a computer system.
Access port アクセスポート An interface on a switch that attaches to RFC2643
a user endstation.
Access Rate アクセス率 The data rate of the access channel, RFC2954
expressed in bits/second. The speed of
the user access channel determines how
rapidly the end user can inject data into
the network.
Access Server アクセスサーバ Any network device which accepts RFC2217
Telnet sessions and passes the data
received to a com port, and passes data
received from the com port to the client
via the Telnet session.
Account アカウント See (Computer) Account RFC2504
accountability 説明責任 (I) The property of a system RFC2828
(including all of its system
resources) that ensures that the
actions of a system entity may be
traced uniquely to that entity, which
can be held responsible for
its actions. (See: audit service.)
(C) Accountability permits detection
and subsequent investigation
of security breaches.
Accounting アカウンティング Accounting refers to the tracking of the RFC2881
consumption of NAS resources by users.
This information may be used for
management, planning, billing, or other
purposes. Real-time accounting refers
to accounting information that is
delivered concurrently with t
Accounting アカウンティング The act of collecting information on RFC2977
resource usage for the purpose of trend
analysis, auditing, billing, or cost
Accounting proxy アカウンティング Accounting proxies may be deployed RFC2477
within the roaming architecture for
several purposes, including accounting
forwarding, reliability improvement,
auditing, and "pseudo-transactional"
capability. To the NAS, the accounting
proxy appears to act as an accounting
server; to the accounting server, the
proxy appears to act as an accounting
client.
Accounting server アカウンティングサ This is a server which provides for RFC2477
ーバ accounting within the roaming
architecture.
Accounting Server アカウンティングサ A network element that accepts Usage RFC2924
ーバ Events from Service Elements. It acts as
an interface to back-end rating, billing,
and operations support systems.
accredit, 認定する,認定 (I) An administrative declaration by a RFC2828
accreditation designated authority that
an information system is approved to
operate in a particular
security configuration with a
prescribed set of safeguards.
[FP102] (See: certification.)
(C) An accreditation is usually based
on a technical certification
of the system's security
mechanisms. The terms "certification"
and
"accreditation" are used more in the
U.S. Department of Defense
and other government agencies than
in commercial organizations.
However, the concepts apply any
place where managers are required
to deal with and accept
responsibility for security risks. The
American Bar Association is
developing accreditation criteria for
CAs.
ACK ACK See: Acknowledgment RFC1983
ACK ACK A control bit (acknowledge) occupying no RFC793
sequence space, which indicates that the
acknowledgment field of this segment
specifies the next sequence number the
sender of this segment is expecting to
receive, hence acknowledging receipt of
all previous sequence numbers.
acknowledgment ACK A type of message sent to indicate that RFC1983
(ACK) a block of data arrived at its destination
without error. See also: Negative
Acknowledgement. [Source: NNSC]
ACL ACL Access Control List; a mechanism to RFC1943
restrict access to data stored in an
X.500 Directory Service
ACL ACL See: Access Control List RFC1983
ACL ACL an Access Control List: a list of entries RFC2693
that anchors a certificate chain.
Sometimes called a "list of root keys",
the ACL is the source of empowerment
for certificates. That is, a certificate
communicates power from its issuer to
its subject, but the ACL is the source of
that power (since it theoretically has the
owner of the resource it controls as its
implicit issuer). An ACL entry has
potentially the same content as a
certificate body, but has no Issuer (and is
not signed). There is most likely one ACL
for each resource owner, if not for each
controlled resource.
ACL ACL See: access control list. RFC2828
acquirer 取得者 (N) SET usage: "The financial institution RFC2828
that establishes an
account with a merchant and
processes payment card authorizations
and payments." [SET1]
(O) "The institution (or its agent)
that acquires from the card
acceptor the financial data relating
to the transaction and
initiates that data into an
interchange system." [SET2]
ACSE ACSE Association Control Service Element. RFC1208
The method used in OSIfor establishing a
call between two applications. Checks
the identities and contexts of the
application entities, and could apply an
authentication security check.
Activation 活性化 A process in which a mobile station and RFC2636
network become programmed so that a
mobile station becomes operable and can
be used for cellular service once
authorized by the service provider.
Activation 活性化 A process in which a mobile station and RFC2637
network become programmed so that a
mobile station becomes operable and can
be used for cellular service once
authorized by the service provider.
Activation data 活性化データ Data values, other than keys, that are RFC2527
required to operate cryptographic
modules and that need to be protected
(e.g., a PIN, a passphrase, or a manually-
held key share).
Active Attack アクティブな攻撃 An attempt to improperly modify data, RFC1704
gain authentication, or gain authorization
active attack アクティブな攻撃 See: (secondary packets under) data
by inserting false definitioninto the attack. RFC2828
Active destination アクティブな転送先 A transport address on a peer endpoint RFC2960
transport address 番地 which a transmitting endpoint considers
available for receiving user messages.
Active Multicast IS アクティブなマルチ The one multicast capable IS selected RFC1768
キャストIS (via means outside of this specification)
to originate Multicast Address Mapping
information on a particular subnetwork.
Active Router アクティブなルータ the router that is currently forwarding RFC2281
packets for the virtual router
active wiretapping アクティブなワイアタ See: (secondary definition under) RFC2828
ッピング wiretapping.
AD AD See: Administrative Domain RFC1983
ADDMD ADDMD See ADMINISTRATIVE DIRECTORY RFC1330
MANAGEMENT DOMAIN.
add-on security 追加セキュリティ (I) "The retrofitting of protection RFC2828
mechanisms, implemented by
hardware or software, after the
[automatic data processing] system
has become operational." [FP039]
address 番地 an IP-layer identifier for an interface or a RFC1971
set of interfaces.
address 番地 an IPv6-layer identifier for an interface RFC1981
or a set of interfaces.
address 番地 There are four types of addresses in RFC1983
common use within the Internet. They
are email address; IP, internet or Internet
address; hardware or MAC address; and
URL. See also: email address, IP
address, internet address, MAC address,
Uniform Resource Locator.
address 番地 an network layer identifier for an RFC2185
interface or a group of interfaces.
address 番地 an IP-layer identifier for an interface or a RFC2461
set of interfaces.
address 番地 an IP-layer identifier for an interface or a RFC2462
set of interfaces.
Address 番地 This term always refers to a 128-bit IPv6 RFC2894
address [AARCH]. When referring to bits
within an address, they are numbered
from 0 to 127, with bit 0 being the first
bit of the Format Prefix.
Address caching 番地 The number of MAC addresses per n RFC2285
capacity ),
Attribute (mapping ),
and Authorization (mapping
). An SPKI
authorization or attribute certificate can
pass along all the empowerment it has
received from the Issuer or it can pass
along only a portion of that empowerment.
certificate 証明証 (I) General English usage: A RFC2828
document that attests to the truth of
something or the ownership of
something.
certificate 証明証 (C) PKI usage: See: attribute
certificate, public-key certificate.
certificate 証明証 (C) Security usage: See: capability,
digital certificate.
certificate 証明証所有者 (I) NO RECOMMENDED DEFINITION
certificate authority 証明機関 (D) ISDs SHOULD NOT use this RFC2828
term because it looks like sloppy use
of "certification authority", which is
the term standardized by
X.509.
certificate authority 証明機関 (I) NO RECOMMENDED DEFINITION
certificate chain 証明証連鎖 (D) ISDs SHOULD NOT use this RFC2828
term because it duplicates the
meaning of a standardized term.
Instead, use "certification path".
certificate chain 証明証連鎖 (I) NO RECOMMENDED DEFINITION
certificate chain 証明証連鎖の妥当 (D) ISDs SHOULD NOT use this RFC2828
validation 性確認 term because it duplicates the
meaning of standardized terms and
mixes concepts in a potentially
misleading way. Instead, use
"certificate validation" or "path
validation", depending on what is
meant. (See: validate vs.
verify.)
certificate chain 証明証連鎖の妥当 (I) NO RECOMMENDED DEFINITION
validation 性確認
certificate creation 証明証作成 (I) The act or process by which a CA RFC2828
sets the values of a digital
certificate's data fields and signs it.
(See: issue.)
certificate expiration 証明証期限 (I) The event that occurs when a RFC2828
certificate ceases to be valid
because its assigned lifetime has
been exceeded. (See: certificate
revocation, validity period.)
certificate extension 証明証拡張 See: extension. RFC2828
certificate extension 証明証拡張 X.509 defines standard extensions that RFC2828
may be included in v3 certificates to
provide additional key and security
policy information, subject and issuer
attributes, and certification path
constraints.
certificate holder 証明書所持者 (D) ISDs SHOULD NOT use this RFC2828
term as a synonym for the subject of
a digital certificate because the term
is potentially ambiguous.
For example, the term could also
refer to a system entity, such as
a repository, that simply has
possession of a copy of the
certificate. (See: certificate owner.)
certificate holder 証明証所持者 (I) NO RECOMMENDED DEFINITION
certificate 証明証管理 (I) The functions that a CA may RFC2828
management perform during the life cycle of a
digital certificate, including the
following:
- Acquire and verify data items to
bind into the certificate.
- Encode and sign the certificate.
- Store the certificate in a directory
or repository.
- Renew, rekey, and update the
certificate.
- Revoke the certificate and issue a
CRL.
(See: archive management,
certificate management, key management,
security architecture, token
management.)
certificate owner 証明証所有者 (D) ISDs SHOULD NOT use this RFC2828
term as a synonym for the subject of
a digital certificate because the term
is potentially ambiguous.
For example, the term could also
refer to a system entity, such as
a corporation, that has acquired a
certificate to operate some
other entity, such as a Web server.
(See: certificate holder.)
certificate path 証明証経路 (C) In the X.509 quotation in the
previous "C" paragraph, the word
"particular" points out that a
certification path that can be
validated by one certificate user
might not be able to be
validated by another. That is
because either the first certificate
should be a trusted certificate (it
might be a root certificate)
or the signature on the first
certificate should be verified by a
trusted key (it might be a root key),
but such trust is defined
relative to each user, not absolutely
for all users.
certificate path 証明証経路 (C) The path is the "list of
certificates needed to allow a
particular user to obtain the public
key of another." [X509] The
list is "linked" in the sense that the
digital signature of each
certificate (except the first) is
verified by the public key
contained in the preceding
certificate; i.e., the private key used
to sign a certificate and the public
key contained in the
preceding certificate form a key pair
owned by the entity that
signed.
certificate path 証明証経路 (O) "An ordered sequence of
certificates of objects in the [X.500
Directory Information Tree] which,
together with the public key of
the initial object in the path, can be
processed to obtain that of
the final object in the path." [X509,
R2527]
certificate policy 証明証方策 A named set of rules that indicates the RFC2527
applicability of a certificate to a
particular community and/or class of
application with common security
requirements. For example, a particular
certificate policy might indicate
applicability of a type of certificate to
the authentication of electronic data
interchange transactions for the trading
of goods within a given price range.
certificate policy 証明証方策 (I) "A named set of rules that RFC2828
indicates the applicability of a
certificate to a particular community
and/or class of application
with common security
requirements." [X509] (See: certification
practice statement.)
certificate policy 証明証方策 (C) A certificate policy can help a
certificate user decide
whether a certificate should be
trusted in a particular
application. "For example, a
particular certificate policy might
indicate applicability of a type of
certificate for the
authentication of electronic data
interchange transactions for the
trading goods within a given price
range." [R2527]
certificate policy 証明証方策 (C) A v3 X.509 public-key certificate
may have a
"certificatePolicies" extension that
lists certificate policies,
recognized by the issuing CA, that
apply to the certificate and
govern its use. Each policy is
denoted by an object identifier and
may optionally have certificate policy
qualifiers.
certificate policy 証明証方策
(C) SET usage: Every SET
certificate specifies at least one
certificate policy, that of the SET
root CA. SET uses certificate
policy qualifiers to point to the
actual policy statement and to
add qualifying policies to the root
policy. (See: SET qualifier.)
certificate policy 証明証方策修飾子 (I) Information that pertains to a RFC2828
qualifier certificate policy and is
included in a "certificatePolicies"
extension in a v3 X.509
public-key certificate.
certificate 証明証再活性化 (I) The act or process by which a RFC2828
reactivation digital certificate, which a CA
has designated for revocation but
not yet listed on a CRL, is
returned to the valid state.
certificate rekey 証明証再施錠 (I) The act or process by which an RFC2828
existing public-key certificate
has its public key value changed by
issuing a new certificate with
a different (usually new) public key.
(See: certificate renewal,
certificate update, rekey.)
certificate reky 証明証再施錠 (C) For an X.509 public-key
certificate, the essence of rekey is
that the subject stays the same and
a new public key is bound to
that subject. Other changes are
made, and the old certificate is
revoked, only as required by the PKI
and CPS in support of the
rekey. If changes go beyond that, the
process is a "certificate
update".
certificate reky 証明証再施錠 (O) MISSI usage: To rekey a MISSI
X.509 public-key certificate
means that the issuing authority
creates a new certificate that is
identical to the old one, except the
new one has a new, different
KEA key; or a new, different DSS
key; or new, different KEA and
DSS keys. The new certificate also
has a different serial number
and may have a different validity
period. A new key creation date
and maximum key lifetime period are
assigned to each newly
generated key. If a new KEA key is
generated, that key is assigned
a new KMID. The old certificate
remains valid until it expires,
but may not be further renewed,
rekeyed, or updated.
certificate renewal 証明証更新 (I) The act or process by which the RFC2828
validity of the data binding
asserted by an existing public-key
certificate is extended in time
by issuing a new certificate. (See:
certificate rekey, certificate
update.)
certificate renewal 証明証更新 (C) For an X.509 public-key
certificate, this term means that the
validity period is extended (and, of
course, a new serial number
is assigned) but the binding of the
public key to the subject and
to other data items stays the same.
The other data items are
changed, and the old certificate is
revoked, only as required by
the PKI and CPS to support the
renewal. If changes go beyond that,
the process is a "certificate rekey"
or "certificate update".
certificate request 証明証要求 (D) ISDs SHOULD NOT use this RFC2828
term because it looks like imprecise
use of a term standardized by PKCS
#10 and used in PKIX. Instead,
use the standard term, "certification
request".
certificate 証明証廃止 (I) The event that occurs when a CA RFC2828
revocation declares that a previously
valid digital certificate issued by that
CA has become invalid;
usually stated with a revocation date.
certificate 証明証廃止 (C) In X.509, a revocation is
revocation announced to potential certificate
users by issuing a CRL that
mentions the certificate. Revocation
and listing on a CRL is only
necessary before certificate
expiration.
Certificate 証明証廃止リスト(C A type that contains information about RFC2632
Revocation List RL) certificates whose validity an issuer has
(CRL) prematurely revoked. The information
consists of an issuer name, the time of
issue, the next scheduled time of issue, a
list of certificate serial numbers and their
associated revocation times, and
extensions as defined in [KEYM]. The
CRL is signed by the issuer. The type
intended by this specification is the one
defined in [KEYM].
Certificate 証明証廃止リスト(C (I) A data structure that enumerates RFC2828
Revocation List RL) digital certificates that
(CRL) have been invalidated by their issuer
prior to when they were
scheduled to expire. (See: certificate
expiration, X.509
certificate revocation list.)
Certificate 証明証廃止リスト(C (O) "A signed list indicating a set of
Revocation List RL) certificates that are no
(CRL) longer considered valid by the
certificate issuer. After a
certificate appears on a CRL, it is
deleted from a subsequent CRL
after the certificate's expiry. CRLs
may be used to identify
revoked public-key certificates or
attribute certificates and may
represent revocation of certificates
issued to authorities or to
users. The term CRL is also
commonly used as a generic term
applying to all the different types of
revocation lists, including
CRLs, ARLs, ACRLs, etc." [FPDAM]
certificate 証明証廃止木 (I) A mechanism for distributing RFC2828
revocation tree notice of certificate
revocations; uses a tree of hash
results that is signed by the
tree's issuer. Offers an alternative to
issuing a CRL, but is not
supported in X.509. (See: certificate
status responder.)
certificate serial 証明証通し番号 (I) An integer value that (a) is RFC2828
number associated with, and may be
carried in, a digital certificate; (b) is
assigned to the
certificate by the certificate's issuer;
and (c) is unique among
all the certificates produced by that
issuer.
certificate serial 証明証通し番号 (O) "An integer value, unique within
number the issuing CA, which is
unambiguously associated with a
certificate issued by that CA."
[X509]
certificate status 証明証状態応答者 (N) FPKI usage: A trusted on-line RFC2828
responder server that acts for a CA to
provide authenticated certificate
status information to
certificate users. [FPKI] Offers an
alternative to issuing a CRL,
but is not supported in X.509. (See:
certificate revocation tree.)
certificate status 証明証状態応答者 (I) NO RECOMMENDED DEFINITION
responder
certificate update 証明証更新 (I) The act or process by which non- RFC2828
key data items bound in an
existing public-key certificate,
especially authorizations granted
to the subject, are changed by
issuing a new certificate. (See:
certificate rekey, certificate renewal.)
certificate update 証明証更新 (C) For an X.509 public-key
certificate, the essence of this
process is that fundamental changes
are made in the data that is
bound to the public key, such that it
is necessary to revoke the
old certificate. (Otherwise, the
process is only a "certificate
rekey" or "certificate renewal".)
certificate user
certificate update 証明証更新 (C) The system entity may be a
human being or an organization, or
a device or process under the
control of a human or an
organization.
certificate update 証明証更新 (D) ISDs SHOULD NOT use this
term as a synonym for the "subject"
of a certificate.
certificate update 証明証更新 (I) A system entity that depends on
the validity of information
(such as another entity's public key
value) provided by a digital
certificate. (See: relying party.)
certificate update 証明証更新 (O) "An entity that needs to know,
with certainty, the public key
of another entity." [X509]
certificate validation 証明証妥当性検証 (I) An act or process by which a RFC2828
certificate user establishes that
the assertions made by a digital
certificate can be trusted. (See:
valid certificate, validate vs. verify.)
certificate validation 証明証妥当性検証 (C) To validate a certificate, a
certificate user checks that the
certificate is properly formed and
signed and currently in force:
- Checks the signature: Employs
the issuer's public key to verify
the digital signature of the CA who
issued the certificate in
question. If the verifier obtains the
issuer's public key from
the issuer's own public-key
certificate, that certificate
should be validated, too. That
validation may lead to yet
another certificate to be validated,
and so on. Thus, in
general, certificate validation
involves discovering and
validating a certification path.
- Checks the syntax and semantics:
Parses the certificate's
syntax and interprets its
semantics, applying rules specified
for and by its data fields, such as
for critical extensions in
an X.509 certificate.
- Checks currency and revocation:
Verifies that the certificate
certificate validation 証明証妥当性検証 (O) "The process of ensuring that a
certificate is valid including
possibly the construction and
processing of a certification path,
and ensuring that all certificates in
that path have not expired
or been revoked." [FPDAM]
certificate 証明証廃止リスト A type that contains information RFC2315
revocationList aboutcertificates whose validity an issuer
has prematurely revoked. Theinformation
consists of an issuer name, the time of
issue, the nextscheduled time of issue,
and a list of certificate serial numbers
andtheir associated revocation times.
The CRL is signed by the issuer.The type
intended by this document is the one
defined RFC 1422.
certificate serial 証明証通し番号 A type that uniquely identifies RFC2315
number acertificate (and thereby an entity and a
public key) among thosesigned by a
particular certificate issuer. This type is
defined inX.509.
certification 証明 (I) Information system usage: RFC2828
Technical evaluation (usually made
in support of an accreditation action)
of an information system's
security features and other
safeguards to establish the extent to
which the system's design and
implementation meet specified
security requirements. [FP102] (See:
accreditation.)
certification 証明 (I) Digital certificate usage: The act
or process of vouching for
the truth and accuracy of the
binding between data items in a
certificate. (See: certify.)
certification 証明 (I) Public key usage: The act or
process of vouching for the
ownership of a public key by issuing
a public-key certificate that
binds the key to the name of the
entity that possesses the
matching private key. In addition to
binding a key to a name, a
public-key certificate may bind
those items to other restrictive
or explanatory data items. (See:
X.509 public-key certificate.)
certification 証明 (O) SET usage: "The process of
ascertaining that a set of
requirements or criteria has been
fulfilled and attesting to that
fact to others, usually with some
written instrument. A system
that has been inspected and
evaluated as fully compliant with the
SET protocol by duly authorized
parties and process would be said
to have been certified compliant."
[SET2]
certification 証明機関 An authority trusted by one or more RFC1507
authority principals to create and assign
Certification 証明機関(CA) (I) An entity that issues digital RFC2828
Authority (CA) certificates (especially X.509
certificates) and vouches for the
binding between the data items
in a certificate.
Certification 証明機関(CA) (C) Certificate users depend on the
Authority (CA) validity of information
provided by a certificate. Thus, a CA
should be someone that
certificate users trust, and usually
holds an official position
created and granted power by a
government, a corporation, or some
other organization. A CA is
responsible for managing the life
cycle of certificates (see: certificate
management) and, depending
on the type of certificate and the
CPS that applies, may be
responsible for the life cycle of key
pairs associated with the
certificates (see: key management).
Certification 証明機関(CA) (O) "An authority trusted by one or
Authority (CA) more users to create and
assign certificates. Optionally, the
certification authority may
create the user's keys." [X509]
Certification 証明機関ワークステ (I) A computer system that enables RFC2828
Authority ーション a CA to issue digital
Workstation (CAW) certificates and supports other
certificate management functions
as required.
certification 証明階層 (I) A tree-structured (loop-free) RFC2828
hierarchy topology of relationships among
CAs and the entities to whom the
CAs issue public-key
certificates. (See: hierarchical PKI.)
certification 証明階層 (C) In this structure, one CA is the
hierarchy top CA, the highest level of
the hierarchy. (See: root, top CA.)
The top CA may issue public-
key certificates to one or more
additional CAs that form the
second highest level. Each of these
CAs may issue certificates to
more CAs at the third highest level,
and so on. The CAs at the
second-lowest of the hierarchy
issue certificates only to non-CA
entities, called "end entities" that
form the lowest level. (See:
end entity.) Thus, all certification
paths begin at the top CA and
descend through zero or more levels
of other CAs. All certificate
users base path validations on the
top CA's public key.
certification 証明階層 (O) MISSI usage: A MISSI
hierarchy certification hierarchy has three or four
levels of CAs:
- A CA at the highest level, the top
CA, is a "policy approving
authority".
- A CA at the second-highest level
is a "policy creation
authority".
- A CA at the third-highest level is
a local authority called a
"certification authority".
- A CA at the fourth-highest
(optional) level is a "subordinate
certification authority".
certification 証明階層 (O) PEM usage: A PEM certification
hierarchy hierarchy has three levels of
CAs [R1422]:
- The highest level is the "Internet
Policy Registration
Authority".
- A CA at the second-highest level
is a "policy certification
authority".
- A CA at the third-highest level is
a "certification authority".
certification 証明階層 (O) SET usage: A SET certification
hierarchy hierarchy has three or four
levels of CAs:
- The highest level is a "SET root
CA".
- A CA at the second-highest level
is a "brand certification
authority".
- A CA at the third-highest
(optional) level is a "geopolitical
certification authority".
- A CA at the fourth-highest level
is a "cardholder CA", a
"merchant CA", or a "payment
gateway CA".
certification path 証明証経路 An ordered sequence of certificates RFC2527
which, together with the public key of the
initial object in the path, can be
processed to obtain that of the final
object in the path.
certification path 証明証経路 (I) An ordered sequence of public- RFC2828
key certificates (or a sequence
of public-key certificates followed by
one attribute certificate)
that enables a certificate user to
verify the signature on the
last certificate in the path, and thus
enables the user to obtain
a certified public key (or certified
attributes) of the entity
that is the subject of that last
certificate. (See: certificate
validation, valid certificate.)
certification policy 証明方策 (D) ISDs SHOULD NOT use this RFC2828
term. Instead, use either
"certificate policy" or "certification
practice statement",
depending on what is meant.
Certification 証明実施宣言(CPS) A statement of the practices which a RFC2527
Practice Statement certification authority employs in issuing
(CPS) certificates.
Certification 証明実施宣言(CPS) (I) "A statement of the practices RFC2828
Practice Statement which a certification authority
(CPS) employs in issuing certificates."
[ABA96, R2527] (See: certificate
policy.)
Certification 証明実施宣言(CPS) (C) A CPS is a published security
Practice Statement policy that can help a
(CPS) certificate user to decide whether a
certificate issued by a
particular CA can be trusted enough
to use in a particular
application. A CPS may be (a) a
declaration by a CA of the details
of the system and practices it
employs in its certificate
management operations, (b) part of a
contract between the CA and
an entity to whom a certificate is
issued, (c) a statute or
regulation applicable to the CA, or
(d) a combination of these
types involving multiple documents.
[ABA]
certification 証明実施宣言(CPS) (C) A CPS is usually more detailed
practice statement and procedurally oriented than
(CPS) a certificate policy. A CPS applies to
a particular CA or CA
community, while a certificate policy
applies across CAs or
communities. A CA with a single
CPS may support multiple
certificate policies, which may be
used for different application
purposes or by different user
communities. Multiple CAs, each with
a different CPS, may support the
same certificate policy. [R2527]
certification request 証明要求 (I) A algorithm-independent RFC2828
transaction format, defined by PCKS
#10 and used in PKIX, that contains
a DN, a public key, and
optionally a set of attributes,
collectively signed by the entity
requesting certification, and sent to
a CA, which transforms the
request to an X.509 public-key
certificate or another type of
certificate.
certify 証明する 1. (I) Issue a digital certificate and RFC2828
thus vouch for the truth,
accuracy, and binding between data
items in the certificate (e.g.,
see: X.509 public key certificate),
such as the identity of the
certificate's subject and the
ownership of a public key. (See:
certification.)
certify 証明する (C) A description of the measures
used for verification should be
included in the CA's CPS.
certify 証明する (C) To "certify a public key" means
to issue a public-key
certificate that vouches for the
binding between the certificate's
subject and the key.
certify 証明する 2. (I) The act by which a CA employs
measures to verify the truth,
accuracy, and binding between data
items in a digital certificate.
CFB CFB See: cipher feedback. RFC2828
chaning 連鎖 Chaining is a mode of interaction RFC1330
optionally used by a Directory System
Agent (DSA) which cannot perform an
operation itself. The DSA chains by
invoking the operation of another DSA
and then relaying the outcome to the
original requestor.
Challenge 誰何ハンドシェーク (I) A peer entity authentication RFC2828
Handshake 認証プロトコル(CHA method for PPP, using a randomly-
Authentication P) generated challenge and requiring a
Protocol (CHAP) matching response that depends
on a cryptographic hash of the
challenge and a secret key. [R1994]
(See: challenge-response, PAP.)
Challenge/Response MD5による誰何/応 An authentication mechanism which is RFC2636
Authentication 答認証メカニズム(C easy to implement, and provides
Mechanism using RAM-MD5) reasonable security against various
Message Digest 5 attacks, including replay. Supported in a
(CRAM-MD5) variety of Internet protocols. Specified as
baseline mechanism in ACAP. CRAM-
MD5 is published as RFC 2195.
Challenge/Response MD5による誰何/応 An authentication mechanism which is RFC2637
Authentication 答認証メカニズム(C easy to implement, and provides
Mechanism using RAM-MD5) reasonable security against various
Message Digest 5 attacks, including replay. Supported in a
(CRAM-MD5) variety of Internet protocols. Specified as
baseline mechanism in ACAP. CRAM-
MD5 is published as RFC 2195.
challenge-response 誰何応答 (I) An authentication process that RFC2828
verifies an identity by
requiring correct authentication
information to be provided in
response to a challenge. In a
computer system, the authentication
information is usually a value that is
required to be computed in
response to an unpredictable
challenge value.
Challenge- 誰何応答認証メカニ (I) IMAP4 usage: A mechanism RFC2828
Response ズム (CRAM) [R2195], intended for use with IMAP4
Authentication AUTHENTICATE, by which an IMAP4
Mechanism (CRAM) client uses a keyed hash [R2104]
to authenticate itself to an IMAP4
server. (See: POP3 APOP.)
Challenge- 誰何応答認証メカニ (C) The server includes a unique
Response ズム (CRAM) timestamp in its ready response
Authentication to the client. The client replies with
Mechanism (CRAM) the client's name and the
hash result of applying MD5 to a
string formed from concatenating
the timestamp with a shared secret
that is known only to the
client and the server.
channel 通信経路 A term used to describe a single source RFC1759
of data which is presented to a printer.
The model that we use in describing a
printer allows for an arbitrary number of
channels. Multiple channels can exist on
the same physical port. This is
commonly done over EtherNet ports
where EtherTalk, TCP/IP, and SPX/IPX
protocols can be supplying different data
streams simultaneously to a single
printer on the same physical port.
channel チャネル A specific frequency allocation with an RFC2670
RF medium, specified by channel width in
Hertz (cycles per second) and by center
frequency. Within the US Cable Systems,
upstream channels are generally
allocated from the 5-42MHz range while
down stream channels are generally
allocated from the 50-750MHz range
depending on the capabilities of the given
system. The typical broadcast channel
width in the US is 6MHz. Upstream
channel widths for DOCSIS vary.
channel チャネル (I) An information transfer path RFC2828
within a system. (See: covert
channel.)
CHAOS CHAOS a tool for controlling or monitoring RFC1470
implementations of the CHAOS protocol
suite or network components that use it.
CHAP CHAP Challenge Handshake Authentication RFC2661
Protocol [RFC1994], a PPP
cryptographic challenge/response
authentication protocol in which the
cleartext password is not passed over
CHAP CHAP See: Challenge Handshake Authentication RFC2828
Protocol.
character encoding 文字符号化スキー A Character Encoding Scheme (CES) is a RFC2130
scheme ム mapping from a Coded Character Set or
several coded character sets to a set of
octets. Examples of Character Encoding
Schemes are ISO 2022 [ISO-2022] and
UTF-8 [UTF-8]. A given CES is typically
associated with a single CCS; for
example, UTF-8 applies only to ISO
10646.
character set 文字集合 The term "character set" is used in RFC2045
MIME to refer to a method of converting
a sequence of octets into a sequence of
characters. Note that unconditional and
unambiguous conversion in the other
direction is not required, in that not all
characters may be representable by a
given character set and a character set
may provide more than one sequence of
octets to represent a particular
sequence of characters. //This definition
is intended to allow various kinds of
character encodings, from simple single-
table mappings such as US-ASCII to
complex table switching methods such as
those that use ISO 2022's techniques, to
be used as character sets. However, the
definition associated with a MIME
character set name must fully specify
the mapping to be performed. In
particular, use of external profiling
information to determine the exact
mapping is not permitted. //NOTE: The
term "character set" was originally to
describe such straightforward schemes
as US-ASCII and ISO-8859-1 which
have a simple one-to-one mapping from
single octets to single characters. Multi-
character set 文字集合 a collection of characters used to RFC2640
represent textual information in which
each character has a numeric value
characteristic 特性 Some description of a sender or receiver RFC 2703
which indicates a possible capability or
preference.
characterization 特性化 A characterization is a computed RFC2216
approximation of the actual end-to-end
behavior which would be seen by a flow
requesting specific QoS services from
the network. By providing additional
information to the end-nodes before a
flow is established, characterizations
assist the end-nodes in choosing the
services to be requested from the
network.
characterization 特性化パラメタ Characterizations are computed from a RFC2216
parameters set of characterization parameters
provided by each network element on the
flow's path, and a composition function
which computes the end-to-end
characterization from those parameters.
The composition function may in practice
be executed in a distributed fashion by
the setup or routing protocol, or the
characterization parameters may be
gathered to a single point and the
characterization computed at that point.
Several characterizations may be
computed for a single candidate data
flow. Conversely, a service may provide
no characterizations, and under some
conditions no characterizations may be
available to the end-nodes requesting
QoS services.
charset charset a set of rules for mapping from a RFC2277
sequence of octets to a sequence of
characters, such as the combination of a
coded character set and a character
encoding scheme; this is also what is
used as an identifier in MIME "charset="
parameters, and registered in the IANA
charset registry [REG]. (Note that this
is NOT a term used by other standards
bodies, such as ISO).
checksum 検査合計 A computed value which is dependent RFC1983
upon the contents of a packet. This
value is sent along with the packet when
it is transmitted. The receiving system
computes a new checksum based upon
the received data and compares this
value with the one sent with the packet.
If the two values are the same, the
receiver has a high degree of confidence
that the data was received correctly.
See also: Cyclic Redundancy Check.
[Source: NNSC]
checksum 検査合計 (I) A value that (a) is computed by a RFC2828
function that is dependent
on the contents of a data object and
(b) is stored or transmitted
together with the object, for the
purpose of detecting changes in
the data. (See: cyclic redundancy
check, data integrity service,
error detection code, hash, keyed
hash, protected checksum.)
checksum 検査合計 (C) Computer systems and networks
employ checksums (and other
mechanisms) to detect accidental
changes in data. However, active
wiretapping that changes data could
also change an accompanying
checksum to match the changed
data. Thus, some checksum functions
by themselves are not good
countermeasures for active attacks. To
protect against active attacks, the
checksum function needs to be
well-chosen (see: cryptographic
hash), and the checksum result
needs to be cryptographically
protected (see: digital signature,
keyed hash).
checksum 検査合計 (C) To gain confidence that a data
object has not been changed, an
entity that later uses the data can
compute a checksum and compare
it with the checksum that was
stored or transmitted with the
object.
choice message 選択メッセージ A choice message returns a RFC 2703
representation of some selected variant
or variants, together with the variant list
of the negotiable resource. It can be
generated when the sender has sufficient
information to select a variant for the
receiver, and also requires to inform the
receiver about the other variants
choice response 選択メッセージ A choice response returns a RFC2295
representation of the best variant for the
request, and may also return the variant
list of the negotiable resource. It can be
generated when the server has sufficient
information to be able to choose the
best variant on behalf the user agent, but
may only be generated if this best variant
is a neighboring variant. Choice
responses are defined in section 10.2.
chosen-ciphertext 選択暗号文攻撃 (I) A cryptanalysis technique in RFC2828
attack which the analyst tries to
determine the key from knowledge of
plaintext that corresponds to
ciphertext selected (i.e., dictated) by
the analyst.
chosen-plaintext 選択平文攻撃 (I) A cryptanalysis technique in RFC2828
attack which the analyst tries to
determine the key from knowledge of
ciphertext that corresponds to
plaintext selected (i.e., dictated) by
the analyst.
CIAC CIAC See: Computer Incident Advisory RFC2828
Capability.
CID CID See Message/External Body Content-ID RFC2557
[MIDCID].
CIDR CIDR See: Classless Inter-domain Routing RFC1983
CIF CIF Common Intermediate Format. For H.263, RFC2190
a CIF picture has 352 x 288 pixels for
luminance, and 176 x 144 pixels for
chrominance.
CIK CIK See: cryptographic ignition key. RFC2828
cipher 暗号 (I) A cryptographic algorithm for RFC2828
encryption and decryption. cipher block
chaining (CBC)
cipher 暗号 (C) This mode operates by
combining (exclusive OR-ing) the
algorithm's ciphertext output block
with the next plaintext block
to form the next input block for the
algorithm.
cipher 暗号 (I) An block cipher mode that
enhances electronic codebook mode by
chaining together blocks of
ciphertext it produces. [FP081] (See:
[R1829], [R2451].)
Cipher Block 暗号ブロック連鎖 CBC is a mode in which every plaintext RFC2246
Chaining (CBC) block encrypted with a block cipher is
first exclusive-ORed with the previous
ciphertext block (or, in the case of the
first block, with the initialization vector).
For decryption, every block is first
decrypted, then exclusive-ORed with the
previous ciphertext block (or IV).
Cipher Feedback 暗号フィードバック(C (I) An block cipher mode that RFC2828
(CFB) FB) enhances electronic code book mode
by chaining together the blocks of
ciphertext it produces and
operating on plaintext segments of
variable length less than or
equal to the block length. [FP081]
Cipher Feedback 暗号フィードバック(C (C) This mode operates by using the
(CFB) FB) previously generated
ciphertext segment as the
algorithm's input (i.e., by "feeding
back" the ciphertext) to generate an
output block, and then
combining (exclusive OR-ing) that
output block with the next
plaintext segment (block length or
less) to form the next
ciphertext segment.
ciphertext 暗号文 The output of an encryption function. RFC1510
Encryption transforms plaintext into
ciphertext.
ciphertext 暗号文 (I) Data that has been transformed RFC2828
by encryption so that its
semantic information content (i.e., its
meaning) is no longer
intelligible or directly available. (See:
cleartext, plaintext.)
ciphertext 暗号文 (O) "Data produced through the use
of encipherment. The semantic
content of the resulting data is not
available." [I7498 Part 2]
ciphertext-only 暗号文限定攻撃 (I) A cryptanalysis technique in RFC2828
attack which the analyst tries to
determine the key solely from
knowledge of intercepted ciphertext
(although the analyst may also know
other clues, such as the
cryptographic algorithm, the
language in which the plaintext was
written, the subject matter of the
plaintext, and some probable
plaintext words.)
CIPSO CIPSO See: Common IP Security Option. RFC2828
circuit 回線 The subset of the local routeing RFC1142
information base pertinent to a single
local SNPA.
circuit proxy 回線代理人 A proxy service that statically defines RFC2647
which traffic will be forwarded.
circuit switching 回線交換 A communications paradigm in which a RFC1983
dedicated communication pathis
established between two hosts, and on
which all packets travel. The telephone
system is an example of a circuit
switched network. See also: connection-
oriented, connectionless, packet
CKL CKL See: compromised key list. RFC2828
claimant 認証要求者 The party that initiates the RFC1507
authentication process. In the DASS
architecture, claimants possess
credentials which include their identity,
authenticating private key and a ticket
certifying their authenticating public key.
class 2, 3, 4, or 5 クラス2,3,4又は5 (O) U.S. Department of Defense RFC2828
usage: Levels of PKI assurance
based on risk and value of
information to be protected [DOD3]:
- Class 2: For handling low-value
information (unclassified, not
mission-critical, or low monetary
value) or protection of
system-high information in low- to
medium-risk environment.
- Class 3: For handling medium-
value information in low- to
medium-risk environment.
Typically requires identification of a
system entity as a legal person,
rather than merely a member of
an organization.
- Class 4: For handling medium- to
high-value information in any
environment. Typically requires
identification of an entity as
a legal person, rather than merely
a member of an organization,
and a cryptographic hardware
token for protection of keying
material.
class 2, 3, 4, or 5 クラス2,3,4又は5 - Class 5: For handling high-value
(I) NO RECOMMENDED DEFINITION
class selector クラス選択子コード any of the eight codepoints in the range RFC2474
codepoint ポイント 'xxx000' (where 'x' may equal '0' or '1').
Class Selector Codepointsare discussed
in Sec. 4.2.2.
class selector クラス選択子適合P a per-hop behavior satisfying the RFC2474
compliant PHB HB ClassSelector PHB Requirements
specified in Sec. 4.2.2.2.
classical application 古典的アプリケーシ A classical application proxy is a special RFC1919
proxies ョン代理人 program that knows one (or more)
specific application protocols. Most
application protocols are not symetric;
one end is considered to be a "client",
one end is a "server".
classification, 分類,分類水準 (I) (1.) A grouping of classified RFC2828
classification level information to which a
hierarchical, restrictive security label
is applied to increase
protection of the data. (2.) The level
of protection that is
required to be applied to that
information. (See: security level.)
classified 分類された (I) Refers to information (stored or RFC2828
conveyed, in any form) that
is formally required by a security
policy to be given data
confidentiality service and to be
marked with a security label
(which in some cases might be
implicit) to indicate its protected
status. (See: unclassified.)
classified 分類された (C) The term is mainly used in
government, especially in the
military, although the concept
underlying the term also applies
outside government. In the U.S.
Department of Defense, for
example, it means information that
has been determined pursuant to
Executive Order 12958 ("Classified
National Security Information",
20 April 1995) or any predecessor
order to require protection
against unauthorized disclosure and
is marked to indicate its
classified status when in
documentary form.
classifier 分類子 an entity which selects packets based on RFC2474
the content ofpacket headers according
to defined rules.
classifier 分類子 an entity which selects packets based RFC2475
onthe content of packet headers
according todefined rules.
Classless Inter- 無クラスドメイン間ル A proposal, set forth in RFC 1519, to RFC1983
domain Routing ーティング(CIDR) allocate IP addresses so as to allow the
(CIDR) addresses to be aggregated when
advertised as routes. It is based on the
elimination of intrinsic IP network
addresses; that is, the determination of
the network address based on the first
few bits of the IP address. See also: IP
address, network address, supernet.
class-name クラス名 The class of an object. See "object". RFC2205
clean system クリーンシステム A computer which has been freshly RFC2504
installed with its operatingsystem and
software obtainied from trusted software
distributionmedia. As more software and
configuration are added to acomputer, it
becomes increasingly difficult to
determine if thecomputer is 'clean' or has
been compromised by viruses,
trojanhorse or misconfiguration which
reduces the security of thesystem.
clean system 導入直後のシステム (I) A computer system in which the RFC2828
operating system and
application system software and files
have just been freshly
installed from trusted software
distribution media.
clean system 導入直後のシステム (C) A clean system is not
necessarily in a secure state.
clear datagram 平文データグラム The unmodified IP datagram in the User RFC1241
Space before Encapsulation.
clear header 平文ヘッダ The header portion of the Clear RFC1241
Datagram before Encapsulation. This
header includes the IP header and
possibly part or all of the next layer
protocol header, i.e., the TCP header.
clearance クリアランス See: security clearance. RFC2828
clearance level クリアランス水準 (I) The security level of information RFC2828
to which a security
clearance authorizes a person to
have access.
cleartext クリアランス水準 (I) Data in which the semantic RFC2828
information content (i.e., the
meaning) is intelligible or is directly
available. (See:
plaintext.)
cleartext クリアランス水準 (D) ISDs SHOULD NOT use this
term as a synonym for "plaintext",
the input to an encryption operation,
because the plaintext input
to encryption may itself be
ciphertext that was output from
another operation. (See:
superencryption.)
cleartext クリアランス水準 (O) "Intelligible data, the semantic
content of which is
available." [I7498 Part 2]
client クライアント It sends the call to a server. RFC1057
client クライアント A process that makes use of a network RFC1510
service on behalf of a user. Note that in
some cases a Server may itself be a
client of some other server (e.g., a print
server may be a client of a file server).
client クライアント A client side makes the call to a server, RFC1831
client クライアント An application program that establishes RFC1945
connections for the purpose of sending
requests.
client クライアント A computer system or process that RFC1983
requests a service of another computer
system or process. A workstation
requesting the contents of a file from a
file server is a client of the file server.
See also: client-server model, server.
[Source: NNSC]
client クライアント Any network device which initiates a RFC2217
Telnet session to an access server.
client クライアント The application entity that initiates a RFC2246
TLS connection to a server. This may or
may not imply that the client initiated the
underlying transport connection. The
primary operational difference between
the server and client is that the server is
generally authenticated, while the client
is only optionally authenticated.
client クライアント A program which issues HTTP requests RFC2291
and accepts responses.
client クライアント A program that establishes connections RFC2295
for the purpose of sending requests.
client クライアント client refers to the application which RFC2307
ultimately makes use of the information
returned by the resolution.
client クライアント The client requests continuous media RFC2326
data from the mediaserver.
client クライアント Depending on the point of view, a client RFC2504
might be a computersystem which an
end-user uses to access services hosted
on anothercomputer system called a
server. 'Client' may also refer to
aprogram or a part of a system that is
used by an end-user toaccess services
provided by another program (for
example, a webbrowser is a client that
accesses pages provided by a Web
client クライアント An application program that sends SIP RFC2543
requests. Clients may or may not
interact directly with a human user. User
agents and proxies contain clients (and
client クライアント A 'client' is a program which establishes RFC2594
connections for the purpose of sending
requests and receiving responses.
client クライアント A program that establishes connections RFC2616
for the purpose of sending requests.
client クライアント (I) A system entity that requests and RFC2828
uses a service provided by
another system entity, called a
"server". (See: server.)
client クライアント (C) Usually, the requesting entity is
a computer process, and it
makes the request on behalf of a
human user. In some cases, the
server may itself be a client of some
other server.
client ID クライアントID The Client ID ("CLID") is used to assist RFC2341
endpoints in demultiplexing tunnels when
the underlying point-to-point substrate
lacks an efficient or dependable
technique for doing so directly. Using
the CLID, it is possible to demultiplex
multiple tunnels who
client port クライアントポート The TU ports used by clients to initiate a RFC2391
connection to server are called "Client
Ports".
client write key クライアント書込み The key used to encrypt data written by RFC2246
鍵 the client.
client write MAC クライアント書込みM The secret data used to authenticate RFC2246
secret AC秘密 data written by the client.
client/endpoint クライアント/エンド An ATM-attached host or router that RFC2417
ポイント registers with a MARS and that isa
member of one or more multicast groups.
An endpoint may establishATM Virtual
Channels (VCs) to the other group
members or may make useof a Multicast
Server.
client-server model クライアントサーバモ A common way to describenetwork RFC1208
デル services and the model user processes
(programs) of those services. Examples
include the name-server/name-resolver
paradigm of the DNS and file-server/file-
client relationships such as NFS and
diskless hosts.
client-server model クライアントサーバモ A common way to describe the paradigm RFC1983
デル of many network protocols. Examples
include the name-server/name-resolver
relationship in DNS and the file-
server/file-client relationship in NFS.
See also: client, server, Domain Name
System, Network File System.
CLIPPER chip CLIPPERチップ (N) The Mykotronx, Inc. MYK-82, an RFC2828
integrated microcircuit with a
cryptographic processor that
implements the SKIPJACK encryption
algorithm and supports key escrow.
(See: CAPSTONE, Escrowed
Encryption Standard.)
CLIPPER chip CLIPPERチップ (C) The key escrow scheme for a
chip involves a SKIPJACK key
common to all chips that protects
the unique serial number of the
chip, and a second SKIPJACK key
unique to the chip that protects
all data encrypted by the chip. The
second key is escrowed as
split key components held by NIST
and the U.S. Treasury
Department.
CLNP CLNP Connectionless Network Protocol. The RFC1208
OSI protocol for providing the OSI
Connectionless Network Service
(datagram service). CLNP is the OSI
equivalent to Internet IP, and is
sometimes called ISO IP.
CLNP CLNP Connectionless Network Protocol. A RFC1210
specific ISO/OSI protocol analgous to
the IP mentioned below.
CLNP CLNP The OSI Connectionless Network RFC1330
Protocol. CLNP's use is required by
GOSIP.
closed security 閉じた安全保護環境 (O) U.S. Department of Defense RFC2828
environment usage: A system environment that
meets both of the following
conditions: (a) Application developers
(including maintainers) have
sufficient clearances and
authorizations to provide an
acceptable presumption that they have
not introduced malicious logic. (b)
Configuration control provides
sufficient assurance that system
applications and the equipment
they run on are protected against
the introduction of malicious
logic prior to and during the
operation of applications. [NCS04]
(See: open security environment.)
closed security 閉じた安全保護環境 (I) NO RECOMMENDED DEFINITION
environment
cloud クラウド An undirected (possibly cyclic) graph RFC2330
whose vertices are routersand whose
edges are links that connect pairs of
routers.Formally, ethernets, frame relay
clouds, and other links thatconnect more
than two routers are modelled as fully-
connectedmeshes of graph edges. Note
that to connect to a cloud means
toconnect to a router of the cloud over a
link; this link is notitself part of the cloud.
cloud subpath クラウド部分経路 A subpath of a given path, all of whose RFC2330
hosts are routers of agiven cloud.
CLTP CLTP Connectionless Transport Protocol. RFC1208
Provides for end-to-end Transport data
addressing (via Transport selector) and
error control (via checksum), but cannot
guarantee delivery or provide flow
control. The OSI equivalent of UDP.
Cluster クラスタ The set of clients managed by a MARS. RFC2417
CM CM Cable Modem. A CM acts as a "slave" RFC2669
station in a DOCSIS compliant cable data
system.
CM CM Cable Modem. A CM acts as a "slave" RFC2670
station in a DOCSIS compliant cable data
system.
CMIP CMIP Common Management Information RFC1208
Protocol. The OSI network
CMIS CMIS a network management system or RFC1470
component based on CMIS/CMIP, the
Common Management Information
System and Protocol.
CMOT CMOT CMIP Over TCP. An effort to use the RFC1208
OSI network management protocol to
manage TCP/IP networks.
CMTS CMTS Cable Modem Termination System. A RFC2669
generic term covering a cable bridge or
cable router in a head-end. A CMTS acts
as the master station in a DOCSIS
compliant cable data system. It is the
only station that transmits downstream,
and it controls the scheduling of
upstream transmissions by its associated
CMTS CMTS Cable Modem Termination System. A RFC2670
generic term covering a cable bridge or
cable router in a head-end. A CMTS acts
as the master station in a DOCSIS
compliant cable data system. It is the
only station that transmits downstream,
and it controls the scheduling of
upstream transmissions by its associated
cn= cn= commonName; Attribute defining RFC1943
common name for individuals included in
a directory. In 1988 standards can be up
to 64 characters.
CNI CNI See: Coalition for Networked Information RFC1983
Coalition for ネットワーク情報連 A consortium formed by American RFC1983
Networked 合 Research Libraries, CAUSE, and
Information (CNI) EDUCOM (no, they are not acronyms) to
promote the creation of, and access to,
information resources in networked
environments in order to enrich
scholarship and enhance intellectual
productivity.
code コード (I) noun: A system of symbols used RFC2828
to represent information, which
might originally have some other
representation. (See: encode.)
code コード (D) ISDs SHOULD NOT this word as
an abbreviation for the following
terms: country code, cyclic
redundancy code, Data Authentication
Code, error detection code, Message
Authentication Code, object
code, or source code. To avoid
misunderstanding, use the fully
qualified term, at least at the point
of first usage
code コード (D) ISDs SHOULD NOT use this
term as synonym for the following:
(a) "cipher", "hash", or other words
that mean "a cryptographic
algorithm"; (b) "ciphertext"; or (c)
"encrypt", "hash", or other
words that refer to applying a
cryptographic algorithm.
Code Division 符号分割多元接続 A technique for spread-spectrum RFC2636
Multiple Access multiple-access digital communications
that creates channels through the use of
unique code sequences.
Code Division 符号分割多元接続 A technique for spread-spectrum RFC2637
Multiple Access multiple-access digital communications
that creates channels through the use of
unique code sequences.
code point コードポイント The coded bit pattern associated with RFC2625
control fields in frames or packets.
code set コード集合 (see character set). RFC2640
coded character set 符号化文字集合 A Coded Character Set (CCS) is a RFC2130
mapping from a set of abstract
characters to a set of integers.
Examples of coded character sets are
ISO 10646 [ISO-10646], US-ASCII
[ASCII], and ISO-8859 series [ISO-8859].
codepoint コードポイント a specific value of the DSCP portion of RFC2474
the DS field.Recommended codepoints
SHOULD map to specific, standardized
PHBs.Multiple codepoints MAY map to
the same PHB.
codeword コードワード See [16]. A characteristic of the Foward RFC2670
Error Correction scheme used above the
RF media layer.
collation 照合 in multiple copy output, placing the pages RFC1759
from separate copies into separte output
bins
collection 照合 A collection is a resource that contains RFC2291
other resources, either directly or by
reference.
collection 集まり A resource that contains a set of URIs, RFC2518
termed member URIs, which identify
member resources and meets the
requirements in section 5 of this
specification.
collection of ハードウェアネットワ A set of hardware networks (transitively) RFC919
hardware networks ークの集まり connected by gateways.
Collection of ハードウェアネットワ A set of hardware networks (transitively) RFC922
Hardware Networks ークの集まり connected by gateways.
color change 色彩変更 (I) In a system that is being operated RFC2828
in periods processing mode,
the act of purging all information
from one processing period and
then changing over to the next
processing period.
Comite Consultatif 国際電信電話諮問 This organization is now part of the RFC1983
International de 委員会 International Telecommunications Union
Telegraphique et and is responsible for making technical
Telephonique recommendations about telephone and
(CCITT) data communications systems. Every
four years CCITT holds plenary sessions
where they adopt new standards; the
most recent was in 1992. Recently, the
ITU reorganized and CCITT was renamed
the ITU-TSS. See also: International
Telecommunications Union -
Telecommunications Standards Sector.
command コマンド A request for a mail service action sent RFC821
by the sender-SMTP to thereceiver-
SMTP.
commercially 市販の This implementation can be purchased. RFC2116
available
Common Criteria, 情報技術安全保護 (N) "The Common Criteria" is a RFC2828
Common Criteria のための共通基準 standard for evaluating information
for Information technology products and systems,
Technology Security such as operating systems,
computer networks, distributed
systems, and applications. It
states requirements for security
functions and for assurance
measures. [CCIB]
Common Criteria, 情報技術安全保護 (C) Canada, France, Germany, the
Common Criteria のための共通基準 Netherlands, the United Kingdom,
for Information and the United States (NIST and
Technology Security NSA) began developing this
standard in 1993, based on the
European ITSEC, the Canadian
Trusted Computer Product
Evaluation Criteria (CTCPEC), and the
U.S. "Federal Criteria for Information
Technology Security" (FC)
and its precursor, the TCSEC. Work
was done in cooperation with
ISO/IEC Joint Technical Committee
1 (Information Technology),
Subcommittee 27 (Security
Techniques), Working Group 3 (Security
Criteria). Version 2.1 of the Criteria
is equivalent to ISO's
International Standard 15408
[I15408]. The U.S. Government intends
that this standard eventually will
supersede both the TCSEC and
FIPS PUB 140-1. (See: NIAP.)
Common Criteria, 情報技術安全保護 (C) The standard addresses data
Common Criteria のための共通基準 confidentiality, data integrity,
for Information and availability and may apply to
Technology Security other aspects of security. It
focuses on threats to information
arising from human activities,
malicious or otherwise, but may
apply to non-human threats. It
applies to security measures
implemented in hardware, firmware, or
software. It does not apply to (a)
administrative security not
related directly to technical security,
(b) technical physical
aspects of security such as
electromagnetic emanation control, (c)
evaluation methodology or
administrative and legal framework under
which the criteria may be applied, (d)
procedures for use of
evaluation results, or (e) assessment
of inherent qualities of
cryptographic algorithms.
Common Domain 共通ドメイン(CD) An Administrative Domain which is not a RFC1136
(CD) member of a higher level domain. A
common domain is the highest level in
the routeing hierarchy. There is no
single domain above the common domain.
In this sense, the routeing hierarchy is in
fact multiple hierarchies, with the
common domain as the highest element
of each hierarchy.
Where there are multiple common
domains, they cooperate as peers to
make it possible to route to any NSAP in
the OSIE [1].
Common Domains have global routing
information to the extent necessary to
route packets to the proper domain.
Each of the several peer national
backbones in today's Internet may be
considered to be similar to a Common
Domain. Note that in the Internet the
hierarchical containment implied by the
definition of a CD does not really exist;
however, there is a level of implicit
ordering based on topology and policy
issues (the willingness to be used as a
transit network) that can be viewed as
defining a Common Domain in the
Internet.
Common IP 共通IP安全保護選 See: (secondary definition under) RFC2828
Security Option 択 Internet Protocol Security
(CIPSO) Option.
common name 共通名 (I) A character string that (a) may be RFC2828
a part of the X.500 DN of a
Directory object ("commonName"
attribute), (b) is a (possibly
ambiguous) name by which the
object is commonly known in some
limited scope (such as an
organization), and (c) conforms to the
naming conventions of the country
or culture with which it is
associated. [X520] (See: ("subject"
and "issuer" under) X.509
public-key certificate.)
common name 共通名 (C) For example, "Dr. E. F. Moore",
"The United Nations", or
"12-th Floor Laser Printer".
communication コミュニケーション any packet exchange among nodes that RFC1971
requires that the address of each node
used in the exchange remain the same
for the duration of the packet exchange.
Examples are a TCP connection or a
UDP request-response.
communication コミュニケーション any packet exchange among nodes that RFC2462
requires that the address of each node
used in the exchange remain the same
for the duration of the packet exchange.
Examples are a TCP connection or a
UDP request- response.
communication コミュニケーション安 (I) Measures that implement and RFC2828
security (COMSEC) 全保護(COMSEC) assure security services in a
communication system, particularly
those that provide data
confidentiality and data integrity and
that authenticate
communicating entities.
communication コミュニケーション安 (C) Usually understood to include
security (COMSEC) 全保護(COMSEC) cryptographic algorithms and key
management methods and
processes, devices that implement them,
and
the life cycle management of keying
community string コミュニティ文字列 (I) A community name in the form of RFC2828
an octet string that serves as
a cleartext password in SNMP
version 1. [R1157]
comparator 比較器 A named function which can be used to RFC2244
perform one or more of three comparison
operations: ordering, equality and
substring matching. See section 3.4.
compartment 個室 (I) A grouping of sensitive RFC2828
information items that require special
access controls beyond those
normally provided for the basic
classification level of the
information. (See: category.)
compartment 個室 (C) The term is usually understood
to include the special handling
procedures to be used for the
information.
complete hierarchy 完全階層モデル The "Complete Hierarchy" model, in RFC2342
model which the default namespace that is
presented includes the user's personal
mailboxes along with any other mailboxes
they have access to.
composite node 合成ノード A node containing data of multiple media RFC1614
types.
composition function 合成機能 A composition function accepts RFC2216
characterization parameters as input and
computes a characterization, as
described above.
compound document 複合文書 Documents containing different content RFC1210
types including some of the following:
text (possibly with various fonts),
geometric graphics, bit-map graphics,
spreadsheets, tables, animation, voice
annotation.
compound 複合文書 A 'document' is a file containing (a set RFC2504
documents of) data. Files mayconsist of multiple
parts: a plain document, an
encrypteddocument, a digitally-signed
documents or a compressed
document.Multi-part files are known as
compound documents and may require
avariety of programs to be used in order
to interpret andmanipulate it. These
programs may be used without the
compress 圧縮 The act of reducing the size of a header RFC2507
by removing header fields or reducing the
size of header fields. This is done in a
way such that a decompressor can
reconstruct the header if its context
state is identical to the context state
used when compressing the header.
compromise 妥協 See: data compromise, security RFC2828
compromise.
compromised key 妥協鍵リスト (O) MISSI usage: A list that RFC2828
list (CKL) identifies keys for which
unauthorized disclosure or alteration
may have occurred. (See:
compromise.)
(C) A CKL is issued by an CA, like a
CRL is issued. But a CKL
lists only KMIDs, not subjects that
hold the keys, and not
certificates in which the keys are
bound.
compulsory 義務的トンネリング In compulsory tunneling, a tunnel is RFC2809
tunneling created without any
action from the user and without allowing
the user any
choice.
COMPUSEC COMPUSEC See: computer security. RFC2828
Computer コンピュータ緊急対 The CERT was formed by ARPA in RFC1983
Emergency 応チーム(CERT) November 1988 in response to the needs
Response Team exhibited during the Internet worm
(CERT) incident. The CERT charter is to work
with the Internet community to facilitate
its response to computer security events
involving Internet hosts, to
Computer コンピュータ緊急対 (I) An organization that RFC2828
Emergency 応チーム(CERT) studies computer and network
Response Team INFOSEC in
(CERT) order to provide
incident response services to
victims of attacks,
publish alerts
concerning vulnerabilities and
threats, and offer
other information to
help improve computer and
network security.
(See: CSIRT, security
incident.)
Computer コンピュータ緊急対 (C) For example, the
Emergency 応チーム(CERT) CERT Coordination Center at
Response Team Carnegie-Mellon
(CERT) University (sometimes
called "the" CERT) and the
Computer Incident
Advisory Capability.
Computer Incident コンピュータ事件相 (N) A computer emergency RFC2828
Advisory Capability 談室(CIAC) response team in the U.S.
(CIAC) Department of
Energy.
Computer Incident コンピュータ事件相 (I) NO RECOMMENDED DEFINITION
Advisory Capability 談室(CIAC)
(CIAC)
computer network コンピュータネットワ (I) A collection of host RFC2828
ーク computers together with the
subnetwork or
internetwork through
which they can exchange data.
(C) This definition is
intended to cover systems of
all sizes and
types, ranging from the
complex Internet to a simple
system
composed of a personal
computer dialing in as a
remote terminal of
another computer.
computer security コンピュータ安全保 (I) Measures that RFC2828
(COMPUSEC) 護(COMPUSEC) implement and assure security
services in a
computer system,
particularly those that assure
access control
service.
(C) Usually understood
to include functions,
features, and
technical
characteristics of computer
hardware and software,
especially operating
Computer Security コンピュータ安全保 (I) An organization RFC2828
Incident Response 護事件対応チーム( "that coordinates and supports
team (CSIRT) CSIRT) the response to
security incidents that
involve sites within a defined
constituency." [R2350]
(See: CERT, FIRST, security
incident.)
Computer Security コンピュータ安全保 (C) To be considered a
Incident Response 護事件対応チーム( CSIRT, an organization must do
team (CSIRT) CSIRT) as follows:
- Provide a (secure)
channel for receiving reports
about
suspected security
incidents.
- Provide assistance to
members of its constituency in
handling
the incidents.
- Disseminate incident-
related information to its
constituency
and other involved
parties.
computer security コンピュータ安全保 (I) The definition or RFC2828
object 護オブジェクト representation of a resource,
tool, or
mechanism used to
maintain a condition of
security in computerized
environments. Includes
many elements referred to in
standards that
are either selected or
defined by separate user
communities.
[CSOR] (See: object
identifier, Computer Security
Objects
Register.)
Computer Security コンピュータ安全保 (N) A service operated by NIST is RFC2828
Objects Register 護オブジェクト登録( establishing a catalog for
(CSOR) CSOR) computer security objects to provide
stable object definitions
identified by unique names. The use
of this register will enable
the unambiguous specification of
security parameters and
algorithms to be used in secure data
exchanges.
Computer Security コンピュータ安全保 (C) The CSOR follows registration
Objects Register 護オブジェクト登録( guidelines established by the
(CSOR) CSOR) international standards community
and ANSI. Those guidelines
establish minimum responsibilities
for registration authorities
and assign the top branches of an
international registration
hierarchy. Under that international
registration hierarchy the
CSOR is responsible for the
allocation of unique identifiers under
the branch {joint-iso-ccitt(2)
country(16) us(840) gov(101)
csor(3)}.
Computer Security コンピュータ安全保 (I) NO RECOMMENDED DEFINITION
Objects Register 護オブジェクト登録(
(CSOR) CSOR)
COMSEC COMSEC See: communication RFC2828
concurrent 並列接続 security.
The aggregate number of simultaneous RFC2647
connections connections between hosts across the
DUT/SUT, or between hosts and the
DUT/SUT.
conference 会議 a multiparty, multimedia presentation, RFC2326
where "multi" impliesgreater than or
equal to one.
Conference 会議 A multimedia conference is a set of two RFC2327
or more communicating usersalong with
the software they are using to
communicate.
conference 会議 A multimedia session (see below), RFC2543
identified by a common session
description. A conference can have zero
or more members and includes the cases
of a multicast conference, a full-mesh
conference and a two-party "telephone
call", as well as combinations of these.
Any number of calls can be used to
create a conference.
confidentiality 機密性 The protection of information so that RFC1704
someone not authorized to access the
information cannot read the information
even though the unauthorized person
might see the information's container
(e.g., computer file or network packet).
confidentiality 機密性 See: data RFC2828
configuration control 構成制御 confidentiality. regulating changes
(I) The process of RFC2828
to hardware, firmware,
software, and documentation
throughout the development and
operational life of a system. (See:
administrative security.)
configuration control 構成制御 (C) Configuration control helps
protect against unauthorized or
malicious alteration of a system and
thus provides assurance of
system integrity. (See: malicious
logic.)
configuring network ネットワークサービ The part of an administrator's task that RFC2504
services ス構成 is related to specifyingthe conditions and
details of network services that govern
theservice provision. In regard to a Web
server, this includes whichWeb pages are
available to whom and what kind of
information islogged for later review
purposes.
confinement 制限プロパティ See: (secondary RFC2828
property definition under) Bell-
congestion 渋滞 LaPadula Model.
Congestion occurs when the offered load RFC1983
exceeds the capacity of a data
communication path.
Congestion Window CONGESTION A TCP state variable that limits the RFC2581
(cwnd) WINDOW (cwnd) amount of data a TCP can send. At any
given time, a TCP MUST NOT send data
with a sequence number higher than the
sum of the highest acknowledged
sequence number and the minimum of
cwnd and rwnd.
connected 接続(部分)ネットワ A Connected (Sub)Network is an IP RFC1812
(sub)network ーク subnetwork to which a router is
interfaced, or a connected network if the
connected network is not subnetted.
See also Connected Network.
connected mode 接続モード A mode of operation in which sender and RFC 2703
receiver are directly connected, and
hence are not prevented from definitively
determining each other's capabilities.
(See also: Session mode)
connected network 接続ネットワーク A network to which a host is interfaced RFC1122
is often known as the "local network" or
the "subnetwork" relative to that host.
However, these terms can cause
confusion, and therefore we use the term
"connected network" in this document.
connected network 接続ネットワーク A network prefix to which a router is RFC1812
interfaced is often known as a local
network or the subnetwork of that
router. However, these terms can cause
confusion, and therefore we use the term
Connected Network in this memo.
connection 接続,コネクション A transport layer virtual circuit RFC1945
established between two application
programs for the purpose of
connection 接続,コネクション A connection is a transport (in the OSI RFC2246
layering model definition) that provides a
suitable type of service. For TLS, such
connections are peer to peer
relationships. The connections are
transient. Every connection is associated
with one session.
connection 接続,コネクション A transport layer virtual circuit RFC2326
established between twoprograms for the
purpose of communication.
connection 接続,コネクション A transport layer virtual circuit RFC2616
established between two programs for
the purpose of communication.
connection 接続,コネクション A state in which two hosts, or a host and RFC2647
the DUT/SUT, agree to exchange data
using a known protocol.
connection 接続,コネクション Under the control of a Media Gateway RFC2805
Controller (MGC), the Media
Gateway (MG) realizes connections. In
this document, connections are
associations of resources hosted by
the MG. They typically involve
two terminations, but may involve more.
connection 接続,コネクション A logical communication path identified RFC793
by a pair of sockets.
connection 接続確立 The data exchanged between hosts, or RFC2647
establishment between a host and the DUT/SUT, to
initiate a connection. The length of time
needed for two hosts, or a host and the
DUT/SUT, to agree to set up a
connection using a known protocol.
connection 接続維持 `The data exchanged between hosts, or RFC2647
maintenance between a host and the DUT/SUT, to
ensure a connection is kept alive.
connection overhead 接続オーバヘッド The degradation in bit forwarding rate, if RFC2647
any, observed as a result of the addition
of one connection between two hosts
through the DUT/SUT, or the addition of
one connection from a host to the
DUT/SUT.
connection profile 接続プロファイル A table used to route packets other than RFC2107
by destination address. The Connection
Profile is a named entity that contains
information indicating how packets
addressed to it are to be routed. It may
be used to route packets to unregistered
IP addresses and for routing protocols
other than IP (e.g., IPX).
connection teardown 接続切断 The data exchanged between hosts, or RFC2647
between a host and the DUT/SUT, to
close a connection.
connection 接続切断時間 The length of time needed for two hosts, RFC2647
teardown time or a host and the DUT/SUT, to agree to
tear down a connection using a known
protocol.
connectionless 接続無し The model of interconnection in which RFC1208
communication takes place without first
establishing a connection. Sometimes
(imprecisely) called datagram. Examples:
LANs, Internet IP and OSI CLNP, UDP,
ordinary postcards.
connectionless 接続無し The data communication method in which RFC1983
communication occurs between hosts
with no previous setup. Packets
between two hosts may take different
routes, as each is independent of the
other. UDP is a connectionless protocol.
See also: circuit switching, connection-
oriented, packet switching, User
connectionless data 接続無しデータ完全 (I) A security service that provides RFC2828
integrity service 性サービス data integrity service for an
individual IP datagram, by detecting
modification of the datagram,
without regard to the ordering of the
datagram in a stream of
datagrams.
connectionless data 接続無しデータ完全 (C) A connection-oriented data
integrity service 性サービス integrity service would be able to
detect lost or reordered datagrams
within a stream of datagrams.
connection-oriented 接続指向の The model of interconnection in which RFC1208
communication proceeds through three
well-defined phases: connection
establishment, data transfer, connection
release. Examples: X.25, Internet TCP
and OSI TP4, ordinary telephone calls.
connection-oriented 接続指向の The data communication method in which RFC1983
communication proceeds through three
well-defined phases: connection
establishment, data transfer, connection
release. TCP is a connection-oriented
protocol. See also: circuit switching,
connectionless, packet switching,
Transmission Control Protocol.
CONS CONS Connection-oriented service. Another RFC1210
specific ISO/OSI protocol more aligned
to the X.25 protocol mentioned below.
constant load 固定負荷 Fixed length frames at a fixed interval RFC1242
time.
consumer 消費者 A consumer is a transport that is capable RFC1301
only of receiving user data. It may
transmit control packets, such as
negative acknowledgements, but may
never transmit any requests for the
transmit token or any form of data or
empty messages.
consumer 消費者 The Organisation which is to receive the RFC2801
benefit of and typically pay for the goods
or services.
container file コンテナファイル A file which may contain multiple media RFC2326
streams which oftencomprise a
presentation when played together.
RTSP servers mayoffer aggregate
control on these files, though the
concept ofa container file is not
embedded in the protocol.
content 内容 The piece of information that the RFC1330
originating User Agent (UA) wishes
delivered to the recipient UA. For inter-
personal messaging (IPM) UAs, the
content consists of either an IP message
or an IPM-status-report.
content feature 内容特質 (see Feature) RFC 2703
content negotiation 内容交渉 An exchange of information (negotiation RFC 2703
metadata) which leads to selection of the
appropriate representation (variant) when
transferring a data resource.
content negotiation 内容交渉 The mechanism for selecting the RFC2295
appropriate representation when
servicing a request.
content negotiation 内容交渉 The mechanism for selecting the RFC2616
appropriate representation when
servicing a request, as described in
section 12. The representation of entities
in any response can be negotiated
(including error responses).
Content-Base Content-Base This header was specified in RFC 2110, RFC2557
but has been removed in this new
version of the MHTML standard.
Content-ID Content-ID See Message/External Body Content-ID RFC2557
[MIDCID].
Content-Location Content-Location MIME message or content part header RFC2557
with one URI of the MIME message or
content part body, defined in section 4.2
below.
ContentSoftwareId ContentSoftwareId This contains information which identifies RFC2801
the software which generated the
content of the element. Its purpose is to
help resolve interoperability problems
that might occur as a result of
incompatibilities between messages
produced by different software. It is a
single text string in the language defined
by xml:lang. It must contain, as a
minimum: -- the name of the software
manufacturer -- the name of the
software -- the version of the software,
and -- the build of the software It is
recommended that this attribute is
included whenever the software which
generated the content cannot be
identified from the SoftwareId attribute
on the Message Id Component (see
section 3.3.2)
Content-Transfer- Content-Transfer- Conversion of a text into 7-bit octets as RFC2557
Encoding Encoding specified in [MIME1] chapter 6.
Content-type Content-type Type information indicating what the RFC2157
content of a body part actually is. This
term comes from MIME; the
corresponding X.400 term is "body part
type".
context 文脈 An ordered subset of entries in a RFC2244
dataset, created by a SEARCH command
with a MAKECONTEXT modifier. See
section 3.3.
context 文脈 The state which the compressor uses to RFC2507
compress a header and the
decompressor uses to decompress a
header. The context is the uncompressed
version of the last header sent
(compressor) or received (decompressor)
over the link, except for fields in the
header that are included "as-is" in
compressed headers or can be inferred
from, e.g., the size of the link-level frame.
The context for a packet stream is
associated with a context identifier. The
context for non-TCP packet streams is
also associated with a generation.
Context Identifier 文脈識別子(CID) A small unique number identifying the RFC2507
(CID) context that should be used to
decompress a compressed header.
Carried in full headers and compressed
headers.
contingency plan 非常時計画 (I) A plan for emergency response, RFC2828
backup operations, and post-
disaster recovery in a system as
part of a security program to
ensure availability of critical system
resources and facilitate
continuity of operations in a crisis.
[NCS04] (See: availability.)
continuous media 連続メディア Data where there is a timing relationship RFC2326
between source andsink; that is, the sink
must reproduce the timing
relationshipthat existed at the source.
The most common examples
ofcontinuous media are audio and motion
video. Continuous mediacan be real-time
(interactive), where there is a
"tight"timing relationship between source
and sink, or streaming(playback), where
the relationship is less strict.
Contributing Source 貢献する発信源(CS A source of a stream of RTP packets RFC1889
(CSRC) RC) that has contributed to the combined
stream produced by an RTP mixer (see
below). The mixer inserts a list of the
SSRC identifiers of the sources that
contributed to the generation of a
particular packet into the RTP header of
that packet. This list is called the CSRC
list. An example application is audio
conferencing where a mixer indicates all
the talkers whose speech was combined
to produce the outgoing packet, allowing
the receiver to indicate the current
talker, even though all the audio packets
contain the same SSRC identifier (that
of the mixer).
control 制御 a tool that can change the state or RFC1470
status of a remote network resource.
control attributes 制御属性 Attributes, associated with a security RFC2820
object that, when matched against the
privilege attributes of a security subject,
are used to grant or deny access to the
security object. An access control list or
list of rights or time of day range are
examples of control attributes.
control connection 制御接続 A control connection operates in-band RFC2661
over a tunnel to control the
establishment, release, and maintenance
of sessions and of the tunnel itself.
control connection 制御接続 The communication path between the RFC959
USER-PI and SERVER-PI for the
exchange of commands and replies. This
connection follows the Telnet Protocol.
control language 制御言語 a data syntax or language for controlling RFC1759
the printer through the print data channel.
control messages 制御伝達文 Control messages are exchanged RFC2661
between LAC and LNS pairs, operating in-
band within the tunnel protocol. Control
messages govern aspects of the tunnel
and sessions within the tunnel.
controlled delay 制御された遅延 controlled delay merely tries to provide RFC1821
several levels of delay which applications
may choose between [25].
controlled security 制御された安全保護 (D) ISDs SHOULD NOT use this RFC2828
mode モード term. It was defined in an earlier
version of the U.S. Department of
Defense policy that regulates
system accreditation, but was
subsumed by "partitioned security
mode" in the current version. [DOD2]
controlled security 制御された安全保護 (C) Controlled mode was intended to
mode モード encourage ingenuity in meeting
the security requirements of
Defense policy in ways less
restrictive than "dedicated security
mode" and "system high
security mode", but at a level of risk
lower than that generally
associated with the true "multilevel
security mode". This was to
be accomplished by implementation
of explicit augmenting measures
to reduce or remove a substantial
measure of system software
vulnerability together with specific
limitation of the security
clearance levels of users permitted
concurrent access to the
system.
controlled security 制御された安全保護 (C) The term refers to a mode of
mode モード operation of an information
system, wherein at least some users
with access to the system have
neither a security clearance nor a
need-to-know for all classified
material contained in the system.
However, separation and control
of users and classified material on
the basis, respectively, of
clearance and classification level are
not essentially under
operating system control like they
are in "multilevel security
mode".
conventional 規約上の Used with respect to networks, this RFC2067
refers to Ethernet, FDDI and 802 LAN
types, as distinct from HIPPI-SC LANs.
cookie クッキー (I) access control usage: A synonym RFC2828
for "capability" or "ticket"
in an access control system.
cookie クッキー (C) An HTTP server, when sending
data to a client, may send along
a cookie, which the client retains
after the HTTP connection
closes. A server can use this
mechanism to maintain persistent
client-side state information for
HTTP-based applications,
retrieving the state information in
later connections. A cookie
may include a description of the
range of URLs for which the state
is valid. Future requests made by the
client in that range will
also send the current value of the
cookie to the server. Cookies
can be used to generate profiles of
web usage habits, and thus may
infringe on personal privacy.
cookie クッキー (I) HTTP usage: Data exchanged
between an HTTP server and a
browser (a client of the server) to
store state information on the
client side and retrieve it later for
server use.
cookie クッキー
(I) IPsec usage: Data exchanged by
ISAKMP to prevent certain
denial-of-service attacks during the
establishment of a security
association.
cookies クッキー Cookies register information about a visit RFC2504
to a web site forfuture use by the server.
A server may receive information
ofcookies of other sites as well which
create concern in terms ofbreach of
privacy.
cooperating 協力するトランスポ a set of TCP connections (for example) RFC1254
transport entities ート実体 which follow an effective method of
adjusting their demand on the Internet in
response to congestion.
cooperating user 協力する利用者ザエ A User Agent (UA) that cooperates with RFC1330
agent ージェント another recipient's UA in order to
facilitate the communication between
originator and recipient.
Coordinated 協定世界時(UTC) UTC is derived from International Atomic RFC2828
Universal Time Time (TAI) by adding a number of leap
(UTC) seconds. The International Bureau of
Weights and Measures computes TAI
once each month by averaging data from
many laboratories. (See:
GeneralizedTime, UTCTime.)
Coordinating 大陸間研究ネットワ A committee that includes the United RFC1983
Committee for ーク協調委員会(CCI States FNC and its counterparts in North
Intercontinental RN) America and Europe. Co-chaired by the
Research Networks executive directors of the FNC and the
(CCIRN) European Association of Research
Networks (RARE), the CCIRN provides a
forum for cooperative planning among the
principal North American and European
research networking bodies. See also:
Federal Networking Council, RARE.
[Source: MALAMUD]
copy コピー See: card copy. RFC2828
core gateway 中核ゲートウェイ The innermost gateways of the Internet. RFC1118
These gateways have a total picture of
the reachability to all networks known to
the Internet. They then redistribute
reachability information to their neighbor
gateways speaking EGP. It is from them
your EGP agent (there is one acting for
you somewhere if you can reach the core
of the Internet) finds out it can reach all
the nets on the Internet. Which is then
passed to you via Hello, gated, RIP. The
core gateways mostly connect campuses
to the ARPANET, or interconnect the
ARPANET and the MILNET, and are run
by BBN.
core gateway 中核ゲートウェイ Historically, one of a set of gateways RFC1208
(routers) operated by the Internet
Network Operations Center at BBN. The
core gateway system forms a central
part of Internet routing in that all groups
must advertise paths to their networks
from a core gateway, using the Exterior
Gateway Protocol (EGP). See EGP,
core gateway 中核ゲートウェイ Historically, one of a set of gateways RFC1983
(routers) operated by the Internet
Network Operations Center at Bolt,
Beranek and Newman (BBN). The core
gateway system formed a central part of
Internet routing in that all groups must
advertise paths to their networks from a
core gateway. [Source: MALAMUD]
core router (or just 中核ルータ(又は単 is a router which acts as a "meeting RFC2189
"core") に中核) point" between a sender and group
receivers. The term "rendezvous point
(RP)" is used equivalently in some
contexts [2]. A core router need not be
configured to know it is a core router.
Corporation for 研究および教育ネッ This organization was formed in October RFC1983
Research and トワークキング機構 1989, when Bitnet and CSNET
Educational (Computer + Science NETwork) were
Networking (CREN) combined under one administrative
authority. CSNET is no longer
operational, but CREN still runs Bitnet.
See also: Bitnet. [Source: NNSC]
correctness integrity 完全正確性 Accuracy and consistency of the RFC2828
information that data values represent,
rather than of the data itself. Closely
related to issues of accountability and
error handling. (See: data integrity,
source integrity.)
correctness proof 正確性証明 A mathematical proof of consistency RFC2828
between a specification for system
security and the implementation of that
specification. (See: formal specification.)
Correspondent Node 応答ノード A peer with which a mobile node is RFC2002
communicating. A correspondent node
may be either mobile or stationary.
Correspondent 応答ノード(CN) A system that is exchanging data RFC2356
Node (CN) packets with the mobilenode.
COS COS Corporation for Open Systems. A vendor RFC1208
and user group for conformance testing,
certification, and promotion of OSI
products.
COSINE COSINE Cooperation for Open Systems RFC1208
Interconnection Networking in Europe. A
program sponsored by the European
Commission, aimed at using OSI to tie
together European research networks.
COSINE-MHS COSINE-MHS The COSINE-MHS community is mainly RFC1465
formed by European X.400 service
providers from the academic and
research area, each of which is a member
of RARE. The COSINE-MHS community
is used in the annex as an example for
the usage of this document in a
multinational environment.
count to infinity 無限カウント The symptom of a routing problem where RFC1118
routing information is passed in a circular
manner through multiple gateways. Each
gateway increments the metric
appropriately and passes it on. As the
metric is passed around the loop, it
increments to ever increasing values
until it reaches the maximum for the
routing protocol being used, which
typically denotes a link outage.
countermeasure 対抗策 An action, device, procedure, or RFC2828
technique that reduces a threat, a
vulnerability, or an attack by eliminating
or preventing it, by minimizing the harm it
can cause, or by discovering and
reporting it so that corrective action can
be taken.
countermeasure 対抗策 In an Internet protocol, a RFC2828
countermeasure may take the form of a
protocol feature, an element function, or
a usage constraint.
country code 国名コード An identifier that is defined for a nation RFC2828
by ISO. [I3166]
country code 国名コード For each nation, ISO Standard 3166 RFC2828
defines a unique two- character
alphabetic code, a unique three-
character alphabetic code, and a three-
digit code. Among many uses of these
codes, the two-character codes are used
as top-level domain names.
covert channel 隠れ通信経路 A communications channel that allows RFC2828
two cooperating processes to transfer
information in a manner that violates the
system's security policy. [NCS04]
covert channel 隠れ通信経路 A intra-system channel that permits two RFC2828
cooperating entities, without exceeding
their access authorizations, to transfer
information in a way that violates the
system's security policy. (See: channel,
out of band.)
covert channel 隠れ通信経路 The cooperating entities can be either RFC2828
two insiders or an insider and an
outsider. Of course, an outsider has no
access authorization at all. A covert
channel is a system feature that the
system architects neither designed nor
intended for information transfer:
CPL CPL A Call Processing Language, a simple RFC2824
language to describe how Internet
telephony call invitations should be
processed.
CPS CPS See: certification practice statement. RFC2828
CR CR See [RFC822]. RFC2557
cracker クラッカ A cracker is an individual who attempts RFC1983
to access computer systems without
authorization. These individuals are
often malicious, as opposed to hackers,
and have many means at their disposal
for breaking into a system. See also:
hacker, Computer Emergency Response
Team, Trojan Horse, virus, worm.
cracker クラッカ This term is used to describe attackers, RFC2504
intruders or other badguys that do not
play by the rules and try to circumvent
securitymechanisms and/or attack
individuals and organisations.
cracker クラッカ Someone who tries to break the security RFC2828
of, and gain access to, someone else's
system without being invited to do so.
(See: hacker and intruder.)
CRAM CRAM See: Challenge-Response Authentication RFC2828
Mechanism.
crankback クランクバック A technique where a flow setup is RFC2386
recursively backtrackedalong the partial
flow path up to the first node that can
determinean alternative path to the
destination.
CRC CRC See: cyclic redundancy check. RFC2828
credential(s) 証明書 Data that is transferred or presented to RFC2828
establish either a claimed identity or the
authorizations of a system entity. (See:
authentication information, capability,
ticket.)
credential(s) 証明書 Data that is transferred to establish the RFC2828
claimed identity of an entity. [I7498 Part
2]
credentials 証明書 Information "state" required by principals RFC1507
in order to for them to authenticate.
Credentials may contain information used
to initiate the authentication process
(claimant information), information used
to respond to an authentication request
(verifier information), and cached
information useful in improving
performance.
credentials 証明書 A ticket plus the secret session key RFC1510
necessary to successfully use that ticket
in an authentication exchange.
credentials 証明書 Data that serve to establish the claimed RFC2820
identity of a security subject relative to a
given security domain.
CREN CREN See BITNET and CSNET. RFC1208
critical 臨界 Critical extension: Each extension of an RFC2828
X.509 certificate (or CRL) is marked as
being either critical or non- critical. If an
extension is critical and a certificate user
(or CRL user) does not recognize the
extension type or does not implement its
semantics, then the user is required to
treat the certificate (or CRL) as invalid.
If an extension is non-critical, a user that
does not recognize or implement that
extension type is permitted to ignore the
extension and process the rest of the
certificate (or CRL).
critical 臨界 Critical system resource: A condition of RFC2828
a service or other system resource such
that denial of access to (i.e., lack of
availability of) that resource would
jeopardize a system user's ability to
perform a primary function or would
result in other serious consequences.
(See: availability, sensitive.)
critical alert 臨界警告 an alert triggered by an event which RFC1759
leads to a state in which printing is no
longer possible; the printer is stopped
CRL CRL See: certificate revocation list. RFC2828
CRL distribution CRL分配点 See: distribution point. RFC2828
point
CRL extension CRL拡張 See: extension. RFC2828
CRL extension CRL拡張 X.509 defines extensions that may be RFC2828
included in v2 CRLs to provide
additional issuer key and name
information, revocation reasons and
constraints, and information about
distribution points and delta CRLs.
CRLF CRLF The term CRLF, in this set of RFC2045
documents, refers to the sequence of
octets corresponding to the two US-
ASCII characters CR (decimal value 13)
and LF (decimal value 10) which, taken
together, in this order, denote a line
break in RFC 822 mail.
CRLF CRLF See [RFC822]. RFC2557
cross-certificate 相互証明 See: cross-certification. RFC2828
cross-certification 相互証明 Cross-certification enables users to RFC2828
validate each other's certificate when the
users are certified under different
certification hierarchies.
cross-certification 相互証明 The act or process by which two CAs RFC2828
each certify a public key of the other,
issuing a public-key certificate to that
other CA.
cryptanalysis 暗号解読 The "O" definition states the traditional RFC2828
goal of cryptanalysis--convert the
ciphertext to plaintext (which usually is
cleartext) without knowing the key--but
that definition applies only to encryption
systems. Today, the term is used with
reference to all kinds of cryptographic
algorithms and key management, and the
"I" definition reflects that. In all cases,
however, a cryptanalyst tries to uncover
or reproduce someone else's sensitive
data, such as cleartext, a key, or an
algorithm. The basic cryptanalytic
attacks on encryption systems are
ciphertext- only, known-plaintext,
chosen-plaintext, and chosen-ciphertext;
and these generalize to the other kinds
of cryptography.
cryptanalysis 暗号解読 The analysis of a cryptographic system RFC2828
and/or its inputs and outputs to derive
confidential variables and/or sensitive
data including cleartext. [I7498 Part 2]
cryptanalysis 暗号解読 The mathematical science that deals with RFC2828
analysis of a cryptographic system in
order to gain knowledge needed to break
or circumvent the protection that the
system is designed to provide. (See:
cryptology.)
crypto 暗号技術 Except as part of certain long- RFC2828
established terms listed in this Glossary,
ISDs SHOULD NOT use this abbreviated
term because it may be misunderstood.
Instead, use "cryptography" or
"cryptographic".
cryptographic 暗号アルゴリズム An algorithm that employs the science of RFC2828
algorithm cryptography, including encryption
algorithms, cryptographic hash
algorithms, digital signature algorithms,
and key agreement algorithms.
Cryptographic 暗号アプリケーショ The source code formats and procedures RFC2828
Application ンプログラムインタフ through which an application program
Programming ェース(CAPI) accesses cryptographic services, which
Interface (CAPI) are defined abstractly compared to their
actual implementation. For example, see:
PKCS #11, [R2628].
cryptographic card 暗号カード A cryptographic token in the form of a RFC2828
smart card or a PC card.
cryptographic 暗号検査合計 Information which is derived by RFC1507
checksum performing a cryptographic
transformation on the data unit. This
information can be used by the receiver
to verify the authenticity of data passed
cryptographic 暗号要素 A generic term for any system RFC2828
component component that involves cryptography.
(See: cryptographic module.)
cryptographic hash 暗号ハッシュ See: (secondary definition under) hash RFC2828
function.
Cryptographic 暗号点火鍵(CIK) A physical (usually electronic) token used RFC2828
Ignition Key (CIK) to store, transport, and protect
cryptographic keys. (Sometimes
abbreviated as "crypto ignition key".)
Cryptographic 暗号点火鍵(CIK) A typical use is to divide a split key RFC2828
Ignition Key (CIK) between a CIK and a cryptographic
module, so that it is necessary to
combine the two to regenerate a key-
encrypting key and thus activate the
module and other keys it contains.
cryptographic key 暗号鍵 A sequence of symbols that controls the RFC2828
operations of encipherment and
decipherment. [I7498 Part 2]
cryptographic key 暗号鍵 If a key value needs to be kept secret, RFC2828
the sequence of symbols (usually bits)
that comprise it should be random, or at
least pseudo-random, because that
makes the key hard for an adversary to
guess. (See: cryptanalysis, brute force
attack.)
cryptographic key 暗号鍵 Usually shortened to just "key". An input RFC2828
parameter that varies the transformation
performed by a cryptographic algorithm.
Cryptographic 暗号メッセージ構文( A encapsulation syntax for digital RFC2828
Message Syntax CMS) signatures, hashes, and encryption of
(CMS) arbitrary messages. [R2630]
Cryptographic 暗号メッセージ構文( CMS was derived from PKCS #7. CMS RFC2828
Message Syntax CMS) values are specified with ASN.1 and use
(CMS) BER encoding. The syntax permits
multiple encapsulation with nesting,
permits arbitrary attributes to be signed
along with message content, and
supports a variety of architectures for
digital certificate-based key management.
cryptographic 暗号モジュール A set of hardware, software, firmware, or RFC2828
module some combination thereof that
implements cryptographic logic or
processes, including cryptographic
algorithms, and is contained within the
module's cryptographic boundary, which
is an explicitly defined contiguous
perimeter that establishes the physical
bounds of the module. [FP140]
cryptographic 暗号システム A collection of transformations from RFC2828
system plaintext into ciphertext and vice versa
[which would exclude digital signature,
cryptographic hash, and key agreement
algorithms], the particular
transformation(s) to be used being
selected by keys. The transformations
are normally defined by a mathematical
algorithm. [X509]
cryptographic 暗号システム A set of cryptographic algorithms RFC2828
system together with the key management
processes that support use of the
algorithms in some application context.
cryptographic 暗号システム This "I" definition covers a wider range RFC2828
system of algorithms than the following "O"
definition:
cryptographic token 暗号トークン A portable, user-controlled, physical RFC2828
device used to store cryptographic
information and possibly perform
cryptographic functions. (See:
cryptographic card, token.)
cryptographic token 暗号トークン A smart token may implement some set RFC2828
of cryptographic algorithms and may
implement related algorithms and key
management functions, such as a random
number generator. A smart cryptographic
token may contain a cryptographic
module or may not be explicitly designed
that way.
cryptography 暗号技術 The discipline which embodies principles, RFC2828
means, and methods for the
transformation of data in order to hide
its information content, prevent its
undetected modification and/or prevent
its unauthorized use. . . . Cryptography
determines the methods used in
encipherment and decipherment. [I7498
Part 2]
cryptography 暗号技術 The mathematical science that deals with RFC2828
transforming data to render its meaning
unintelligible (i.e., to hide its semantic
content), prevent its undetected
alteration, or prevent its unauthorized
use. If the transformation is reversible,
cryptography also deals with restoring
encrypted data to intelligible form. (See:
cryptology, steganography.)
Cryptoki Cryptoki See: (secondary definition under) PKCS RFC2828
#11.
cryptolibrary 暗号ライブラリ Part of cryptoplugin that provides its RFC2628
cryptographic functionality via Crypto
cryptology 暗号学 The science that includes both RFC2828
cryptography and cryptanalysis, and
sometimes is said to include
steganography.
cryptonet 暗号ネット A group of system entities that share a RFC2828
secret cryptographic key for a symmetric
algorithm.
cryptoperiod 暗号有効期間 A cryptoperiod is usually stated in terms RFC2828
of calendar or clock time, but sometimes
is stated in terms of the maximum
amount of data permitted to be
processed by a cryptographic algorithm
using the key. Specifying a cryptoperiod
involves a tradeoff between the cost of
rekeying and the risk of successful
cryptoperiod 暗号有効期間 Although we deprecate its prefix, this RFC2828
term is long- established in COMPUSEC
usage. (See: crypto) In the context of
certificates and public keys, "key
lifetime" and "validity period" are often
used instead.
cryptoperiod 暗号有効期間 The time span during which a particular RFC2828
key is authorized to be used in a
cryptographic system. (See: key
management.)
cryptoplugin 暗号プラグイン Operation system unit (driver, shared RFC2628
library, module) that provides
cryptographic functions via well-defined
(but OS-specific) interface.
cryptosystem 暗号システム ISDs SHOULD NOT use this term as an RFC2828
abbreviation for cryptographic system.
(For rationale, see: crypto.)
CSIRT CSIRT See: computer security incident response 計算機セキュリティインシデント対応チー RFC2828
team. ム
CSMA/CD CSMA/CD Carrier Sense Multiple Access with 衝突検知を用いる搬送波検出複数アクセ RFC1208
Collision Detection. The access method ス方式。イーサネットなどのLANで使用さ
used by local area networking れるアクセス方法。
technologies such as Ethernet.
CSNET CSNET Computer+Science Network. A large コンピュータ科学ネットワーク。巨大な計算 RFC1208
computer network, mostly in the U.S. but 機ネットワークであり、ほとんどが米国内で
with international connections. CSNET あるが、国際接続もある。CSNETは大学、
sites include universities, research labs, 研究所、いくつかの商企業とが含まれる。
and some commercial companies. Now 現在、BITNETと融合し、CRENを構成して
merged with BITNET to form CREN. See いる。BITNET参照。
BITNET.
CSOR CSOR See: Computer Security Objects Register. 計算機セキュリティオブジェクト登録参照。 RFC2828
C-Type C型 The class type of an object; unique オブジェクトのクラス型。クラス名の中でユ RFC2205
within class-name. See "class-name". ニークである。
Cumulative TSN 累積TSN ACK点 The TSN of the last DATA chunk SACKのTSN Ackフィールドによって肯定 RFC2960
Ack Point acknowledged via the Cumulative TSN 応答された最後のデータチャンクのTSN。
Ack field of a SACK.
Curses Curses a tool that uses the "curses" tty "curses"のTTYインターフェースパッケー RFC1470
interface package. ジを用いるツール。
CU-SeeMe CU-SeeMe Pronnounced "See you, See me," CU- シーユーシーミーと読む。シーユーシーミ RFC1983
SeeMe is a publicly available ーは、コーネル大学で開発された、一般的
videoconferencing program developed at に利用できるビデオ会議のプログラムであ
Cornell University. It allows anyone with る。このプログラムによって、映像音声が
audio/video capabilites and an Internet 利用可能でありかつインターネットに接続
connection to videoconference with できるひとであれば誰でもそうした人たちと
anyone else with the same capabilities. テレビ会議をすることが可能になる。また、
It also allows multiple people to tie into 複数の人たちが同じテレビ会議に参加す
the same videoconference. ることが可能になる。
Customer Care 顧客サービス提供者 An Organisation that is providing 商人の代理となるなどのように、顧客対応 RFC2801
Provider customer care typically on behalf of a 業務を提供する組織。顧客対応業務の例
Merchant. Examples of customer care としては、消費者が参加しているIOTPトラ
include, responding to problems raised by ンザクションから生ずる消費者からの苦情
a Consumer arising from an IOTP への応答などを含む。
Transaction that the Consumer took part
in.
Customer Service 顧客サービスセンタ An entity of a service provider that 契約者に対する利用者支援と援助を提供 RFC2636,
Center provides user support and assistance to するサービス提供者の部門。 RFC2637
subscribers.
Customer Service 顧客サービスセンタ A person that operates from a customer 顧客サービスセンタの運用を行っている人 RFC2636,
Representative 窓口 service center and provides user support であり、契約者に対する利用者支援と援助 RFC2637
and assistance to subscribers. を提供する。
cut-and-paste 切り貼り攻撃 (I) An active attack on the data integrity 暗号文に対するデータ完全性への積極攻 RFC2828
attack of ciphertext, effectedby replacing 撃であり、暗号文の一部を他の暗号文に
sections of ciphertext with other 置き換えることで行われ、復号は正しく行
ciphertext, suchthat the result appears えるようにみえるが、実際には攻撃者の満
to decrypt correctly but actually 足するように偽造された平文に復号される
decryptsto plaintext that is forged to the ようになる。
satisfaction of the attacker.
Cut-through packet カットスルーパケット Packets are forwarded without any IP データリンクレベルの情報(VPI/VCI)を用 RFC2129
forwarding 転送 processing at the router using the い、IP処理をまったく行わないでルータで
datalink level information (e.g.,VPI/VCI). パケットが転送されること。インターネットレ
Internetworking level information (e.g., ベルの情報(あて先IPアドレスなど)は、FA
destination IP address) is mapped to the NPを用いることで対応するデータリンクレ
corresponding datalink-level identifier by ベルの識別子に対応ずけられる。
using the FANP.
Cut-through trigger カットスルートリガ When a FANP capable node receives a FANP利用可能ノードがトリガーパケットを RFC2129
trigger packet, it tries to establish 受け取ったとき、そのノードは専用VCの確
Dedicated-VC and to notify the mapping 立とともに、専用VCと受信したトリガーパ
information between the Dedicated-VC ケットが属するIPパケットフローとの対応情
and the IP packet flow which the 報を伝えようとする。トリガーパケットは、各
received trigger packet belongs to. FANP利用可能ノードの局所ポリシによっ
Trigger packets are defined by the port- てTCP/UDPのポート識別によって定義さ
ID of TCP/UDP with the local policy of れる。一般に、それは、httpやftp、nntpの
each FANP capable node. In general, ように長く継続するとか大量のパケットから
they would be the port-ID's of sessions なるセッションのポート識別になる。将来は
with a long life-time and/or with large 、資源予約要求の到来など、ほかのトリガ
amount of packets; e.g., http, ftp and ーが含まれる。
nntp. Future implementation will include
other triggers such as an arrival of
resource reservation request.
CWIS CWIS See: Campus Wide Information system キャンパスサイズ情報システム参照 RFC1983
Cyberspace サイバースペース、 A term coined by William Gibson in his RFC1983
電脳空間、計算機空 fantasy novel Neuromancer to describe
間 the "world" of computers, and the
society that gathers around them.
[Source: ZEN]
cyclic redundancy 巡回冗長検査(CRC) (I) Sometimes called "cyclic redundancy RFC2828
check (CRC) code". A type of checksumalgorithm that
is not a cryptographic hash but is used
toimplement data integrity service where
accidental changes to dataare expected.
Cyclic Redundancy 巡回冗長検査(CRC) A number derived from a set of data that RFC1983
Check (CRC) will be transmitted. By recalculating the
CRC at the remote end and comparing it
to the value originally transmitted, the
receiving node can detect some types of
transmission errors. See also: checksum.
[Source: MALAMUD]
D_ID D_ID Destination ID あて先識別 RFC2625
DAC DAC See: Data Authentication Code, RFC2828
discretionary access control.
Daemons (inetd, デーモン These are processes that run on 他の計算機やプロセスにサービスを提供 RFC2504
talkd, etc.) computer systems to provideservices to するための計算機上のプロセス
other computer systems or processes.
Typically,daemons are considered
"servers".
DAG/IP DAG/IP DAG-Internal Protocol -- communication RFC2967
protocol used between software
components of the DAG.
DAG-CAP DAG-CAP Client Access Point -- point of RFC2967
communication between client-access
software and the DAG system.
DAG-SAP DAG-SAP Service Access Point -- point of RFC2967
communication between the DAG and
WDSP software.
DAG-System DAGシステム The Directory Access Gateway system RFC2967
resulting from the TISDAG project. A
collection of infrastructural software and
services for the purpose of providing
unified access to Swedish whitepages
information.
DANTE DANTE A non-profit company founded in July ダンテと読む。欧州の研究コミュニティを援 RFC1983
1993 to help the European research 助するためにネットワーク設備を増強する
community enhance their networking 非営利企業。
facilities. It focuses on the
establishment of a high-speed computer
network infrastructure.
DAP DAP Directory Access Protocol; the protocol ディレクトリアクセスプロトコル。DUAとDSA RFC1943
between a DUA and a DSA. 間のプロトコル。
DAP DAP See DIRECTORY ACCESS PROTOCOL. RFC1330
DARPA DARPA Defense Advanced Research Projects RFC1983
Agency See: Advanced Research
Projects Agency
DARPA DARPA Defense Advanced Research Projects RFC1208
Agency. The U.S.government agency that
funded the ARPANET.
DASS DASS See: Distributed Authentication Security RFC2828
Service.
data データ (I) Information in a specific physical 特定の物理的意味を持つ情報であり、通 RFC2828
representation, usually asequence of 常意味を持つ記号(シンボル)列であり、特
symbols that have meaning; especially a に
representationof information that can be
processed or produced by a computer.
Data Authentication データ認証アルゴリ (D) ISDs SHOULD NOT use the RFC2828
Algorithm ズム uncapitalized form of this term as
asynonym for other kinds of checksums.
Data Authentication データ認証アルゴリ (N) A keyed hash function equivalent to RFC2828
Algorithm ズム DES cipher block chainingwith IV = 0.
[A9009]
data authentication データ認証符号とDa 1. (N) Capitalized: "The Data 大文字で始まるThe Data Authentication RFC2828
code vs. Data ta Authentication Authentication Code" refers to aU.S. Codeとは、米国標準"the Data
Authentication Code(DAC) Government standard [FP113] for a Authentication
Code (DAC) checksum that is computedby the Data Argorithm"[FP113]で計算されるチェックサ
Authentication Algorithm. (Also known as ムである。(ANSI
the ANSIstandard Message 標準のメッセージ認証符号[A9009]としてし
Authentication Code [A9009].) られている)。
data authentication データ認証符号とDa 2. (D) Not capitalized: ISDs SHOULD RFC2828
code vs. Data ta Authentication NOT use "data authenticationcode" as a
Authentication Code(DAC) synonym for another kind of checksum,
Code (DAC) because this termmixes concepts in a
potentially misleading way.
(See:authentication code.) Instead, use
"checksum", "error detectioncode",
"hash", "keyed hash", "Message
Authentication Code", or"protected
checksum", depending on what is meant.
data compromise 情報が危険な状態 (I) A security incident in which RFC2828
にさらされる information is exposed to potential
unauthorized access, such that
unauthorized disclosure,alteration, or use
of the information may have occurred.
(See:compromise.)
data confidentiality データ秘匿性 (D) ISDs SHOULD NOT use this term as RFC2828
a synonym for "privacy",which is a
different concept.
data confidentiality データ秘匿性 (I) "The property that information is not RFC2828
made available ordisclosed to
unauthorized individuals, entities, or
processes[i.e., to any unauthorized
system entity]." [I7498 Part 2]. (See:data
confidentiality service.)
data confidentiality データ秘匿サービス (D) ISDs SHOULD NOT use this term as RFC2828
service a synonym for "privacy",which is a
different concept.
data confidentialityデータ秘匿サービス (I) A security service that protects data RFC2828
service against unauthorizeddisclosure. (See:
data confidentiality.)
data connection データ接続 A full duplex connection over which data RFC959
is transferred, in a specified mode and
type. The data transferred may be a part
of a file, an entire file or a number of
files. The path may be between a server-
DTP and a user-DTP, or between two
server-DTPs.
Data Encryption データ暗号化アルゴ (C) This algorithm is usually referred to RFC2828
Algorithm (DEA) リズム(DEA) as "DES". The algorithmhas also been
adopted in standards outside the
Government (e.g.,[A3092]).
Data Encryption データ暗号化アルゴ (N) A symmetric block cipher, defined as RFC2828
Algorithm (DEA) リズム(DEA) part of the U.S.Government's Data
Encryption Standard. DEA uses a 64-bit
key, ofwhich 56 bits are independently
chosen and 8 are parity bits, andmaps a
64-bit block into another 64-bit block.
[FP046] (See: DES,symmetric
cryptography.)
data encryption key 暗号化鍵(DEK) (I) A cryptographic key that is used to RFC2828
(DEK) encipher application data.(See: key-
encrypting key.)
Data Encryption 暗号化鍵(DEK) Used for the encryption of message text RFC1983
Key (DEK) and for the computation of message
integrity checks (signatures). See also:
encryption.
Data Encryption データ暗号化標準( DES is a very widely used symmetric RFC2246
Standard DES) encryption algorithm. DES is a block
cipher with a 56 bit key and an 8 byte
block size. Note that in TLS, for key
generation purposes, DES is treated as
having an 8 byte key length (64 bits), but
it still only provides 56 bits of protection.
(The low bit of each key byte is
presumed to be set to produce odd
parity in that key byte.) DES can also be
operated in a mode where three
independent keys and three encryptions
are used for each block of data; this uses
168 bits of key (24 bytes in the TLS key
generation method) and provides the
equivalent of 112 bits of security. [DES],
[3DES]
Data Encryption データ暗号化標準(D (N) A U.S. Government standard [FP046] RFC2828
Standard (DES) ES) that specifies the DataEncryption
Algorithm and states policy for using the
algorithm toprotect unclassified,
sensitive data. (See: AES, DEA.)
Data Encryption データ暗号化標準(D A popular, standard encryption scheme. RFC1983
Standard (DES) ES) See also: encryption, Pretty Good
Privacy, RSA.
data integrity データ完全性 (C) Deals with constancy of and RFC2828
confidence in data values, notwith the
information that the values represent
(see: correctnessintegrity) or the
trustworthiness of the source of the
values(see: source integrity).
data integrity データ完全性 (I) The property that data has not been RFC2828
changed, destroyed, orlost in an
unauthorized or accidental manner. (See:
data integrityservice.)
data integrity データ完全性 (O) "The property that information has RFC2828
not been modified ordestroyed in an
unauthorized manner." [I7498 Part 2]
data integrity データ完全性サービ (C) A data integrity service can only RFC2828
service ス detect a change and reportit to an
appropriate system entity; changes
cannot be preventedunless the system is
perfect (error-free) and no malicious
userhas access. However, a system that
offers data integrity servicemight also
attempt to correct and recover from
changes.
data integrity データ完全性サービ (C) Relationship between data integrity RFC2828
service ス service and authenticationservices:
Although data integrity service is defined
separatelyfrom data origin authentication
service and peer entityauthentication
service, it is closely related to
them.Authentication services depend, by
definition, on companion dataintegrity
services. Data origin authentication
service providesverification that the
identity of the original source of
areceived data unit is as claimed; there
can be no suchverification if the data
unit has been altered. Peer
entityauthentication service provides
verification that the identity ofa peer
entity in a current association is as
claimed; there can beno such verification
if the claimed identity has been altered.
data integrity データ完全性サービ (I) A security service that protects RFC2828
service ス against unauthorized changesto data,
including both intentional change or
destruction andaccidental change or loss,
by ensuring that changes to data
aredetectable. (See: data integrity.)
Data link frame size データリンクフレーム The number of octets in the frame from RFC1242
長 the first octet following the preamble to
the end of the FCS, if present, or to the
last octet of the data if there is no FCS.
data link layer データリンク層 Layer two in the ISO reference model. RFC1547
Defines how bits transmitted and
received by the physical layer are
recognized as bytes and frames. May
also define procedures for error
detection and correction, sequencing and
Data Link Layer データリンク層 The OSI layer that is responsible for data RFC1208
transfer across a single physical
connection, or series of bridged
connections, between two Network
entities.
Data Link Switching データリンクスイッチ This is best described as a routing RFC1538
(DLSw) (DLSw) protocol used for the conversion of LLC-
based SNA sessions to an IP form. The
initial version of the DLSw protocol is
documented in the informational RFC
1434 [1].
data origin 発信元認証 (I) "The corroboration that the source of RFC2828
authentication data received is asclaimed." [I7498 Part
2] (See: authentication.)
data origin 発信元認証サービス (C) A digital signature mechanism can be RFC2828
authentication used to provide thisservice, because
service someone who does not know the private
key cannotforge the correct signature.
However, by using the signer's publickey,
anyone can verify the origin of correctly
signed data.
data origin 発信元認証サービス (C) This service is provided to any RFC2828
authentication system entity that receives orholds the
service data. Unlike peer entity authentication
service, thisservice is independent of any
association between the originatorand
the recipient, and the data in question
may have originated atany time in the
data origin 発信元認証サービス (C) This service is usually bundled with RFC2828
authentication connectionless dataintegrity service.
service (See: (relationship between data
integrityservice and authentication
services under) data integrity service.
data origin 発信元認証サービス (I) A security service that verifies the RFC2828
authentication identity of a systementity that is claimed
service to be the original source of received
data.(See: authentication, authentication
service.)
Data Packet データパケット The payload portion of the MAC Packet. RFC2670
data port データポート The passive data transfer process RFC959
"listens" on the data port for a
connection from the active transfer
process in order to open the data
connection.
data privacy データのプライバシ (D) ISDs SHOULD NOT use this term RFC2828
because it mix concepts in apotentially
misleading way. Instead, use either
"dataconfidentiality" or "privacy",
depending on what is meant.
Data resource データ資源 A network data object that can be RFC 2703
transferred. Data resources may be
available in multiple representations (e.g.
multiple languages, data formats, size,
resolutions) or vary in other ways. (See
also: Message, Resource)
data security データセキュリティ (C) Both data confidentiality service and RFC2828
data integrity serviceare needed to
achieve data security.
data security データセキュリティ (I) The protection of data from RFC2828
disclosure, alteration,destruction, or loss
that either is accidental or is
intentionalbut unauthorized.
Data source データ送信装置 A host capable of generating traffic to RFC2647
the DUT/SUT.
Database データベース Databasesare collections of interrelated RFC1697
data organized according to a schema to
serve one or more applications. A
database is, for purposes of this MIB, a
collection of tables whose organization is
based on the relational model. There may
be one or more databases available in
each system on the host from each
product. In the MIB, data about
databases is captured in the
rdbmsDbTable and the
rdbmsDbInfoTable, each with one row per
datagram データグラム (I) "A self-contained, independent entity RFC2828
of data carryingsufficient information to
be routed from the source to
thedestination." [R1983]
Datagram データグラム A [UDP] datagram is the unit of end-to- RFC1123
end transmission in the UDP protocol.
datagram データグラム A message sent in a packet switched RFC793
computer communications network.
datagram データグラム A self-contained, independent entity of RFC1983
data carrying sufficient information to be
routed from the source to the
destination computer without reliance on
earlier exchanges between this source
and destination computer and the
transporting network. See also: frame,
packet. [Source: J. Postel]
datagram データグラム The unit of transmission in the network RFC1547,
layer (such as IP). A datagram may be
encapsulated in one or more packets 1661,1662
(q.v.) passed to the data link layer. ,1763,176
4,1967,19
76, 2043
Datagram データグラム The unit transmitted between a pair of RFC1812
internet modules. Data, called
datagrams, from sources to destinations.
The Internet Protocol does not provide a
reliable communication facility. There are
no acknowledgments either end-to-end
or hop-by-hop. There is no error no
retransmissions. There is no flow
control. See IP.
dataset データセット A collection of data (real or virtual) over RFC2651
which an index is created. When a CIP
server aggregates two or more indices,
the resultant index represents the index
from a "virtual dataset", spanning the
previous two datasets.
dataset データセット class specification The rules which allow RFC2244
a client to interpret the data within a
portion of ACAP's tree of entries.
dataset データセット One level of hierarchy in ACAP's tree of RFC2244
entries.
Dataset Identifier データセット識別子 An identifier chosen from any part of the RFC2651
ISO/CCITT OID space which uniquely
identifies a given dataset among all
datasets indexed by CIP.
dBmV dBmV Decibel relative to one milli-volt. A RFC2670
measure of RF power.
DCA DCA Defense Communications Agency. The RFC1208
government agency responsible for the
Defense Data Network (DDN).
DCA DCA See: Defense Information Systems 米国防衛通信局。現在はDISAと呼ばれて RFC1983
Agency いる。
DCE DCE Data Circuit-terminating Equipment データ回線終端機器。 RFC1983
DCE DCE Distributed Computing Environment. An RFC1208
architecture of standard programming
interfaces, conventions, and server
functionalities (e.g., naming, distributed
file system, remote procedure call) for
distributing applications transparently
across networks of heterogeneous
computers. Promoted and controlled by
the Open Software Foundation (OSF), a
consortium led by HP, DEC, and IBM.
See ONC.
DCE DCE See: Distributed Computing Environment RFC1983
DDN DDN Defense Data Network the collective ARPANETとMILNETの正しい名称 RFC1118
name for the ARPANET and MILNET.
Used frequently because although they
are seperate networks the operational
and informational foci are the same.
DDN DDN Defense Data Network. Comprises the RFC1208
MILNET and several other DoD networks.
DDN DDN See: Defense Data Network RFC1983
DDN NIC DDN NIC See: Defense Data Network Network RFC1983
Information Center
DEA DEA See: Data Encryption Algorithm. RFC2828
Dead Property 無効特性 A property whose semantics and syntax RFC2518
are not enforced by the server. The
server only records the value of a dead
property; the client is responsible for
maintaining the consistency of the
syntax and semantics of a dead property.
Debugger デバッガ a tool that by generating arbitrary RFC1470
packets and monitoring traffic, can
drive a remote network component to
various states and record its responses.
Decapsulation 逆カプセル化 The stripping of the Encapsulation RFC1241
Header and forwarding of the Clear
Datagram by the Decapsulator.
Decapsulation 逆カプセル化スルー The maximum rate at which frames RFC2432
Throughput (DT) プット offered a DUT are decapsulated and
correctly forwarded by the DUT without
loss.
Decapsulator 逆カプセル化装置 The entity responsible for receiving an RFC1241
Encapsulated Datagram, decapsulating it,
and delivering it to the destination User
Space. Delivery may be direct, or via
Encapsulation. A Decapsulator may be a
host or a gateway.
deception 詐称 See: (secondary definition under) threat RFC2828
consequence.
decipher 復号する (D) ISDs SHOULD NOT use this term as RFC2828
a synonym for "decrypt",except in
special circumstances. (See: (usage
discussion under)encryption.)
decipher 復号する To reverse the effects of encipherment RFC1507
and render a message comprehensible by
use of a cryptographic key.
decipherment 復号 (D) ISDs SHOULD NOT use this term as RFC2828
a synonym for "decryption",except in
special circumstances. (See: (usage
discussion under)encryption.)
decision maker 決定者 those people at a site who set or RFC2196
approve policy. These are often (but not
always) the people who own the
DECnet DECnet A proprietary network protocol designed RFC1983
by Digital Equipment Corporation. The
functionality of each Phase of the
implementation, such as Phase IV and
Phase V, is different.
DECnet DECnet a tool for controlling or monitoring RFC1470
implementations of the DECnet
protocol suite or network components
DECnet DECnet Digital Equipment Corporation's RFC1208
proprietary network architecture.
decode 復号する (D) ISDs SHOULD NOT use this term as RFC2828
a synonym for "decrypt",because that
would mix concepts in a potentially
misleading way.
decode 復号する (I) Convert encoded data back to its RFC2828
original form ofrepresentation. (See:
decrypt.)
Decollating 切断する the process by which the individual parts RFC1759
within a multi-part form are separated
and sorted into separate stacks for each
Decompress 伸張する The act of reconstructing a compressed RFC2507
header.
decrypt 復号する (I) Cryptographically restore ciphertext RFC2828
to the plaintext form ithad before
Decrypting 復号する The process of reversing the encryption RFC2504
of a file or message torecover the
original data in order to use or read it.
decryption 復号 See: (secondary definition under) RFC2828
encryption.
dedicated security 専用セキュリティモ (C) This mode is defined formally in U.S. RFC2828
mode ード? Department of Defensepolicy regarding
system accreditation, but the term is
also usedoutside the Defense
Department and outside the Government.
dedicated security 専用セキュリティモ (I) A mode of operation of an information RFC2828
mode ード system, wherein allusers have the
clearance or authorization, and the need-
to-know,for all data handled by the
system. In this mode, the system may
handle either a single classification level
or category of information or a range of
levels and categories. [DOD2]
Dedicated-VC 専用VC Dedicated-VC is used for the specific IP RFC2129
packet flow identified by the flow-ID.
When the flow-ID for an incoming VC and
an outgoing VC are the same at a CSR, it
can forward the packets belonging to the
flow through the cut-through packet
forwarding. The encapsulation over the
Dedicated-VC is LLC for routed non-ISO
protocols defined by RFC1483 [3].
default account 既定アカウント (C) Sometimes, the default user name RFC2828
and password are the same ineach copy
of the system. In any case, when the
system is put intoservice, the default
password should immediately be changed
or thedefault account should be disabled.
default account 既定アカウント (I) A system login account (usually RFC2828
accessed with a user name andpassword)
that has been predefined in a
manufactured system topermit initial
access when the system is first put into
service.
Default Account 既定アカウント Some systems and server software come RFC2504
with preconfigured accounts.These
accounts may be set up with a
predefined (user name and)password to
allow anyone access and are often put
there to make itconvenient for users to
login initially. Default accounts shouldbe
turned off or have their predefined
passwords changed, toreduce the risk of
Default Route デフォルト経路 A routing table entry that is used to RFC1812
direct any data addressed to any network
prefixes not explicitly listed in the routing
table.
default route デフォルト経路 A routing table entry which is used to RFC1983
direct packets addressed to networks
not explicitly listed in the routing table.
[Source: MALAMUD]
Default-VC デフォルトVC Default-VC is used for hop-by-hop RFC2129
packet forwarding. Cells received from
the Default-VC are reassembled into IP
packets. Conventional IP processing is
performed for these packets. The
encapsulation over the Default-VC is
LLC for routed non-ISO protocols
defined by RFC1483 [3].
Defense Data 米国国防情報網(D A global communications network serving RFC1983
Network (DDN) DN) the US Department of Defense
composed of MILNET, other portions of
the Internet, and classified networks
which are not part of the Internet. The
DDN is used to connect military
installations and is managed by the
Defense Information Systems Agency.
See also: Defense Information Systems
Agency.
Defense Data 米国国防情報網ネッ Previously called "The NIC", the DDN RFC1983
Network Network トワーク情報センタ NIC's primary responsibility was the
Information Center assignment of Internet network
(DDN NIC) addresses and Autonomous System
numbers, the administration of the root
domain, and providing information and
support services to the Internet for the
DDN. Since the creation of the InterNIC,
the DDN NIC performs these functions
only for the DDN. See also: Autonomous
System, network address, Internet
Registry, InterNIC, Network Information
Center, Request For Comments.
Defense 米国国防情報システ Formerly called the Defense RFC1983
Information ム局(DISA) Communications Agency (DCA), this is
Systems Agency the government agency responsible for
(DISA) managing the DDN portion of the
Internet, including the MILNET.
Currently, DISA administers the DDN,
and supports the user assistance
services of the DDN NIC. See also:
Defense Data Network.
Definitions of プロトコル状態の定 This document lists a "requirement RFC2300
Protocol Status 義 level" or STATUS for eachprotocol. The
status is one of "required",
"recommended","elective", "limited
use", or "not recommended".
degauss 消磁 (N) Apply a magnetic field to permanently RFC2828
remove, erase, or cleardata from a
magnetic storage medium, such as a tape
or disk[NCS25]. Reduce magnetic flux
density to zero by applying areversing
magnetic field.
degausser 消磁器 (N) An electrical device that can degauss RFC2828
magnetic storage media.
DEK DEK See: Data Encryption Key RFC1983,
2828
DEK DEK See: data encryption key. RFC2828
delegation 代理 The granting of temporary credentials RFC1507
that allow a process to act on behalf of a
principal.
delegation key 代理鍵 A short term public/private key pair used RFC1507
by a claimant to act on behalf of a
principal for a bounded period. The
delegation public key appears in the
ticket, whereas the delegation private
key is used to sign secret key exchange
messages.
Delivery 配信 The interaction by which the Message RFC1330
Transfer Agent (MTA) transfers to a
recipient User Agent (UA) the content of
a message plus the delivery envelope.
Delivery Envelope 配信封筒 The envelope which contains the RFC1330
information related to the delivery of the
message.
Delivery Handler 配信ハンドラ The Organisation that directly delivers RFC2801
the goods or services to the Consumer
on behalf of the Merchant. Delivery can
be in the form of either digital goods
(e.g., a [MIME] message), or physically
delivered using the post or a courier.
delta CRL 差分間接的証明証 (I) A partial CRL that only contains RFC2828
失効リスト entries for X.509certificates that have
been revoked since the issuance of a
prior,base CRL. This method can be used
to partition CRLs that becometoo large
and unwieldy.
Demilitarized zone 非武装区域 A network segment or segments located RFC2647
between protected and unprotected
networks.
denial of service サービスの妨害 (I) The prevention of authorized access RFC2828
to a system resource orthe delaying of
system operations and functions.
(See:availability, critical (resource of a
system), flooding.)
Denial of Service サービス妨害 A Security Model need not attempt to RFC2571
address the broad range of attacks by
which service on behalf of authorized
users is denied. Indeed, such denial-of-
service attacks are in many cases
indistinguishable from the type of
network failures with which any viable
management protocol must cope as a
matter of course.
Denial of Service サービスの妨害 An SNMPv2 security protocol need not RFC1910
attempt to address the broad range of
attacks by which service on behalf of
authorized users is denied. Indeed, such
denial-of-service attacks are in many
cases indistinguishable from the type of
network failures with which any viable
network management protocol must cope
as a matter of course.
Dense Mode デンスモード、高密 In multicast forwarding, two paradigms RFC1812
度モード are possible: in Dense Mode forwarding, a
network multicast is forwarded as a data
link layer multicast to all interfaces
except that on which it was received,
unless and until the router is instructed
not to by a multicast routing neighbor.
See Sparse Mode.
deprecated address 非推奨アドレス An address assigned to an interface RFC2462
whose use is discouraged, but not
forbidden. A deprecated address should
no longer be used as a source address in
new communications, but packets sent
from or to deprecated addresses are
delivered as expected. A deprecated
address may continue to be used as a
source address in communications where
switching to a preferred address causes
hardship to a specific upper-layer
activity (e.g., an existing TCP connection).
deprecated address 非推奨アドレス? An address assigned to an interface RFC1971
whose use is discouraged, but not
forbidden. A deprecated address should
no longer be used as a source address in
new communications, but packets sent to
deprecated addresses are delivered as
expected. A deprecated address may
continue to be used as a source address
in communications where switching to a
preferred address causes hardship to a
specific upper-layer activity (e.g., an
existing TCP connection).
DER DER Distinguished Encoding Rules for ASN.1, RFC2985
as defined in [6].
DER DER Distinguished Encoding Rules for ASN.1, RFC2311,
as defined in CCITTX.509,Section 8.7. 2633,2314
,2315
DER DER Distinguished Encoding Rules for ASN.1, RFC2632,
as defined in ITU-T X.690. DER is a 2986
subset of BER.
dereference 参照解決、デリファ the act of replacing a feature set RFC2938
レンス reference with its corresponding feature
set expression. Also called "resolution".
DES DES Data Encryption Standard, as defined in RFC2313,
FIPS PUB 46-1. 2315
DES DES Data Encryption Standard: a symmetric RFC1507
(secret key) encryption algorithm used
by DASS. An alternate encryption
algorithm could be substituted with little
or no disruption to the architecture.
DES DES See: Data Encryption Standard RFC1983
DES DES See: Data Encryption Standard. RFC2828
DES key DES鍵 A 56-bit secret quantity used as a RFC1507
parameter to the DES encryption
algorithm.
desCBC DESCBCモード識別 The object identifier for DES in cipher- RFC2315
block chaining (CBC)mode, as defined in
[NIST91].
Description 記述部 information about the configuration and RFC1759
capabilities of the printer and its various
sub-units
Descriptive Name 記述名 A name that denotes one and only one RFC1330
user in the Message Handling System
(MHS).
Descriptor 記述子 A syntactic element of the protocol that RFC2885
groups related properties. For instance,
the properties of a media flow on the MG
can be set by the MGC by including the
appropriate descriptor in a command.
Designated IS 指定中間システム The Intermediate system on a LAN which RFC1142
is designated to perform additional
duties. In particular it generates Link
State PDUs on behalf of the LAN,
treating the LAN as a pseudonode.
Designated switch 指定スイッチ Each multi-access network link has a RFC2642
designated switch. The designated switch
generates a link state advertisement for
the link and has other special
responsibilities in the running of the
protocol. The use of a designated switch
permits a reduction in the number of
adjacencies required on multi-access
links. This in turn reduces the amount of
routing protocol traffic and the size of
the topological database. The designated
switch is selected during the discovery
process. A designated switch is not
selected for a point-to-point network link.
DestAddress あて先アドレス The IP destination address; part of RFC2205
session identification. See "session".
Destination あて先 The destination address, an internet RFC791
header field.
Destination あて先 The HIPPI implementation that receives RFC2067
data from a HIPPI Source.
Destination あて先 The HIPPI port that receives data from a RFC2834,
HIPPI Source. 2835
destination あて先 where datagrams go to, the destination RFC1476
of the datagrams
Destination Address あて先アドレス The destination address, usually the RFC793
network and host identifiers.
Device Management 装置管理インターフ A NAS is a network device which is RFC2881
Interface ェース owned, operated, and managed by some
entity. This interface provides a means
for this entity to operate and manage the
NAS. This interface may be a
configuration file, a graphical user
interface, an API, or a protocol s
Device Monitoring 装置監視 Device monitoring refers to the tracking RFC2881
of status, activity, and usage of the NAS
as a network device.
Device Provisioning 装置予測 Device provisioning refers to the RFC2881
configurations, settings, and control of
the NAS as a network device.
Device under test 被試験装置 The network forwarding device to which RFC2285
(DUT) stimulus is offered and response
measured.
device-name デバイス名 The terms "device-name", "LU name" RFC2355
and "network name" can be considered
interchangeable in this document. They
refer to a specific terminal or printer
device.
DF 分割禁止ビット The Don't Fragment bit carried in the RFC791
flags field.
DHCP client DHCPクライアント A DHCP client is an Internet host using RFC2131,
DHCP to obtain configuration parameters
such as a network address. 2242,2563
DHCP client DHCPクライアント A DHCP client or "client" is an Internet RFC2132
host using DHCP to obtain configuration
parameters such as a network address.
DHCP client DHCPクライアント DHCP client or "client" is an Internet RFC2937
host using DHCP to obtain configuration
parameters such as a network address.
DHCP serve DHCPサーバ A DHCP server is an Internet host that RFC2131,
returns configuration parameters to
DHCP clients. 2242,2563
DHCP server DHCPサーバ A DHCP server of "server"is an Internet RFC2132,
host that returns configuration 2937
parameters to DHCP clients.
Dial Access Servers ダイヤルアクセスサ A Dial Access Server is a NAS whose RFC2881
ーバ client interfaces consist of modems,
either local or remote, which are
attached to a PSTN.
Dial-in Service ダイヤルインサービ A way of providing access to computer RFC2504
ス systems or networks via
atelecommunications network. A
computer uses a modem to make
atelephone call to a another modem,
which in turn provides 'networkaccess
service'. See also: PPP.
dialup ダイヤルアップ A temporary, as opposed to dedicated, RFC1983
connection between machines
established over a phone line (analog or
ISDN). See also: Integrated Services
Digital Network.
DIB DIB Directory Information Base; a collection RFC1943
of information objects in the Directory.
DIB ディレクトリ情報ベー See DIRECTORY INFORMATION BASE. RFC1330
ス
dictionary attack 辞書攻撃 (C) For example, an attack on an RFC2828
authentication service by tryingall
possible passwords; or an attack on
encryption by encryptingsome known
plaintext phrase with all possible keys so
that the keyfor any given encrypted
message containing that phrase may
dictionary attack 辞書攻撃 (I) An attack that uses a brute-force RFC2828
technique of successivelytrying all the
words in some large, exhaustive list.
Differential coding 差分符号化 A compression technique where the RFC2507
compressed value of a header field is the
difference between the current value of
the field and the value of the same field
in the previous header belonging to the
same packet stream. A decompressor
can thus obtain the value of the field by
adding the value in the compressed
header to its context. This technique is
used for TCP streams but not for non-
TCP streams.
Differentiated DS境界? the edge of a DS domain, RFC2474
Services Boundary whereclassifiers and traffic conditioners
are likely to be deployed. Adifferentiated
services boundary can be further sub-
divided intoingress and egress nodes,
where the ingress/egress nodes are
thedownstream/upstream nodes of a
boundary link in a given trafficdirection.
A differentiated services boundary
typically is found atthe ingress to the
first-hop differentiated services-
compliant router(or network node) that a
host's packets traverse, or at the egress
ofthe last-hop differentiated services-
compliant router or network nodethat
packets traverse before arriving at a
host. This is sometimesreferred to as
the boundary at a leaf router. A
differentiatedservices boundary may be
co-located with a host, subject to
Differentiated DSドメイン? a contiguous portion of the Internetover RFC2474
Services Domain which a consistent set of differentiated
services policies areadministered in a
coordinated fashion. A differentiated
servicesdomain can represent different
administrative domains or
autonomoussystems, different trust
regions, different network
technologies(e.g., cell/frame), hosts and
routers, etc. Also DS domain.
Differentiated DSフィールド? the IPv4 header TOS octet or the RFC2474
Services Field IPv6Traffic Class octet when interpreted
in conformance with thedefinition given in
this document. Also DS field.
Differentiated DS適合? in compliance with therequirements RFC2474
Services-Compliant specified in this document. Also DS-
compliant.
Diffie-Hellman Diffie-Hellman (C) Diffie-Hellman does key RFC2828
establishment, not encryption.However,
the key that it produces may be used for
encryption, forfurther key management
operations, or for any other cryptography.
Diffie-Hellman Diffie-Hellman (C) The difficulty of breaking Diffie- RFC2828
Hellman is considered to beequal to the
difficulty of computing discrete
logarithms modulo alarge prime. The
algorithm is described in [R2631] and
[Schn]. Inbrief, Alice and Bob together
pick large integers that satisfycertain
mathematical conditions, and then use
the integers to eachseparately compute
a public-private key pair. They send each
othertheir public key. Each person uses
their own private key and theother
person's public key to compute a key, k,
that, because ofthe mathematics of the
algorithm, is the same for each of
them.Passive wiretapping cannot learn
the shared k, because k is
nottransmitted, and neither are the
private keys needed to compute
k.However, without additional
mechanisms to authenticate each
partyto the other, a protocol based on
Diffie-Hellman Diffie-Hellman (N) A key agreement algorithm published RFC2828
in 1976 by WhitfieldDiffie and Martin
Hellman [DH76, R2631].
Diffie-Hellman Diffie-Hellman A public-key cryptography algorithm for RFC2636,
Algorithm アルゴリズム exchanging secret keys. Uses the RFC2637
equation , where k is the secret key. The
equation is executed by each party of
the session based on the exchange of
independently generated public values.
digest ダイジェスト、要約 See: message digest. RFC2828
digital certificate ディジタル証明証 (D) ISDs SHOULD NOT use this term to RFC2828
refer to a signed CRL or CKL.Although
the recommended definition can be
interpreted to includethose items, the
security community does not use the
term withthose meanings.
digital certificate ディジタル証明証 (I) A certificate document in the form of RFC2828
a digital data object (adata object used
by a computer) to which is appended a
computeddigital signature value that
depends on the data object.
(See:attribute certificate, capability,
public-key certificate.)
digital certification ディジタル証明証 (D) ISDs SHOULD NOT use this term as RFC2828
a synonym for"certification", unless the
context is not sufficient todistinguish
between digital certification and another
kind ofcertification, in which case it
would be better to use "public-
keycertification" or another phrase that
indicates what is beingcertified.
Digital Channel ディジタルチャンネ A circuit-switched communication path RFC2661
ル which is intended to carry digital
information in each direction.
digital document ディジタル文書 (I) An electronic data object that RFC2828
represents informationoriginally written in
a non-electronic, non-magnetic
medium(usually ink on paper) or is an
analogue of a document of thattype.
digital envelope ディジタル封筒 (C) Digital enveloping is not simply a RFC2828
synonym for implementing data
confidentiality with encryption; digital
enveloping is a hybrid encryption scheme
to "seal" a message or other data, by
encrypting the data and sending both it
and a protected form of the key to the
intended recipient, so that no one other
than the intended recipient can "open"
the message. In PCKS #7, it means first
encrypting the data using a symmetric
encryption algorithm and a secret key,
and then encrypting the secret key using
an asymmetric encryption algorithm and
the public key of the intended recipient.
In S/MIME, additional methods are
defined for conveying the content
digital envelope ディジタル封筒 (C) In ISDs, this term should be defined RFC2828
at the point of first usebecause, although
the term is defined in PKCS #7 and used
inS/MIME, it is not yet widely established.
digital envelope ディジタル封筒 (I) A digital envelope for a recipient is a RFC2828
combination of (a)encrypted content data
(of any kind) and (b) the content
encryption key in an encrypted form that
has been prepared for theuse of the
recipient.
Digital ID(service ディジタル識別子 (D) ISDs SHOULD NOT use this term as RFC2828
mark) a synonym for "digitalcertificate"
because (a) it is the service mark of a
commercialfirm, (b) it unnecessarily
duplicates the meaning of other, well-
established terms, and (c) a certificate is
not always used asauthentication
information. In some contexts, however,
it may beuseful to explain that the key
conveyed in a public-keycertificate can
be used to verify an identity and,
therefore, thatthe certificate can be
thought of as digital
identificationinformation. (See:
identification information.)
digital key ディジタル鍵 (C) The adjective "digital" need not be RFC2828
used with "key" or"cryptographic key",
unless the context is insufficient
todistinguish the digital key from another
kind of key, such as ametal key for a
door lock.
digital notary ディジタル公証人 (I) Analogous to a notary public. Provides RFC2828
a trusted date-and-timestamp for a
document, so that someone can later
prove that thedocument existed at a
point in time. May also verify
thesignature(s) on a signed document
before applying the stamp.
digital signature ディジタル署名 (C) Other digital signature schemes (e.g., RFC2828
see: DSS) transform thehash result with
an algorithm (e.g., see: DSA, El Gamal)
thatcannot be directly used to encrypt
data. Such a scheme creates asignature
value from the hash and provides a way
to verify thesignature value, but does not
provide a way to recover the hashresult
from the signature value. In some
countries, such a schememay improve
exportability and avoid other legal
constraints onusage.
digital signature ディジタル署名 (C) Some digital signature schemes use a RFC2828
asymmetric encryptionalgorithm (e.g.,
see: RSA) to transform the hash result.
Thus,when Alice needs to sign a message
to send to Bob, she can use herprivate
key to encrypt the hash result. Bob
receives both themessage and the digital
signature. Bob can use Alice's public
keyto decrypt the signature, and then
compare the plaintext result tothe hash
result that he computes by hashing the
message himself.If the values are equal,
Bob accepts the message because he
iscertain that it is from Alice and has
arrived unchanged. If thevalues are not
equal, Bob rejects the message because
either themessage or the signature was
altered in transit.
digital signature ディジタル署名 (C) Typically, the data object is first RFC2828
input to a hash function,and then the
hash result is cryptographically
transformed using aprivate key of the
signer. The final resulting value is called
thedigital signature of the data object.
The signature value is aprotected
checksum, because the properties of a
cryptographic hashensure that if the data
object is changed, the digital signaturewill
no longer match it. The digital signature
is unforgeablebecause one cannot be
certain of correctly creating or
changingthe signature without knowing
the private key of the supposedsigner.
digital signature ディジタル署名 (I) "Data appended to, or a cryptographic RFC2828
transformation of, adata unit that allows
a recipient of the data unit to prove
thesource and integrity of the data unit
and protect against forgery,e.g. by the
recipient." [I7498 Part 2]
digital signature ディジタル署名 (I) A value computed with a RFC2828
cryptographic algorithm and appendedto
a data object in such a way that any
recipient of the data canuse the
signature to verify the data's origin and
integrity. (See:data origin authentication
service, data integrity service,digitized
signature, electronic signature, signer.)
Digital Signature ディジタル署名 A digital signature is created by a RFC2504
mathematical computer program.It is not
a hand-written signature nor a computer-
produced pictureof one. The signature is
like a wax seal that requires a
specialstamp to produce it, and is
attached to an Email message or file.The
origin of the message or file may then be
verified by thedigital signature (using
special tools).
digital signature ディジタル署名 A value computed from a block of data RFC1507
and a key which could only be computed
by someone knowing the key. A digital
signature computed with a secret key
can only be verified by someone knowing
that secret key. A digital signature
computed with a private key can be
verified by anyone knowing the
corresponding public key.
Digital Signature ディジタル署名アル (N) An asymmetric cryptographic RFC2828
Algorithm (DSA) ゴリズム(DSA) algorithm that produces a digitalsignature
in the form of a pair of large numbers.
The signature iscomputed using rules and
parameters such that the identity of
thesigner and the integrity of the signed
data can be verified. (See:Digital
Signature Standard.)
Digital Signature ディジタル署名標準( (N) The U.S. Government standard RFC2828
Standard (DSS) DSS) [FP186] that specifies theDigital
Signature Algorithm (DSA), which
involves asymmetriccryptography.
Digital Signature ディジタル署名標準( A standard for digital signing, including RFC2246
Standard (DSS) DSS) the Digital Signing Algorithm, approved by
the National Institute of Standards and
Technology, defined in NIST FIPS PUB
186, "Digital Signature Standard,"
published May, 1994 by the U.S. Dept. of
Commerce. [DSS]
digital signatures ディジタル署名 Digital signatures utilize public key RFC2246
cryptography and one-way hash
functions to produce a signature of the
data that can be authenticated, and is
difficult to forge or repudiate.
digital watermarking ディジタル透かし (C) The set of embedded bits (the digital RFC2828
watermark) is sometimeshidden, usually
imperceptible, and always intended to
beunobtrusive. Depending on the
particular technique that is used,digital
watermarking can assist in proving
ownership, controllingduplication, tracing
distribution, ensuring data integrity,
andperforming other functions to protect
intellectual propertyrights. [ACM]
digital watermarking ディジタル透かし (I) Computing techniques for inseparably RFC2828
embedding unobtrusivemarks or labels as
bits in digital data--text, graphics,
images,video, or audio--and for detecting
or extracting the marks later.
digitized signature デジタイズド署名 (D) ISDs SHOULD NOT use this term RFC2828
because there is no currentconsensus on
its definition. Although it appears to be
used mainlyto refer to various forms of
digitized images of handwrittensignatures,
the term should be avoided because it
might beconfused with "digital signature".
Digits 数字 Digits consist of the decimal integers RFC2636,
0,1,2,3,4,5,6,7,8, and 9. RFC2637
Direct 直接通信(proxyせず In the "normal" Internet world, systems RFC1919
communication に) do not use proxies and simply use normal
(without a proxy) TCP/IP to communicate with each other.
It is important (for readers who may not
be familiar with this) to take a quick look
at the operations involved, in order to
better understand what is the exact use
of a proxy.
Directory ディレクトリ 2. (I) Capitalized: "Directory" refers RFC2828
specifically to the X.500Directory. (See:
repository.)
Directory ディレクトリ The Directory is a repository of RFC1330
information about objects and which
provides directory services to its users
which allow access to the information.
directory ディレクトリ 1. (I) Not capitalized: The term RFC2828
"directory" refers generically toa
database server or other system that
provides information--suchas a digital
certificate or CRL--about an entity
whose name isknown.
Directory Access ディレクトリアクセス The Directory Access Protocol (DAP) is RFC1330
Protocok プロトコル the protocol used between a Directory
user Agent (DUA) and a Directory
System Agent (DSA).
Directory Access ディレクトリアクセス X.500 protocol used for communication RFC1983
Protocol プロトコル between a Directory User Agent and a
Directory System Agent. [Source:
MALAMUD]
Directory Access ディレクトリアクセス (N) An OSI protocol [X519] for RFC2828
Protocol (DAP) プロトコル(DAP) communication between a DirectoryUser
Agent (a client) and a Directory System
Agent (a server).(See: Lightweight
Directory Access Protocol.)
Directory Agent ディレクトリエージェ A process which collects information RFC2165
(DA) ント(DA) from Service Agents to provide a single
repository of service information in order
to centralize it for efficient access by
User Agents. There can only be one DA
present per given host.
Directory Agent ディレクトリエージェ A process which collects service RFC2608
(DA) ント(DA) advertisements. There can only be one
DA present per given host.
Directory Agent ディレクトリエージェ A service that automatically gathers RFC2614
(DA) ント(DA) service advertisements from SAs in
order to provide them to UAs.
Directory Entry ディレクトリエントリ A Directory Entry is a part of the RFC1330
Directory Information Base (DIB) which
contains information about an object.
Directory ディレクトリ情報木 The Directory Information Tree (DIT) is RFC1330
Informatiion Tree the Directory Information Base (DIB),
considered as a tree, whose vertices
(other than the root) are the Directory
entries.
Directory ディレクトリ情報ベー The Directory Information Base (DIB) is RFC1330
Information Base ス the complete set of information to which
the Directory provides access and which
includes all pieces of information which
can be read or manipulated using the
operations of the Directory.
Directory ディレクトリ管理ドメ A Directory Management Domain (DMD) RFC1330
Management Domain イン is a collection of one or more Directory
System Agents (DSAs) and zero or more
Directory User Agents (DUAs) which is
managed by a single organization.
Directory System ディレクトリシステム A Directory System Agent (DSA) is an RFC1330
Agent エージェント OSI application process which is part of
the Directory.
Directory System ディレクトリシステム The software that provides the X.500 RFC1983
Agent (DSA) エージェント(DSA) Directory Service for a portion of the
directory information base. Generally,
each DSA is responsible for the directory
information for a single organization or
organizational unit. [Source: RFC1208]
Directory System ディレクトリシステム The Directory System Protocol (DSP) is RFC1330
Protocol プロトコル the protocol used between two Directory
System Agents (DSAs).
Directory User ディレクトリ利用者 A Directory user is the entity or person RFC1330
that accesses the Directory.
Directory User ディレクトリ利用者エ A Directory User Agent (DUA) is an OSI RFC1330
Agent ージェント application process which represents the
user in accessing the Directory.
Directory User ディレクトリ利用者エ The "DUA" (directory user agent) refers RFC2307
Agent (DUA) ージェント(DUA) to the LDAP client querying these
entities, such as an LDAP to NIS
gateway or the C library.
Directory User ディレクトリ利用者エ The software that accesses the X.500 RFC1983
Agent (DUA) ージェント(DUA) Directory Service on behalf of the
directory user. The directory user may
be a person or another software element.
[Source: RFC1208]
directory, Directory ディレクトリ See: directory vs. Directory. RFC2828
DISA DISA See: Defense Information Systems RFC1983
Agency
disaster plan 防災計画 (D) A synonym for "contingency plan". In RFC2828
the interest of consistency, ISDs
SHOULD use "contingency plan" instead
of"disaster plan".
Disclosure 漏洩 The disclosure threat is the danger of RFC1910
eavesdropping on the exchanges between
managed agents and a management
station. Protecting against this threat
may be required as a matter of local
Disclosure 漏洩 The disclosure threat is the danger of RFC2571
eavesdropping on the exchanges between
SNMP engines. Protecting against this
threat may be required as a matter of
local policy.
disclosure (i.e., 漏洩 See: (secondary definition under) threat RFC2828
unauthorized consequence.
disclosure)
Discovery 発見 process by which a node learns the RFC1981
PMTU of a path
discretionary 自由裁量のアクセス (C) This service is termed RFC2828
access control 制御(DAC) "discretionary" because an entity
(DAC) mighthave access rights that permit the
entity, by its own volition, toenable
another entity to access some resource.
discretionary 自由裁量のアクセス (I) An access control service that RFC2828
access control 制御(DAC) enforces a security policybased on the
(DAC) identity of system entities and their
authorizationsto access system
resources. (See: access control list,
identity-based security policy, mandatory
access control.)
discretionary 自由裁量のアクセス (O) "A means of restricting access to RFC2828
access control 制御(DAC) objects based on theidentity of subjects
(DAC) and/or groups to which they belong.
Thecontrols are discretionary in the
sense that a subject with acertain
access permission is capable of passing
that permission(perhaps indirectly) on to
any other subject." [DOD1]
DISCUSSION 議論 At many points in this document, the RFC2157
author has found it useful to include
material that explains part of the
reasoning behind the specification. These
sections all start with DISCUSSION: and
continue to the next numbered section
heading; they do not dictate any
additional requirements on a gateway.
displayable message 表示可能文字 This is interpreted to be a human RFC2284
readable string of characters, and MUST
NOT affect operation of the protocol.
The message encoding MUST follow the
UTF-8 transformation format [5].
Displayed text 表示文字 The text shown to the user reading a RFC2557
document with a web browser. This may
be different from the HTML markup, see
the definition of HTML markup below.
disruption 混乱 See: (secondary definition under) threat RFC2828
consequence.
Distinct style 個別スタイル A (reservation) style attribute; separate RFC2205
resources are reserved for each different
sender. See also "shared style".
Distinguished 識別符号化規則(DE (C) Since there is more than one way to RFC2828
Encoding Rules R) encode ASN.1 in BER, DERis used in
(DER) applications in which a unique encoding is
needed, suchas when a digital signature
is computed on an ASN.1 value.
Distinguished 識別符号化規則(DE (N) A subset of the Basic Encoding RFC2828
Encoding Rules R) Rules, which gives exactly oneway to
(DER) represent any ASN.1 value as an octet
string [X690].
Distinguished Name 識別名 The distinguished name of a given object RFC1330
is the sequence of relative distinguished
names (RDNs) of an entry which
represents the object and those of all of
its superior entries (in descending order).
distinguished name 識別名(DN) (C) A DN is a set of attribute values that RFC2828
(DN) identify the pathleading from the base of
the DIT to the object that is named.
AnX.509 public-key certificate or CRL
contains a DN that identifiesits issuer,
and an X.509 attribute certificate
contains a DN orother form of name that
identifies its subject.
distinguished name 識別名(DN) (I) An identifier that uniquely represents RFC2828
(DN) an object in the X.500Directory
Information Tree (DIT) [X501]. (See:
domain name.)
Distributed 分散認証セキュリテ (I) An experimental Internet protocol RFC2828
Authentication ィーサービス(DASS) [R1507] that usescryptographic
Security Service mechanisms to provide strong, mutual
(DASS) authenticationservices in a distributed
environment.
Distributed 分散認証ツール A program which can retrieve a source RFC2291
Authoring Tool entity via HTTP, allow editing of this
entity, and then save/publish this entity
to a server using HTTP.
Distributed 分散計算環境(DCE) An architecture of standard programming RFC1983
Computing interfaces, conventions, and server
Environment (DCE) functionalities (e.g., naming, distributed
file system, remote procedure call) for
distributing applications transparently
across networks of heterogeneous
computers. Promoted and controlled by
the Open Software Foundation (OSF), a
consortium led by Digital, IBM and
Hewlett Packard. [Source: RFC1208]
distributed database 分散データベース A collection of several different data RFC1983
repositories that looks like a single
database to the user. A prime example
in the Internet is the Domain Name
distributed manager 分散マネージャ A `distributed manager' can be RFC2592
decomposed into an `SNMP entity' which
implements the Script MIB defined in this
memo and the `runtime system' that
executes scripts. The Script MIB sees
the runtime system as the managed
resource which is controlled by the MIB.
distributed manager 分散マネージャ A `distributed manager' is a processing RFC2592
entity which is capable of performing
network management functions. For the
scope of this memo, a distributed
manager is assumed to implement the
Script MIB.
Distributed Service 分散サービス a service that is provided by more than RFC2904,
one Service Provider acting in concert. 2905
distribution point 配布箇所 (C) A v3 X.509 public-key certificate may RFC2828
have a"cRLDistributionPoints" extension
that names places to get CRLs onwhich
the certificate might be listed. A CRL
obtained from adistribution point may (a)
cover either all reasons for which
acertificate might be revoked or only
some of the reasons, (b) beissued by
either the authority that signed the
certificate or someother authority, and
(c) contain revocation entries for only
asubset of the full set of certificates
issued by one CA or (c')contain
revocation entries for multiple CAs.
distribution point 配布箇所 (I) An X.500 Directory entry or other RFC2828
information source that isnamed in a v3
X.509 public-key certificate extension as
a locationfrom which to obtain a CRL
that might list the certificate.
DIT DIT Directory Information Tree; the hierarchy ディレクトリ情報木。X.500サービスを構築 RFC1943
of the distributed database that makes する分散データベースの階層構造。
up an X.500 service.
DIT DIT See DIRECTORY INFORMATION TREE. RFC1330
DIX Ethernet DIXイーサネット See: Ethernet RFC1983
DLCI DLCI Data Link Connection Identifier データリンクコネクション識別 RFC2954
DMD DMD See DIRECTORY MANAGEMENT RFC1330
DN DN See DISTINGUISHED NAME. RFC1330,
2828
DNS DNS a Domain Name System debugging tool. DNSデバッグツール RFC1470
DNS DNS Domain Name System. The distributed ドメイン名システム。インターネットを用いた RFC1208
name/address mechanism used in the 分散名前/アドレスメカニズム。
Internet.
DNS DNS See DOMAIN NAME SERVICE. RFC1330
DNS DNS See: Domain Name System RFC1983,
2828,2182
DOCSIS DOCSIS "Data Over Cable Interface RFC2669,
Specification". A term referring to the 2670
ITU-T J.112 Annex B standard for cable
modem systems [20].
document 文書 A 'document' is a coherent piece of data RFC2594
which is accessible in the World Wide
Web. No assumptions are made about the
content or the type of a document.
document 文書、文献 Often used loosely as a synonym for RFC1614
node.
Document Exchange 文書交換 A Document Exchange consists of a set RFC2801
of IOTP Messages exchanged between
two parties that implement part or all of
two Trading Exchanges simultaneously in
order to minimise the number of actual
IOTP Messages which must be sent over
the Internet. Document Exchanges are
combined together in sequence to
implement a particular IOTP Transaction.
Document Transfer 文書交換プロトコル A 'Document Transfer Protocol' (DTP) is RFC2594
Protocol (DTP) a protocol used within the World Wide
Web to invoke actions on documents.
The DTP is an abstraction from real
protocols, such as HTTP [19,20] or FTP
[21].
DOI DOI See: Domain of Interpretation. RFC2828
domain ドメイン "Domain" is a heavily overused term in RFC1983
the Internet. It can be used in the
Administrative Domain context, or the
Domain Name context. See also:
Administrative Domain, Domain Name
System.
domain ドメイン (I) Internet usage: That part of the RFC2828
Internet domain name spacetree [R1034]
that is at or below the name the
specifies thedomain. A domain is a
subdomain of another domain if it
iscontained within that domain. For
example, D.C.B.A is a subdomainof C.B.A.
(See: Domain Name System.)
domain ドメイン (I) Security usage: An environment or RFC2828
context that is defined by asecurity
policy, security model, or security
architecture toinclude a set of system
resources and the set of system
entitiesthat have the right to access the
resources. (See: domain ofinterpretation,
security perimeter.)
domain ドメイン (O) MISSI usage: The domain of a MISSI RFC2828
CA is the set of MISSIusers whose
certificates are signed by the CA.
domain ドメイン (O) OSI usage: An administrative RFC2828
partition of a complexdistributed OSI
domain ドメイン In the Internet, a part of a naming RFC1208
hierarchy. Syntactically, an Internet
domain name consists of a sequence of
names (labels) separated by periods
(dots), e.g., "tundra.mpk.ca.us." In OSI,
"domain" is generally used as an
administrative partition of a complex
distributed system, as in MHS Private
Management Domain (PRMD), and
Directory Management Domain (DMD).
domain ドメイン The hierarchially structured global RFC821
character string address of ahost
computer in the mail system.
domain name ドメイン名 (C) The domain name space of the DNS RFC2828
is a tree structure in whicheach node and
leaf holds records describing a resource.
Each nodehas a label. The domain name
of a node is the list of labels onthe path
from the node to the root of the tree.
The labels in adomain name are printed
or read left to right, from the
mostspecific (lowest, farthest from the
root) to the least specific(highest,
closest to the root). The root's label is
the nullstring, so a complete domain
name properly ends in a dot. The top-
level domains, those immediately below
the root, include COM, EDU,GOV, INT,
MIL, NET, ORG, and two-letter country
codes (such as US)from ISO-3166.
domain name ドメイン名 (I) The style of identifier--a sequence of RFC2828
case-insensitive ASCIIlabels separated
by dots ("bbn.com.")--defined for
subtrees in theInternet Domain Name
System [R1034] and used in other
Internetidentifiers, such as host names
(e.g., "rosslyn.bbn.com."),mailbox names
(e.g., "rshirey@bbn.com."), and URLs
(e.g.,"http://www.rosslyn.bbn.com/foo").
(See: distinguished name,domain.)
Domain Name ドメイン名サービス A hierarchical, distributed naming service RFC1330
Service currently used in the Internet. DNS
names typically take the form of
, where
may be ".COM", ".EDU", ".GOV", ".MIL",
".NET", ".ORG" or ".".
Domain Name ドメイン名システム( (C) Extensions to the DNS [R2065, RFC2828
System (DNS) DNS) R2137, R2536] support (a) keydistribution
for public keys needed for the DNS and
for otherprotocols, (b) data origin
authentication service and dataintegrity
service for resource records, (c) data
originauthentication service for
transactions between resolvers
andservers, and (d) access control of
records.
Domain Name ドメイン名システム( (C) The DNS has three major RFC2828
System (DNS) DNS) components:- Domain name space and
resource records: Specifications for
thetree-structured domain name space,
and data associated with thenames.-
Name servers: Programs that hold
information about a subset ofthe tree's
structure and data holdings, and also
hold pointersto other name servers that
can provide information from anypart of
the tree.- Resolvers: Programs that
extract information from name serversin
response to client requests; typically,
system routinesdirectly accessible to
user programs.
Domain Name ドメイン名システム( (I) The main Internet operations RFC2828
System (DNS) DNS) database, which is distributedover a
collection of servers and used by client
software forpurposes such as translating
a domain name-style host name into
anIP address (e.g., "rosslyn.bbn.com" is
"192.1.7.10") and locatinga host that
accepts mail for some mailbox address.
Domain Name ドメイン名システム(D The DNS is a general purpose RFC1983
System (DNS) NS) distributed, replicated, data query
service. The principal use is the lookup
of host IP addresses based on host
names. The style of host names now
used in the Internet is called "domain
name", because they are the style of
names used to look up anything in the
DNS. Some important domains are:
.COM (commercial), .EDU (educational),
.NET (network operations), .GOV (U.S.
government), and .MIL (U.S. military).
Most countries also have a domain. The
country domain names are based on ISO
3166. For example, .US (United States),
.UK (United Kingdom), .AU (Australia).
See also: Fully Qualified Domain Name,
Mail Exchange Record.
domain of 解釈領域 (C) For example, see [R2407]. The DOI RFC2828
interpretation (DOI) concept is based on work bythe TSIG's
CIPSO Working Group.
domain of 解釈領域 (I) IPsec usage: An ISAKMP/IKE DOI RFC2828
interpretation (DOI) defines payload formats,exchange types,
and conventions for naming security-
relevantinformation such as security
policies or cryptographic algorithmsand
modes.
dominate ドミネート (I) Security level A is said to "dominate" RFC2828
security level B if thehierarchical
classification level of A is greater
(higher) than or equal to that of B and
the nonhierarchical categories of A
includeall of those of B.
dongle ドングル (C) A dongle is essentially a physical key RFC2828
used for copyprotection of software,
because the program will not run
unlessthe matching dongle is attached.
When the software runs, itperiodically
queries the dongle and quits if the dongle
does notreply with the proper
authentication information. Dongles
wereoriginally constructed as an EPROM
(erasable programmable read-only
memory) to be connected to a serial
input-output port of apersonal computer.
dongle ドングル (I) A portable, physical, electronic device RFC2828
that is required to beattached to a
computer to enable a particular software
program torun. (See: token.)
DOS DOS a tool that runs under MS-DOS. MS-DOSの下で動作するツール RFC1470
dot address (dotted ドットアドレス(ドット Dot address refers to the common RFC1983
decimal notation) 数値記法) notation for IP addresses of the form
A.B.C.D; where each letter represents, in
decimal, one byte of a four byte IP
address. See also: IP address. [Source:
FYI4]
dotted decimal ドット数値記法 The syntactic representation for a 32-bit ピリオド(ドット)によって分離した10進数で RFC1208
notation integer that consists of four 8-bit かかれた4つの8ビットの数値によって書く
numbers written in base 10 with periods 、32ビットの整数を表現するシンタックス
(dots) separating them. Used to 表現。インターネットにおいて192.67.67.20
represent IP addresses in the Internet as のようにIPアドレスを表わすために使われ
in: 192.67.67.20. る。
downgrade 格下げ (I) Reduce the classification level of 権威付けられた方法によって情報の格付 RFC2828
information in an authorized manner. けを下げる。
Downloaded ダウンロード・ソフト Software packages retrieved from the (FTPなどのプロトコルを用いて)インターネ RFC2504
Software ウエア Internet (using, for example,the FTP ットから取得したソフトウェアパッケージ
protocol).
Downloading ダウンロード The act of retrieving files from a server RFC2504
on the network.
Downstream 下りストリーム Requests sent in the direction from the RFC2543
caller to the callee (i.e., user agent client
to user agent server).
Downstream 下りストリーム The direction from the head-end towards RFC2669,
the subscriber. 2670
Downstream 下りストリーム Towards the data receiver(s). RFC2205
Downstream DS 下りストリームDSドメ the DS domain downstream of traffic RFC2475
domain イン flow on a boundary link.
Downstream 下りストリーム隣接 Those switches attached to all outports RFC2643
Neighbors of the switch flood path except the port
on which the undirected message was
received. Note that for each undirected
message some number of switches have
no downstream neighbors.
Downstream Node ダウンストリームノー An SNA Physical Unit (PU) type 2.0 or RFC1538
(DSN) ド 2.1 device connected to the SNA
network via a LAN (802.5, 802.3, etc.) as
opposed to an SDLC, X.25, or channel
connection.
DPA DPA ISO 10175 Document Printing Application RFC1759
standard. A standard for a client server
protocol for a print system, including (1)
submitting print jobs to and (2) managing
print jobs in a spooler
draft RFC RFC草稿 (D) ISDs SHOULD NOT use this term, RFC2828
because the Request for Commentseries
is archival in nature and does not have a
"draft" category.(Instead, see: Internet
Draft, Draft Standard (in
InternetStandard).)
Draft Standard ドラフト標準プロトコ The IESG is actively considering this RFC2300
Protocol ル protocol as a possibleStandard Protocol.
Substantial and widespread testing and
commentare desired. Comments and
test results should be submitted to
theIESG. There is a possibility that
changes will be made in a DraftStandard
Protocol before it becomes a Standard
driver ドライバ Throughout this document 'driver' refers RFC2567
to the code installed in some client
operating system to generate the print
data stream for the intended printer.
Some computing environments may not
include a separate printer driver. Rather,
the generation of the proper print data
stream is accomplished in an application
on that computer. How such a computer
environment or application is updated to
support a new printer now made available
using IPP is outside the scope of IPP.
The actual details for installing a printer
driver are operating system dependent
and are also outside the scope of IPP.
See also section 4.1 (SECURITY
CONSIDERATIONS) for security
implications of driver download and
installation.
Dropper 廃棄器 a device that performs dropping. RFC2475
Dropping 廃棄 the process of discarding packets based RFC2475
on specified rules; policing.
DS behavior DSビヘービア集約 a collection of packets with the same RFC2475
aggregate DScodepoint crossing a link in a
particulardirection.
DS boundary node DS境界ノード a DS node that connects one DS domain RFC2475
to anode either in another DS domain or
in adomain that is not DS-capable.
DS codepoint DSコードポイント a specific value of the DSCP portion of RFC2475
theDS field, used to select a PHB.
DS domain DSドメイン a DS-capable domain; a contiguous set RFC2475
ofnodes which operate with a common
set ofservice provisioning policies and
PHBdefinitions.
DS egress node DS出口ノード a DS boundary node in its role in RFC2475
handlingtraffic as it leaves a DS domain.
DS field DSフィールド the IPv4 header TOS octet or the RFC2475
IPv6Traffic Class octet when interpreted
inconformance with the definition given
in[DSFIELD]. The bits of the DSCP
fieldencode the DS codepoint, while
theremaining bits are currently unused.
DS ingress node DS入り口ノード a DS boundary node in its role in RFC2475
handlingtraffic as it enters a DS domain.
DS interior node DS内部ノード a DS node that is not a DS boundary RFC2475
node.
DS node DSノード a DS-compliant node. RFC2475
DS region DS領域 a set of contiguous DS domains which RFC2475
can offer differentiated services over
paths across those DS domains.
DSA DSA A DSA is an OSI application process that RFC2116
provides the Directory functionality,
DSA DSA Directory System Agent. The software RFC1208
that provides the X.500 Directory
Service for a portion of the directory
information base. Generally, each DSA is
responsible for the directory information
for a single organization or organizational
DSA DSA Directory System Agent; an application RFC1943
that offers the Directory service, this is
the database for the Directory.
DSA DSA See DIRECTORY SYSTEM AGENT. RFC1330
DSA DSA See: Digital Signature Algorithm. RFC2828
DSA DSA See: Directory System Agent RFC1983
DSBM DSBM Designated SBM (DSBM) is a protocol RFC2814
entity that resides in a L2 or L3 device
and manages resources on a L2 segment.
At most one DSBM exists for each L2
segment.
DS-capable DS可能 capable of implementing RFC2475
differentiatedservices as described in
this architecture;usually used in
reference to a domainconsisting of DS-
compliant nodes.
DS-compliant DS適合 enabled to support differentiated RFC2475
servicesfunctions and behaviors as
defined in[DSFIELD], this document, and
otherdifferentiated services documents;
usuallyused in reference to a node or
device.
DSI DSI See Dataset Identifier. RFC2651
DSI-description DSI記述 A human readable string optionally RFC2651
carried along with DSI's to make them
more user-friendly. See dataset Identifier.
DSLAM DSLAM Digital Subscriber Line (DSL) Access RFC2661
Module. A network device used in the
deployment of DSL service. This is
typically a concentrator of individual DSL
lines located in a central office (CO) or
local exchange.
DSP DSP See DIRECTORY SYSTEM PROTOCOL. RFC1330
DSS DSS See: Digital Signature Standard. RFC2828
DstPort あて先ポート The IP (generalized) destination port セッションで使われるIPの(一般化された) RFC2205
used as part of a session. See あて先ポート。
"generalized destination port".
DTE DTE Data Terminal Equipment データ端末装置 RFC1983
DTP データ転送プロセス The data transfer process establishes データコネクションを確立、管理するデータ RFC959
and manages the data connection. The 転送プロセス。DTPには受動的(パッシブ)
DTP can be passive or active. な場合と能動的(アクティブ)な場合がある
DUA DUA A DUA is an OSI application process that DUAはOSIのアプリケーションプロセスであ RFC2116
represents a user in accessing the り、ユーザに代わってディレクトリをアクセ
Directory and uses the DAP to スし、DAPを用いてDSAと通信を行う。
communicate with a DSA
DUA DUA Directory User Agent. The software that ディレクトリユーザエージェント。ディレクト RFC1208
accesses the X.500 Directory Service on リのユーザに代わってX.500ディレクトリサ
behalf of the directory user. The ービスをアクセスするソフトウエア。ディレ
directory user may be a person or クトリユーザは、人間である場合もあれば
another software element. 、ソフトウエアの一部分である場合もある。
DUA DUA Directory User Agent; an application that ディレクトリユーザエージェント。DSAにアク RFC1943
facilitates User access to a DSA. セスするアプリケーション。
DUA DUA See DIRECTORY USER AGENT. Directory User Agent参照。 RFC1330,
1983
DUA Interface DUAインターフェー A DUA Interface is an application DUAインターフェースは、ユーザに代わっ RFC2116
ス process that represents a user in てディレクトリにアクセスするプロセスであ
accessing the Directory using either DAP り、DAPの機能の一部分だけしかサポート
but supporting only a subset of the DAP しないDAPか若しくはDAPと異なるプロトコ
functionality or a protocol different from ルを用いてDSAやDUAと通信を行うもので
DAP to communicate with a DSA or ある。
Dual Brand 二重ブランド A Dual Brand means that a single 2重ブランドは、一つのペイメントインスツ RFC2801
Payment Instrument may be used as if it ルメントでありながら、あたかも二つの別々
were two separate Brands. For example のブランドのように使うことができるものを
there could be a single Japanese "UC" 意味する。例えば、日本の"UC"
MasterCard which can be used as either MasterCardは1枚でも、UCカードとしてもM
a UC card or a regular MasterCard. The astereCardとしても使える。UCカードブラン
UC card Brand and the MasterCard ドとMasterCardブランドは 別々のペイメン
Brand could each have their own トハンドラ-である。
separate Payment Handlers. This means
that: -- the Merchant treats, for example
"UC" and "MasterCard" as two separate
Brands when offering a list of Brands to
the Consumer, -- the Consumer chooses
a Brand, for example either "UC" or
"MasterCard, -- the Consumer IOTP
aware application determines which
Payment Instrument(s) match the chosen
Brand, and selects, perhaps with user
assistance, the correct Payment
Instrument to use.
dual control 二重制御 (I) A procedure that uses two or more 例えば1つのエンティティでは資源にはア RFC2828
entities (usually persons)operating in クセスできないように、2つ以上のエンティ
concert to protect a system resource, ティを使ってシステムの資源を守るオペレ
such that nosingle entity acting alone ーションを行う手続き。
can access that resource. (See: no-
lonezone, separation of duties, split
dual signature 二重署名 (C) Generated by hashing each message RFC2828
separately, concatenatingthe two hash
results, and then hashing that value and
encryptingthe result with the signer's
private key. Done to reduce thenumber
of encryption operations and to enable
verification of dataintegrity without
complete disclosure of the data.
dual signature 二重署名 (D) ISDs SHOULD NOT use this term RFC2828
except when stated as"SET(trademark)
dual signature" with the following
dual signature 二重署名 (O) SET usage: A single digital signature RFC2828
that protects twoseparate messages by
including the hash results for both sets
in asingle encrypted value. [SET2]
Dual-mode Mobile 二重モード移動局 A mobile station capable of both analog アナログとディジタルで通信できる移動局。 RFC2636,
Station and digital operation. RFC2637
dynamic adaptive 動的適応ルーティン Automatic rerouting of traffic based on a RFC1983
routing グ sensing and analysis of current actual
network conditions. NOTE: this does not
include cases of routing decisions taken
on predefined information. [Source: J.
Postel]
Dynamic Trust 動的信頼関係 a secure relationship which is RFC2904
Relationship dynamically created between two entities
who may never have had any prior
relationship. This relationship can be
created if the involved entities have a
mutually trusted third party. Example: A
merchant trusts a cardholder a
Dynamic Trust 動的信頼関係 a secure relationship which is RFC2905
Relationship dynamically created between two entities
who may never have had any prior
relationship. This relationship can be
created if the involved entities have a
mutually trusted third party. Example: A
merchant trusts a cardholder a
E1 E1 The basic building block for European 欧州の基本マルチメガビットデータ伝送速 RFC1983
multi-megabit data rates, with a 度であり、2.048Mbps。T1参照。
bandwidth of 2.048Mbps. See also: T1.
E3 E3 A European standard for transmitting 欧州の57.344Mbpsによるデータ伝送速度 RFC1983
data at 57.344Mbps. See also: T3. の標準。T3参照。
EAP EAP See: Extensible Authentication Protocol RFC2828
EARN EARN European Academic and Research RFC1983
Network. See: Trans-European Research
and Education Networking Association.
EARN EARN European Academic Research Network. A RFC1208
network using BITNET technology
connecting universities and research labs
in Europe.
Eavesdrop 盗聴 a tool that silently monitors RFC1470
communications media (e.g., by putting
an ethernet interface into "promiscuous"
mode).
eavesdropping 盗聴 (I) Passive wiretapping done secretly, i.e., RFC2828
without the knowledgeof the originator or
the intended recipients of the
communication.
EBCDIC EBCDICコード Extended Binary Coded Decimal RFC2351
Interchange Code
EBCDIC EBCDICコード See: Extended Binary Coded Decimal RFC1983
Interchange Code
Ebone Ebone A pan-European backbone service. RFC1983
ECB ECB See: electronic codebook. RFC2828
ECDSA ECDSA See: Elliptic Curve Digital Signature RFC2828
Algorithm.
economy of 機構の経済性 (I) The principle that each security RFC2828
mechanism mechanism should be designed to be as
simple as possible, so that the
mechanism can be correctly implemented
and so that it can be verified that the
operation of the mechanism enforces the
containing system's security policy. (See:
least privilege.)
EDI EDI See: electronic data interchange. RFC2828
EDIFACT EDIFACT See: (secondary definition under) RFC2828
electronic data interchange.
EE EE (D) ISDs SHOULD NOT use this RFC2828
abbreviation because of
possibleconfusion among "end entity",
"end-to-end encryption",
"escrowedencryption standard", and
EES EES See: Escrowed Encryption Standard. RFC2828
EFF EFF See: Electronic Frontier Foundation RFC1983
effective host name 有効ホスト名 The term effective host name is related RFC2965
to host name. If a host name contains
no dots, the effective host name is that
name with the string .local appended to
it. Otherwise the effective host name is
the same as the host name. Note that
all effective h
EGP EGP Exterior Gateway Protocol A protocol RFC1812
that distributes routing information to
the gateways (routers) which connect
autonomous systems. See IGP.
EGP EGP Exterior Gateway Protocol. A reachability RFC1208
routing protocol used by gateways in a
two-level internet. EGP is used in the
Internet core system. See core gateway.
EGP EGP See: Exterior Gateway Protocol RFC1983
EGP-2 EGP‐2 Exterior Gateway Protocol version 2 This RFC1812
is an EGP routing protocol developed to
handle traffic between Autonomous
Systems in the Internet.
Egress switch 出口スイッチ The owner switch of the destination RFC2643
endstation of a call connection. That is,
the destination endstation is attached to
one of the local access ports of the
switch.
eifax system eifaxシステム eifax system is used to describe any RFC2880
software, device or combination of these
that conforms to the specification
"Extended Facsimile Using Internet Mail"
[5].
El Gamal algorithm El Gamal (N) An algorithm for asymmetric RFC2828
アルゴリズム cryptography, invented in 1985 byTaher
El Gamal, that is based on the difficulty
of calculatingdiscrete logarithms and can
be used for both encryption anddigital
signatures. [ElGa, Schn]
Elective Protocol 選挙手続き A system may or may not implement an RFC2300
elective protocol. Thegeneral notion is
that if you are going to do something like
this,you must do exactly this. There may
be several elective protocols in a general
area, for example, there are several
electronic mailprotocols, and several
routing protocols.
electronic 電子暗号表(ECB) (I) An block cipher mode in which a RFC2828
codebook (ECB) plaintext block is used directly as input
to the encryption algorithm and the
resultantoutput block is used directly as
ciphertext [FP081].
electronic 電子商取引 (I) General usage: Business conducted 一般的用法:電子的情報交換、電子送金、 RFC2828
commerce through paperless exchangesof 電子メール、電子掲示板、ファクシミリなど
information, using electronic data 紙を用いない技術を用いることによる、紙
interchange, electronicfunds transfer を用いない情報交換によるビジネス。
(EFT), electronic mail, computer bulletin
boards,facsimile, and other paperless
technologies.
electronic 電子商取引 (O) SET usage: "The exchange of goods RFC2828
commerce and services for paymentbetween the
cardholder and merchant when some or
all of thetransaction is performed via
electronic communication." [SET2]
electronic data 電子情報交換(EDI) (C) EDI formats have been standardized RFC2828
interchange (EDI) primarily by ANSI X12 andby EDIFACT
(EDI for Administration, Commerce, and
Transportation),which is an international,
UN-sponsored standard primarily used
inEurope and Asia. X12 and EDIFACT are
aligning to create a single,global EDI
standard.
electronic data 電子データ交換(EDI (I) Computer-to-computer exchange, 規格化された様式のビジネスデータによる RFC2828
interchange (EDI) ) between trading partners, ofbusiness 、取引相手との計算機対計算機の(イクス
data in standardized document formats. チェインジ)。
Electronic Frontier 電子フロンティア基 A foundation established to address RFC1983
Foundation (EFF) 金(EFF) social and legal issues arising from the
impact on society of the increasingly
pervasive use of computers as a means
of communication and information
distribution.
Electronic Mail 電子メール(Eメール) A system whereby a computer user can RFC1983
(email) exchange messages with other computer
users (or groups of users) via a
communications network. Electronic mail
is one of the most popular uses of the
Internet. [Source: NNSC]
Electronic Serial 電子シリアル番号(E A 32-bit number assigned by the mobile RFC2636,
Number (ESN) SN) station manufacturer used to identify a RFC2637
mobile station. The ESN is unique for
each legitimate mobile station.
electronic signature 電子署名 (D) ISDs SHOULD NOT use this term RFC2828
because there is no current consensus
on its definition. (Instead, see: digital
signature.)
elliptic curve 楕円曲線暗号(ECC (C) The most efficient implementation of RFC2828
cryptography (ECC) ) ECC is claimed to bestronger per bit of
key (against cryptanalysis that uses a
bruteforce attack) than any other known
form of asymmetriccryptography. ECC is
based on mathematics different than the
kindsoriginally used to define the Diffie-
Hellman algorithm and theDigital
Signature Algorithm. ECC is based on the
mathematics ofgroups defined by the
points on a curve, where the curve
isdefined by a quadratic equation in a
finite field. ECC can be usedto define
both an algorithm for key agreement that
is an analog ofDiffie-Hellman and an
algorithm for digital signature that is
ananalog of DSA. (See: ECDSA.)
elliptic curve 楕円曲線暗号(ECC (I) A type of asymmetric cryptography 曲線上の点によって定義された群に基づく RFC2828
cryptography (ECC) ) based on mathematics ofgroups that are 非対称暗号の一種。
defined by the points on a curve.
Elliptic Curve 楕円曲線電子署名 (N) A standard [A9062] that is the elliptic RFC2828
Digital Signature アルゴリズム(ECDS curve cryptographyanalog of the Digital
Algorithm (ECDSA) A) Signature Algorithm.
email 電子メール See: Electronic mail 電子メールを参照 RFC1983
email address 電子メールアドレス The domain-based or UUCP address that RFC1983
is used to send electronic mail to a
specified destination. For example an
editor's address is
"gmalkin@xylogics.com". See also: bang
path, mail path, UNIX- to-UNIX CoPy.
[Source: ZEN]
Email Packages 電子メールパッケー To communicate via electronic mail, an RFC2504
ジ end-user usually makes useof an Email
client that provides the user-interface to
create,send, retrieve and read Email.
Various different Email packagesprovide
the same set of basic functions but have
different user-interfaces and perhaps,
special/extra functions. Some
Emailpackages provide encryption and
digital signature capabilities.
Email Security 電子メールセキュリ Software which provides security through RFC2504
Software ティソフトウエア digital signatures andencryption (and
decryption) to enable the end-user to
protectmessages and documents prior to
sending them over a possiblyinsecure
network. PGP is an example of such
software.
E-Mail, Electronic 電子メール Entry A Directory Service contains RFC1943
Mail entries on people, organizations,
countries, etc. Entries belong to a certain
class, and information on entries is
stored in attributes.
emanation 放散 (I) An signal (electromagnetic, acoustic, RFC2828
or other medium) that is emitted by a
system (through radiation or
conductance) as a consequence (i.e.,
byproduct) of its operation, and that may
contain information. (See: TEMPEST.)
emanations security 放射情報セキュリテ (I) Physical constraints to prevent RFC2828
(EMSEC) ィ(EMSEC) information compromise through signals
emanated by a system, particular the
application of TEMPEST technology to
block electromagnetic radiation.
emergency plan 非常計画 (D) A synonym for "contingency plan". In RFC2828
the interest ofconsistency, ISDs
SHOULD use "contingency plan" instead
of"emergency plan".
Emoticon 顔文字、エモティコン Combination of punctuation marks used RFC2664
to provide sense of the senders tone of
voice in an e-mail message
EMSEC EMSEC See: emanations security. RFC2828
EMV EMV (I) An abbreviation of "Europay, RFC2828
MasterCard, Visa". Refers to
aspecification for smart cards that are
used as payment cards, andfor related
terminals and applications. [EMV1, EMV2,
EMV3]
Encapsulated カプセル化されたデ The datagram consisting of a Clear RFC1241
Datagram ータグラム Datagram prepended with an
Encapsulation Header.
Encapsulating カプセル化されたセ (C) ESP may be used alone, or in RFC2828
Security Payload キュリティペイロード( combination with the IPsec AHprotocol,
(ESP) ESP) or in a nested fashion with tunneling.
Security servicescan be provided
between a pair of communicating hosts,
between apair of communicating security
gateways, or between a host and
agateway. The ESP header is
encapsulated by the IP header, and
theESP header encapsulates either the
upper layer protocol header(transport
mode) or an IP header (tunnel mode).
ESP can providedata confidentiality
service, data origin authentication
service,connectionless data integrity
service, an anti-replay service, andlimited
traffic flow confidentiality. The set of
services dependson the placement of the
implementation and on options
selectedwhen the security association is
established.
Encapsulating カプセル化されたセ (I) An Internet IPsec protocol [R2406] RFC2828
Security Payload キュリティペイロード designed to provide a mixof security
(ESP) (ESP) services--especially data confidentiality
service--inthe Internet Protocol. (See:
Authentication Header.)
Encapsulation カプセル化 The process of mapping a Clear RFC1241
Datagram to the Encapsulation Space,
prepending an Encapsulation Header to
the Clear Datagram and routing the
Encapsulated Datagram to a
Encapsulation カプセル化 The process of wrapping something from RFC2157
one of the mail systems in such a way
that it can be carried inside the other
mail system. When encapsulating, it is not
expected that the other mail system can
make reasonable sense of the body part,
but a gateway back into the first system
will always be able to convert the body
part without loss back to its original
format.
encapsulation カプセル化 The technique used by layered protocols RFC1983
in which a layer adds header information
to the protocol data unit (PDU) from the
layer above. For example, in Internet
terminology, a packet would contain a
header from the physical layer, followed
by a header from the datalink layer (e.g.
Ethernet), followed by a header from the
network layer (IP), followed by a header
from the transport layer (e.g. TCP),
followed by the application protocol data.
[Source: RFC1208]
encapsulation カプセル化 The technique used by layered protocols RFC1208
in which a layer adds header information
to the protocol data unit (PDU) from the
layer above. As an example, in Internet
terminology, a packet would contain a
header from the physical layer, followed
by a header from the network layer (IP),
followed by a header from the transport
layer (TCP), followed by the application
protocol data.
Encapsulation カプセル化ヘッダ The header for the Encapsulation RFC1241
Header Protocol prepended to the Clear
Datagram during Encapsulation. This
header consists of an IP header followed
by an Encapsulation Protocol Header.
Encapsulation カプセル化プロトコ The Encapsulation Protocol specific RFC1241
Protocol Header ルヘッダ portion of the Encapsulation Header.
Encapsulation Space カプセル空間 The address and routing space within RFC1241
which the Encapsulators and
Decapsulators reside. Routing within this
space is accomplished via Flows.
Encapsulation Spaces do not overlap,
that is, the address of any Encapsulator
or Decapsulator is unique for all
Encapsulation Spaces.
Encapsulation カプセル化スループ The maximum rate at which frames RFC2432
Throughput (ET) ット offered a DUT are encapsulated and
correctly forwarded by the DUT without
loss.
Encapsulator カプセル化装置 The entity responsible for mapping a RFC1241
given User Space datagram to the
Encapsulation Space, encapsulating the
datagram, and forwarding the
Encapsulated Datagram to a
Decapsulator. An Encapsulator may be a
host or a gateway.
encipher 暗号化する (D) ISDs SHOULD NOT use this term as RFC2828
a synonym for "encrypt".However, see
the usage note under "encryption".
encipher 暗号化する To render incomprehensible except to RFC1507
the holder of a particular key. If you
encipher with a secret key, only the
holder of the same secret can decipher
the message. If you encipher with a
public key, only the holder of the
corresponding private key can decipher it.
encipherment 暗号化 (D) ISDs SHOULD NOT use this term as RFC2828
a synonym for "encryption",except in
special circumstances that are explained
in the usagediscussion under
"encryption".
encode 符号化 (C) Examples include Morse code, ASCII, 例えば、モールス符号やアスキー、BERな RFC2828
and BER. ど含む。
encode 符号化 (D) ISDs SHOULD NOT use this term as RFC2828
a synonym for "encrypt",because
encoding is not usually intended to
conceal meaning.
encode 符号化 (I) Use a system of symbols to represent RFC2828
information, which mightoriginally have
some other representation. (See: decode.)
Encoded 符号化情報タイプ It is the code and format of information RFC1330
Information Type that appears in the body of an IP-
message (examples of coded information
types are Telex, TIFO (Group 4
Facsimile), and voice).
encrypt 暗号化 (I) Cryptographically transform data to データを暗号文に変換する暗号変換。 RFC2828
produce ciphertext. (See:encryption.)
Encrypting / 暗号化 This is a mathematical process of プライバシの保護のためにデータをスクラ RFC2504
Encryption scambling data for privacyprotection. ンブルする数学的なプロセス。
encryption 暗号化 (C) Encryption and decryption involve a RFC2828
mathematical algorithm fortransforming
data. In addition to the data to be
transformed, thealgorithm has one or
more inputs that are control parameters:
(a)a key value that varies the
transformation and, in some cases, (b)an
initialization value that establishes the
starting state of thealgorithm.
encryption 暗号化 (C) Usage note: For this concept, ISDs RFC2828
should use the verb "toencrypt" (and
related variations: encryption, decrypt,
anddecryption). However, because of
cultural biases, someinternational usage,
particularly ISO and CCITT standards,
avoids"to encrypt" and instead uses the
verb "to encipher" (and relatedvariations:
encipherment, decipher, decipherment).
encryption 暗号化 (C) Usually, the plaintext input to an RFC2828
encryption operation iscleartext. But in
some cases, the plaintext may be
ciphertext thatwas output from another
encryption operation.
(See:superencryption.)
encryption 暗号化 (I) Cryptographic transformation of data RFC2828
(called "plaintext") intoa form (called
"ciphertext") that conceals the data's
originalmeaning to prevent it from being
known or used. If thetransformation is
reversible, the corresponding reversal
processis called "decryption", which is a
transformation that restoresencrypted
data to its original state. (See:
cryptography.)
encryption 暗号化 (O) "The cryptographic transformation of RFC2828
data (see: cryptography)to produce
ciphertext." [I7498 Part 2]
Encryption 暗号化 A mechanism often used to provide RFC1704
confidentiality.
encryption 暗号化 Encryption is the manipulation of a RFC1983
packet's data in order to prevent any but
the intended recipient from reading that
data. There are many types of data
encryption, and they are the basis of
network security. See also: Data
Encryption Standard.
encryption 暗号化証明,暗号用 (I) A public-key certificate that contains RFC2828
certificate 証明証 a public key that isintended to be used
for encrypting data, rather than for
verifyingdigital signatures or performing
other cryptographic functions.C) A v3
X.509 public-key certificate may have a
"keyUsage"extension that indicates the
purpose for which the certifiedpublic key
is intended.
Encryption Software 暗号化ソフトウェア The software that actually provides the RFC2504
needed functionality forend users to encrypt
messages and files. PGP is one example.
End Entity 終端の実体 user of PKI certificates and/or end user RFC2585
system that is the subject of a certificate.
end entity 終端の実体 A certificate subject which uses its public RFC2828
[sic] key for purposes other than signing
certificates. [X509]
end entity 終端の実体 A system entity that is the subject of a RFC2828
public-key certificate and that is using, or is
permitted and able to use, the matching
private key only for a purpose or purposes
other than signing a digital certificate; i.e., an
end entity 終端の実体 Despite the problems in the X.509 definition, RFC2828
the term itself is useful in describing
applications of asymmetric cryptography. The
way the term is used in X.509 implies that it
was meant to be defined, as we have done
here, relative to roles that an entity (which is
associated with an OSI end system) is playing
or is permitted to play in applications of
asymmetric cryptography other than the PKI
that supports applications.
end entity 終端の実体 ISDs SHOULD NOT use the X.509 definition, RFC2828
because it is misleading and incomplete. First,
the X.509 definition should say "private key"
rather than "public key" because certificates
are not usefully signed with a public key.
Second, the X.509 definition is weak
regarding whether an end entity may or may
not use the private key to sign a certificate,
i.e., whether the subject may be a CA. The
intent of X.509's authors was that an end
entity certificate is not valid for use in
verifying a signature on an X.509 certificate
or X.509 CRL. Thus, it would have been
better for the X.509 definition to have said
"only for purposes other than signing
end entity 終端の実体 Whether a subject can play both CA and non- RFC2828
CA roles, with either the same or different
certificates, is a matter of policy. (See:
certification practice statement.) A v3 X.509
public-key certificate may have a
"basicConstraints" extension containing a
"cA" value that specifically "indicates
whether or not the public key may be used to
verify certificate signatures".
end of mail data メールデータ終了通知 A special sequence of characters that RFC821
indication indicates the end of the mail data. In
particular, the five characters carriage
return, line feed, period, carriage return, line
End Station 終端端末 These include hosts and routers that use L3 RFC2816
and higher layer protocols or application
programs that need to make resource
reservations.
End system 終端のシステム as defined in ISO 8648 RFC1142
end system 終端のシステム An OSI system which contains application RFC1208
processes capable of communicating through
all seven layers of OSI protocols. Equivalent
to Internet host.
End system 終端のシステム An application that generates the content to RFC1889
be sent in RTP packets and/or consumes
the content of received RTP packets. An end
system can act as one or more
synchronization sources in a particular RTP
session, but typically only one.
end system 終端のシステム A device from which and to which calls are RFC2824
established. It creates and receives the
call's media (audio, video, or the like). This
may be a SIP user agent or an H.323 terminal.
end system 終端のシステム An OSI term for a computer that implements RFC2828
all seven layers of the OSIRM and may
attach to a subnetwork. (In the context of
the Internet Protocol Suite, usually called a
End System (ES) 終端のシステム An OSI system on which applications run. An RFC1136
End System has full seven-layer OSI
functionality. Basically equivalent to an
Internet Host.
end user エンドユーザ General usage: A system entity, usually a RFC2828
human individual, that makes use of system
resources, primarily for application purposes
as opposed to system management purposes.
end user エンドユーザ PKI usage: A synonym for "end entity"; but RFC2828
the term "end entity" is preferred.
End User エンドユーザ The end user is usually (but not necessarily) RFC2871
a human being, and is the party who is the
ultimate initiator or recipient of calls.
End User Policy エンドユーザの方針 Preferences that an end user has about how RFC2871
a call towards the GSTN should be routed.
End-of-Line 行末 The end-of-line sequence defines the RFC959
separation of printing lines. The sequence is
Carriage Return, followed by Line Feed.
End-Station 終端局 these include hosts and routers that use L3 RFC2814
and higher layer protocols or application
programs that need to make resource
reservations.
end-system 終端のシステム A user's machine. It only sends packets to RFC1552
servers and other end-systems. It doesn't
pass any packets through itself.
end-system 終端のシステム A user's machine. It only sends packets to RFC2097
servers and other end-systems. It doesn't
pass any packets through itself.
end-to-end 端から端までの暗号 Continuous protection of data that flows RFC2828
encryption 化 between two points in a network, provided by
encrypting data when it leaves its source,
leaving it encrypted while it passes through
any intermediate computers (such as
routers), and decrypting only when the data
arrives at the intended destination. (See: link
encryption, wiretapping.)
end-to-end 端から端までの暗号 When two points are separated by multiple RFC2828
encryption 化 communication links that are connected by
one or more intermediate relays, end-to-end
encryption enables the source and
destination systems to protect their
communications without depending on the
intermediate systems to provide the
End-to-End path 端から端までの経路 An end-to-end path consists of two hosts RFC1932
which can communicate with one another
over an arbitrary number of routers and
End-User エンドユーザ An (human) individual that makes use of RFC2504
computer systems andnetworks.
End-User エンドユーザ People performing White Pages searches and RFC2967
look-ups (via various forms of client
entity 実体、エンティティ OSI terminology for a layer protocol machine. RFC1208
An entity within a layer performs the
functions of the layer within a single
computer system, accessing the layer entity
below and providing services to the layer
entity above at local service access points.
entity 実体、エンティティ A particular representation or rendition of a RFC1945
data resource, or reply from a service
resource, that may be enclosed within a
request or response message. An entity
consists of metainformation in the form of
entity headers and content in the form of an
entity body.
Entity 実体、エンティティ The term "entity", refers specifically to the RFC2045
MIME-defined header fields and contents of
either a message or one of the parts in the
body of a multipart entity. The specification
of such entities is the essence of MIME.
Since the contents of an entity are often
called the "body", it makes sense to speak
about the body of an entity. Any sort of field
may be present in the header of an entity,
but only those fields whose names begin with
"content-" actually have any MIME-related
meaning. Note that this does NOT imply thay
they have no meaning at all -- an entity that
is also a message has non- MIME header
fields whose meanings are defined by RFC
Entity 実体、エンティティ The information transferred in a request or RFC2291
response.
Entity 実体、エンティティ The information transferred as the payload of RFC2326
a request orresponse. An entity consists of
metainformation in the form ofentity-header
fields and content in the form of an entity-
body, as described in Section 8.
entity 実体、エンティティ The information transferred as the payload of RFC2616
a request or response. An entity consists of
metainformation in the form of entity-header
fields and content in the form of an entity-
body, as described in section 7.
entity 実体、エンティティ See: system entity. RFC2828
entrapment 計略、エントラップメン The deliberate planting of apparent flaws in a RFC2828
ト system for the purpose of detecting
attempted penetrations or confusing an
intruder about which flaws to exploit. [FP039]
entry エントリ、記述項 A set of attributes with a unique entry name. RFC2244
See section 3.1.
Entry policing エントリ方策化、エント Traffic policing done at the first RSVP- (and RFC2205
リポリシング policing-) capable router on a data path.
ENVELOPE 封筒 A place in which the information to be used RFC1330
in the submission, delivery and relaying of a
message is contained.
EOF ファイル終端 The end-of-file condition that defines the RFC959
end of a file being transferred.
EOR レコード終端 The end-of-record condition that defines the RFC959
end of a record being transferred.
ephemeral key 短命鍵 A public key or a private key that is relatively RFC2828
short-lived. (See: session key.)
Equivalence 等価性 A set of two mappings that taken together RFC2157
provide a lossless conversion between an
X.400 body part and a MIME body part
Error Block エラーブロック An Error Block reports that a Technical Error RFC2801
was found in an IOTP Message that was
previously received. Typically Technical
Errors are caused by errors in the XML
which has been received or some technical
failure of the processing of the IOTP
Message. Frequently the generation or
receipt of an Error Block will result in failure
of the IOTP Transaction. They are distinct
from Business Errors, reported in a Status
Component, which can also cause failure of
error checking 誤り検査 The examination of received data for RFC1983
transmission errors. See also: checksum,
Cyclic Redundancy Check.
error detection code 誤り検出符号 A checksum designed to detect, but not RFC2828
correct, accidental (i.e., unintentional)
changes in data.
error recovery エラー回復 A procedure that allows a user to recover RFC959
from certain errors such as failure of either
host system or transfer process. In FTP,
error recovery may involve restarting a file
transfer at a given checkpoint.
ERROR_SPEC エラー仕様 Object that carries the error report in a RFC2205
PathErr or ResvErr message.
Errored frames .
Lines 行 Lines are defined as sequences of octets RFC2045
separated by a CRLF sequences. This is
consistent with both RFC 821 and RFC
822. "Lines" only refers to a unit of data
in a message, which may or may not
correspond to something that is actually
displayed by a user agent.
Link リンク The communication path between two RFC1142
neighbours. A Link is up when
communication is possible between the
two SNPAs.
link リンク a communication facility or medium over RFC1256
which systems can communicate at the
link layer, i.e., the protocol layer
immediately below IP. The term
"physical network" has sometimes been
used (imprecisely) for this. Examples of
links are LANs (possibly bridged to other
LANs), wide-area store-and-forward
networks, satellite channels, and point-
to-point links.
link リンク a communication facility or medium over RFC1971,
which nodes can communicate at the link RFC1981
layer, i.e., the layer immediately below IP.
Examples are Ethernets (simple or
bridged); PPP links; X.25, Frame Relay, or
ATM networks; and internet (or higher)
layer "tunnels", such as tunnels over
IPv4 or IPv6 itself.
link リンク A pointer which may be used to retreive RFC1983
the file or data to which the pointer
points.
Link リンク A facility or medium over which nodes RFC2002
can communicate at the link layer. A link
underlies the network layer.
link リンク a communication facility or medium over RFC2185
which nodes can communicate at the link
layer, i.e., the layer immediately below
internet layer.
Link リンク A typed connection between two or more RFC2291
resources.
link リンク A single link-level connection between RFC2330
two (or more) hosts;includes leased lines,
ethernets, frame relay clouds, etc.
link リンク a communication facility or medium over RFC2461,
which nodes cancommunicate at the link RFC2462
layer, i.e., the layerimmediately below IP.
Examples are Ethernets (simpleor
bridged), PPP links, X.25, Frame Relay, or
ATMnetworks as well as internet (or
higher) layer"tunnels", such as tunnels
over IPv4 or IPv6 itself.
Link リンク Two unidirectional paths flowing in RFC2625
opposite directions and connecting two
Ports within adjacent Nodes.
link リンク (I) World Wide Web usage: See: RFC2828
hyperlink.
link リンク (I) Subnetwork usage: A point-to- RFC2828
point communication channel
connecting two subnetwork relays
(especially one between two
packet switches) that is
implemented at OSI layer 2. (See: link
encryption.)
link リンク (C) The relay computers assume RFC2828
that links are logically passive.
If a computer at one end of a link
sends a sequence of bits, the
sequence simply arrives at the other
end after a finite time,
although some bits may have been
changed either accidentally
(errors) or by active wiretapping.
Link Layer リンク層 We refer to data-link layer technologies RFC2814
such as IEEE 802.3/Ethernet as L2 or
layer 2.
Link Layer Domain or Layer 2 domain or
L2 domain a set of nodes and links
interconnected without passing through a
L3 forwarding function. One or more IP
subnets can be overlaid on a L2 domain.
Link Layer リンク層 Data link layer technologies such as RFC2816
Ethernet/IEEE 802.3 and Token
Ring/IEEE 802.5 are referred to as Layer
2 or L2.
Link Layer Domain リンク層領域 Refers to a set of nodes and links RFC2816
interconnected without passing through a
L3 forwarding function. One or more IP
subnets can be overlaid on a L2 domain.
link level リンクレベル The term "link level" is used to avoid RFC1433
potential confusion with the term "IP
sub-network", and to identify addresses
(i.e., "link level address") associated with
the network used to transport IP
link level network リンクレベルネットワ A "link level network" is the upper layer RFC1433
ーク of what is sometimes referred to (e.g.,
OSI parlance) as the "subnetwork", i.e.,
the layers below IP.
link MT リンクMT the maximum transmission unit, i.e., RFC2461
maximum packet size in octets, that can
be conveyed in one piece over a link.
link MTU リンクMTU the maximum transmission unit, i.e., RFC1981
maximum packet size in octets, that can
be conveyed in one piece over a link.
Link Speed リンク速度不一致 Speed mismatch between input and RFC1242
Mismatch output data rates.
Link state リンク状態通知 Describes the local state of a switch or a RFC2642
advertisement link. Each link state advertisement is
flooded throughout the switch fabric. The
collected link state advertisements of all
switches and links form the protocol's
topological database.
link station リンク局 A link station comprises procedures and RFC1747
control information that coordinate the
transfer of data between two nodes
joined by a link connection. All traffic
over the link connection is from the
primary link station to one or more
secondary link stations, or from a
secondary link station to the primary link
station.
link-by-link リンクごとの暗号化 (I) Stepwise protection of data that RFC2828
encryption, link ,リンク暗号化 flows between two points in a
encryption network, provided by encrypting data
separately on each network
link, i.e., by encrypting data when it
leaves a host or subnetwork
relay and decrypting when it arrives
at the next host or relay.
Each link may use a different key or
even a different algorithm.
[R1455] (See: end-to-end
encryption.)
link-layer address リンク層アドレス a link-layer identifier for an interface. RFC1971,
Examples include IEEE 802 addresses for
Ethernet links and E.164 addresses for RFC2461,
ISDN links. RFC2462
Link-Layer Address リンク層アドレス The address used to identify an endpoint RFC2002
of some communication over a physical
link. Typically, the Link-Layer address is
an interface's Media Access Control
(MAC) address.
link-local address リンク局所アドレス an address having link-only scope that RFC1971,
can be used to reach neighboring nodes RFC2462
attached to the same link. All interfaces
have a link-local unicast address.
link-local address リンク局所アドレス a unicast address having link-only scope RFC2461
that can be used to reach neighbors. All
interfaces on routers MUST have a link-
local address. Also, [ADDRCONF]
requires that interfaces on hosts have a
link-local address.
LIP LIP Loop Initialization. A primitive Sequence RFC2625
used by a port to detect if it is part of a
loop or to recover from certain loop
errors.
List message リストメッセージ A list message sends the variant list of a RFC 2703
negotiable resource, but no variant data.
It can be generated when the sender
does not want to, or is not allowed to,
send a particular variant.
list response リスト応答 A list response returns the variant list of RFC2295
the negotiable resource, but no variant
data. It can be generated when the
server does not want to, or is not
allowed to, return a particular best
variant for the request. List responses
are defined in section 10.1.
list server リストサーバ An automated mailing list distribution RFC1983
system. List servers handle the
administrivia of mailing list maintenance,
such as the adding and deleting of list
members.
Listed Server リストされたサーバ An Authoritative Server for which there RFC2182
? is an "NS" resource record (RR) in the
zone.
Listserv Listserv A program available on many BITNET RFC1402
connected computers that can act as a
mail forwarding system and as a file
repository. BITNET is another network
that links many colleges and universities
It does not normally link to military or
government institutions as does the
Internet. To subscribe to a listserv, you
usually send mail to the machine that has
the mailing list with the command to
subscribe. As an example, to subscribe
to a list for discussion of topics pertinent
to mechanical engineering, send e-mail to
listserv@utarlvml with a message
containing the one-line command to
subscribe: SUB MECH-1 John Doe
(Where John Doe would be your full name)
little-endian リトルエンディアン, A format for storage or transmission of RFC1208
? binary data in which the least significant
byte (bit) comes first. See big-endian.
little-endian リトルエンディアン, A format for storage or transmission of RFC1983
? binary data in which the least significant
byte (bit) comes first. See also: big-
endian. [Source: RFC1208]
Live Property ライブ特性? A property whose semantics and syntax RFC2518
are enforced by the server. For example,
the live "getcontentlength" property has
its value, the length of the entity
returned by a GET request, automatically
calculated by the server.
LLC LLC See: Logical Link Control RFC1983
local access only 局所アクセス専用サ A server which does not pass any RFC2097
server ーバ packets through itself to other servers.
Local Address 局所アドレス The address of a host within a network. RFC791
The actual mapping of an internet local
address on to the host addresses in a
network is quite general, allowing for
many to one mappings.
Local Address 局所アドレス The rest field of the Internet address RFC950
(as defined in [3]).
Local Area Network ローカルエリアネット A data network intended to serve an area RFC1983
(LAN) ワーク of only a few square kilometers or less.
Because the network is known to cover
only a small area, optimizations can be
made in the network signal protocols that
permit data rates up to 100Mb/s. See
also: Ethernet, Fiber Distributed Data
Interface, token ring, Metropolitan Area
Network, Wide Area Network. [Source:
NNSC]
Local Chassis 局所外枞? The particular chassis containing the RFC2922
SNMP agent implementing the PTOPO
MIB.
Local Domain 局所領域 An administrative domain containing the RFC2977
AAA infrastructure of immediate interest
to a Mobile IP client when it is away from
home.
Local Hardware ローカルハードウェ The physical link to which the host is RFC919,
Network アネットワーク attached. RFC922
local ISP 局所IISP This is the Internet service provider RFC2194
whom the user calls in order to get
access. Where roaming is implemented
the local ISP may be different from the
home ISP.
local packet 局所パケット The unit of transmission within a local RFC793
network.
Local repair 局所修復 Allows RSVP to rapidly adapt its RFC2205
reservations to changes in routing. See
Section 3.6 for more information.
local UA function 局所UA機能 Functions performed solely by the UA RFC1421
and not standardized as part of the MH
Service elements are called local UA
functions.
local user name 局所ユーザ名 A simple (non-hierarchical) name by RFC1507
which a user is known within a limited
context such as on a single computer.
Locale ロケール The language localization that applies to RFC2614
strings passed into or returned from the
SLP API. The Locale is expressed using
a Language Tag [6]. All attribute strings
are associated with a particular locale.
The locale is completely orthogonal to
the ANSI C locale. The SLP locale is
mapped into the Java locale in the Java
Localization 現地化 the specification of human language, RFC1759
country, and character set needed to
present information to people in their
native languages.
Location server 現地サーバ See location service. RFC2543
Location Server 現地サーバ(LS) A logical entity with IP connectivity RFC2871
(LS) which has knowledge of gateways that
can be used to terminate calls towards
the GSTN. The LS is the main entity that
participates in Telephony Routing over
IP. The LS is generally a point of contact
for end users for
Location Server 現地サーバ方策 The set of rules which dictate how a RFC2871
Policy location server processes information it
sends and receives via TRIP. This
includes rules for aggregating,
propagating, generating, and accepting
Location service 現地サービス A location service is used by a SIP RFC2543
redirect or proxy server to obtain
information about a callee's possible
location(s). Location services are offered
by location servers. Location servers
MAY be co-located with a SIP server,
but the manner in which a SIP server
requests location services is beyond the
scope of this document.
locator ロケータ locator is a bit string which is used to RFC2101
identify where a particular packet must
be delivered, i.e. it serves to locate the
place in the Internet topology where the
destination host is attached.
Traditionally, the destination IPv4
address in every packet is used for this.
IP routing protocols interpret IPv4
addresses as locators and construct
routing tables based on which routers
(which have their own locators) claim to
know a route towards the locators of
Lock ロック A mechanism for preventing anyone RFC2291
other than the owner of the lock from
accessing a resource.
Log In Prompt ログインプロンプト The characters that are displayed when RFC2504
logging into a system toask for user
name and password.
Log In, Logging into ログインする This is an action performed by an end- RFC2504
a System user, when he authenticateshimself to a
computer system.
Logged In ログインしている If an end-user has successfully proven RFC2504
to have legitimate accessto a system, he
is considered to be logged in.
Logging ロギング Systems and server software often RFC2504
provide the ability to keeptrack of
events. Events may be configured to be
written out to afile known as a log. The
log file can be read later and allowsfor
system failures and security breaches to
be identified.
Logging ロギング The recording of user requests made to RFC2647
the firewall.
logic bomb 論理不正 (I) Malicious logic that activates RFC2828
when specified conditions are
met. Usually intended to cause
denial of service or otherwise
damage system resources. (See:
Trojan horse, virus, worm.)
Logical [network] 論理[ネットワーク]イ We define a logical [network] interface to RFC1122
interface ンタフェース be a logical path, distinguished by a
unique IP address, to a connected
network.
Logical [network] 論理[ネットワーク]イ We define a logical [network] interface to RFC1812
interface ンタフェース be a logical path, distinguished by a
unique IP address, to a connected
network.
Logical Link Control 論理リンク制御 The upper portion of the datalink layer, RFC1983
(LLC) as defined in IEEE 802.2. The LLC
sublayer presents a uniform interface to
the user of the datalink service, usually
the network layer. Beneath the LLC
sublayer is the MAC sublayer. See also:
802.x, layer, Media Access Control.
Logical Port 論理ポート This term is used to model the frame RFC2954
relay "interface" on a device.
login ログイン (I) The act of a system entity gaining RFC2828
access to a session in
which the entity can use system
resources; usually accomplished by
providing a user name and password
to an access control system
that authenticates the user.
(C) Derives from "log" file", a
security audit trail that records
security events, such as the
beginning of sessions, and who
initiates them.
login name ログイン名 the term "login name" refers to the RFC2307
user's login name (being the value of the
uid attribute)
LOGO LOGO Logout. RFC2625
long ロング A long is a 32-bit quantity. RFC909
longest prefix match 前方最長一致 The process of determining which prefix RFC2461
(if any) in a set of prefixes covers a
target address. A target address is
covered by a prefix if all of the bits inthe
prefix match the left-most bits of the
target address. When multiple prefixes
cover an address, the longest prefix is
the one that matches.
Loop ループ An analogue or digital access RFC2805
connection from a user
terminal which carries user
media content and telephony
access signalling (DP, DTMF,
BRI, proprietary business set).
LOSS WINDOW (LW) 損失ウインドウ The loss window is the size of the RFC2581
congestion window after a TCP sender
detects loss using its retransmission
LOTOS LOTOS See: Language of Temporal Ordering RFC2828
Specification.
LPM LPM Local Policy Module. the function that RFC2205
exerts policy control.
LR LR Link reset. A primitive sequence RFC2625
transmitted by a port to initiate the link
reset protocol or to recover from a link
timeout.
LS LS Last Sequence of Exchange. This FCTL RFC2625
bit in the FC header indicates the
Sequence is the Last Sequence of the
Exchange.
LSA LSA Link State Advertisement RFC1584
LSB LSB Least Significant Bit RFC2351
LU name LU名 The terms "device-name", "LU name" RFC2355
and "network name" can be considered
interchangeable in this document. They
refer to a specific terminal or printer
device.
LUB LUB Least Upper Bound. RFC2205
Lurking 非活動 No active participation on the part of a RFC1983
subscriber to an mailing list or USENET
newsgroup. A person who is lurking is
just listening to the discussion. Lurking
is encouraged for beginners who need to
get up to speed on the history of the
group. See also: Electronic Mail, mailing
list, Usenet. [Source: LAQUEY]
Lycos Lycos Lycos, Inc. is a new venture formed in RFC1983
late June 1995, to develop and market
the Lycos technology originally
developed under the direction of Dr.
Michael ("Fuzzy") Mauldin at Carnegie
Mellon University. The part of Lycos you
see when you do a search is the search
engine. "Lycos" comes from Lycosidae,
a cosmopolitan family of relatively large
active ground spiders (Wolf Spiders) that
catch their prey by pursuit, rather than in
a web. [Source: Lycos's FAQ]
MAAS (Multicast MAAS (Multicast A host providing multicast address RFC2909
Address Allocation Address Allocation allocation services to end users (e.g. via
Server) Server) MADCAP [MADCAP]).
MAC MAC See: Media Access Control RFC1983
MAC MAC See: mandatory access control, RFC2828
Message Authentication Code.
MAC address MACアドレス The hardware address of a device RFC1983
connected to a shared media. See also:
Media Access Control, Ethernet, token
ring. [Source: MALAMUD]
MAC Packet MACパケット A DOCSIS PDU. RFC2669
MAC Packet MACパケット A DOCSIS PDU. RFC2670
Macintosh マッキントシュ a tool that runs on Macintosh personal RFC1470
computers.
mail bridge メールブリッジ A mail gateway that forwards electronic RFC1983
mail between two or more networks while
ensuring that the messages it forwards
meet certain administrative criteria. A
mail bridge is simply a specialized form of
mail gateway that enforces an
administrative policy with regard to what
mail it forwards. See also: Electronic
Mail, mail gateway. [Source: NNSC]
mail data メールデータ A sequence of ASCII characters of RFC821
arbitrary length, which conforms to the
standard set in the Standard for the
Format of ARPA Internet Text Messages
(RFC 822 [2]).
Mail Exchange メール交信記録 A DNS resource record type indicating RFC1983
Record (MX Record) which host can handle mail for a
particular domain. See also: Domain
Name System, Electronic Mail. [Source:
MALAMUD]
mail exploder 同報起動 Part of an electronic mail delivery RFC1208
system which allows a message to be
delivered to a list of addressees. Mail
exploders are used to implement mailing
lists. Users send messages to a single
address (e.g., hacks@somehost.edu) and
the mail exploder takes care of delivery
to the individual mailboxes in the list.
mail exploder 同報起動 Part of an electronic mail delivery RFC1983
system which allows a message to be
delivered to a list of addresses. Mail
exploders are used to implement mailing
lists. Users send messages to a single
address and the mail exploder takes care
of delivery to the individual mailboxes in
the list. See also: Electronic Mail, email
address, mailing list. [Source: RFC1208]
mail gateway メールゲートウェイ A machine that connects two or more RFC1208
electronic mail systems (especially
dissimilar mail systems on two different
networks) and transfers messages
between them. Sometimes the mapping
and translation can be quite complex, and
generally it requires a store-and-forward
scheme whereby the message is received
from one system completely before it is
transmitted to the next system after
suitable translations.
mail gateway メールゲートウェイ A machine that connects two or more RFC1983
electronic mail systems (including
dissimilar mail systems) and transfers
messages between them. Sometimes the
mapping and translation can be quite
complex, and it generally requires a
store-and-forward scheme whereby the
message is received from one system
completely before it is transmitted to the
next system, after suitable translations.
See also: Electronic Mail. [Source:
RFC1208]
mail path メールパス A series of machine names used to RFC1983
direct electronic mail from one user to
another. This system of email addressing
has been used primarily in UUCP
networks which are trying to eliminate its
use altogether. See also: bang path,
email address, UNIX-to-UNIX CoPy.
mail server メールサーバ A software program that distributes files RFC1983
or information in response to requests
sent via email. Internet examples include
Almanac and netlib. Mail servers have
also been used in Bitnet to provide FTP-
like services. See also: Bitnet, Electronic
Mail, FTP. [Source: NWNET]
mailbox メールボックス A character string (address) which RFC821
identifies a user to whom mail is to be
sent. Mailbox normally consists of the
host and user specifications. The
standard mailbox naming convention is
defined to be "user@domain".
Additionally, the "container" in which
mail is stored.
mailing list メーリングリスト A list of email addresses, used by a mail RFC1983
exploder, to forward messages to groups
of people. Generally, a mailing list is
used to discuss certain set of topics, and
different mailing lists discuss different
topics. A mailing list may be moderated.
This means that messages sent to the
list are actually sent to a moderator who
determines whether or not to send the
messages on to everyone else. Requests
to subscribe to, or leave, a mailing list
should ALWAYS be sent to the list's "-
request" address (e.g. ietf-
request@cnri.reston.va.us for the IETF
mailing list) or majordomo server. See
also: Electronic Mail, mail exploder, email
address, moderator, majordomo.
majordomo ? A program which handles mailing list RFC1983
maintenance (affectionately known as
administrivia) such as adding and
removing addresses from mailing lists.
See also: email address, mailing list.
malicious logic 悪意の論理 (I) Hardware, software, or firmware RFC2828
that is intentionally included
or inserted in a system for a harmful
purpose. (See: logic bomb,
Trojan horse, virus, worm.)
malware ? (I) A contraction of "malicious RFC2828
software". (See: malicious logic.)
(D) ISDs SHOULD NOT use this
term because it is not listed in most
dictionaries and could confuse
international readers.
MAN MAN See: Metropolitan Area Network RFC1983
Managed segment 管理セグメント A managed segment is a segment with a RFC2814
DSBM present and responsible for
exercising admission control over
requests for resource reservation. A
managed segment includes those
interconnected parts of a shared LAN
that are not separated by DSBMs.
Managed Segment 管理セグメント A managed segment is a segment with a RFC2816
DSBM (designated subnet bandwidth
manager, see [14]) present and
responsible for exercising admission
control over requests for resource
reservation. A managed segment
includes those interconnected parts of a
shared LAN that are not separated by
Management 管理アプリケーショ a program which queries and controls RFC1759
Application (a.k.a. ン one or more managed nodes
Manager)
MANAGEMENT 管理ドメイン The set of Message Handling System RFC1330
DOMAIN (MHS) entities managed by an
Administration or organization that
includes at least one Message Transfer
Agent (MTA).
Management 管理ドメイン A network or networks under the control RFC2661
Domain (MD) of a single administration, policy or
system. For example, an LNS's
Management Domain might be the
corporate network it serves. An LAC's
Management Domain might be the
Internet Service Provider that owns and
manages it.
Management 管理情報ベース The set of parameters an SNMP RFC1983
Information Base management station can query or set in
(MIB) the SNMP agent of a network device (e.g.
router). Standard, minimal MIBs have
been defined, and vendors often have
Private enterprise MIBs. In theory, any
SNMP manager can talk to any SNMP
agent with a properly defined MIB. See
also: client-server model, Simple Network
Management Protocol. [Source: BIG-LAN]
management script 管理スクリプト A `management script' is a set of RFC2592
instructions written in an executable
language which implements a
management function.
management 管理スクリプト言語 A `management scripting language' is a RFC2592
scripting language language used to write management
scripts. Note, the term scripting language
does not imply that the language must
have the characteristics of scripting
languages (e.g. string orientation,
interpretation, weak typing). The MIB
defined in this memo also allows to
control management scripts written in
arbitrary compiled system programming
languages.
management station 管理ステーション Management stations execute RFC1910
management applications which monitor
and control managed elements. Managed
elements are devices such as hosts,
routers, terminal servers, etc., which are
monitored and controlled via access to
their management information.
Management Station 管理ステーション a physical computer on which one or RFC1759
more management applications can run
management system 管理システム A management system contains: several RFC1910
(potentially many) nodes, each with a
processing entity, termed an agent, which
has access to management
instrumentation; at least one
management station; and, a management
protocol, used to convey management
information between the agents and
management stations. Operations of the
protocol are carried out under an
administrative framework which defines
authentication, authorization, access
control, and privacy policies.
Manager マネージャ a distributed network management RFC1470
system or system component.
MANAGERS マネージャ which configure meters and control RFC2123
meter readers, and
mandatory access 必須アクセス制御 (I) An access control service that RFC2828
control (MAC) enforces a security policy
based on comparing (a) security
labels (which indicate how
sensitive or critical system
resources are) with (b) security
clearances (which indicate system
entities are eligible to access
certain resources). (See:
discretionary access control, rule-based
security policy.)
(C) This kind of access control is
called "mandatory" because an
entity that has clearance to access
a resource may not, just by
its own volition, enable another
entity to access that resource.
(O) "A means of restricting access
to objects based on the
sensitivity (as represented by a
label) of the information
contained in the objects and the
formal authorization (i.e.,
clearance) of subjects to access
information of such sensitivity."
[DOD1]
man-in-the-middle なりすまし仲介者 (I) A form of active wiretapping RFC2828
attack in which the attacker
intercepts and selectively modifies
communicated data in order to
masquerade as one or more of the
entities involved in a
communication association. (See:
hijack attack, piggyback attack.)
(C) For example, suppose Alice and
Bob try to establish a session
key by using the Diffie-Hellman
algorithm without data origin
authentication service. A "man in
the middle" could (a) block
direct communication between Alice
and Bob and then (b) masquerade
as Alice sending data to Bob, (c)
masquerade as Bob sending data
to Alice, (d) establish separate
session keys with each of them,
and (e) function as a clandestine
proxy server between them in
order to capture or modify sensitive
information that Alice and
Bob think they are sending only to
each other.
manipulation 操作検出符号 (D) ISDs SHOULD NOT use this RFC2828
detection code term as a synonym for "checksum"
because the word "manipulation"
implies protection against active
attacks, which an ordinary checksum
might not provide. Instead, if
such protection is intended, use
"protected checksum" or some
particular type thereof, depending on
which is meant. If such
protection is not intended, use
"error detection code" or some
specific type of checksum that is
not protected.
Map マップ a tool that can discover and report a RFC1470
system's topology or configuration.
Mapping 対応付け (noun): A description of how to transform RFC2157
an X.400 body part into a MIME body
part, or how to transform a MIME body
part into an X.400 body part.
Mapping Function 対応付け関数 This is the function of mapping a Clear RFC1241
Header to a particular Flow. All
encapsulators along a given Flow are
required to map a given Clear Header to
the same Flow.
Marker マーカ a device that performs marking. RFC2475
Marking マーク付け the process of setting the DS codepoint RFC2475
in a packet based on defined rules; pre-
marking, re-marking.
Martian 異質パケット Humorous term applied to packets that RFC1208
turn up unexpectedly on the wrong
network because of bogus routing
entries. Also used as a name for a packet
which has an altogether bogus (non-
registered or ill-formed) Internet address.
Martian 異質パケット A humorous term applied to packets that RFC1983
turn up unexpectedly on the wrong
network because of bogus routing
entries. Also used as a name for a
packet which has an altogether bogus
(non-registered or ill-formed) internet
address. [Source: RFC1208]
Martian Filtering 異質パケット除去 A packet that contains an invalid source RFC1812
or destination address is considered to
be martian and discarded.
MASC server MASCサーバ A node running MASC. RFC2909
Masquerade 仮面なりすまし The masquerade threat is the danger RFC1910
that management operations not
authorized for some user may be
attempted by assuming the identity of
another user that has the appropriate
Masquerade 仮面なりすまし The masquerade threat is the danger RFC2571
that management operations not
authorized for some principal may be
attempted by assuming the identity of
another principal that has the appropriate
Masquerade (see 仮面なりすまし Anyone who pretends to be someone RFC2504
Remote Log In) they are not in order to obtainaccess to
a computer account is said to be in
'masquerade'. Thismay be accomplished
by providing a false user name, or
stealingsomeone else's password and
logging in as him.
masquerade attack 仮面なりすまし攻撃 (I) A type of attack in which one RFC2828
system entity illegitimately
poses as (assumes the identity of)
another entity. (See: spoofing
attack.)
master ウェブマスター The master is the principal member of RFC1301
the web. The master capability is a
superset of a producer member. The
master is mainly responsible for giving
out transmit tokens to members who
wish to send data, and overseeing the
web's membership and operational
Master 主サーバ any authoritative server configured to be RFC1996
the source of zone transfer for one or
more slave servers.
Master 主サーバ an authoritative server configured to be RFC2136
the source of AXFR or IXFR data for one
or more slave servers.
master secret 主機密 Secure secret data used for generating RFC2246
encryption keys, MAC secrets, and IVs.
Match 一致 An address A "matches" a prefix P RFC2894
whose length is L if the first L bits of A
are identical with the first L bits of P.
(Every address matches a prefix of
length 0.) A prefix P1 with length L1
matches a prefix P2 of length L2 if L1 >=
L2 and the first L2
Matched Prefix 接頭辞一致 The existing prefix or address which RFC2894
matched a Match-Prefix.
Match-Prefix 対応接頭辞 This is a Prefix against which a router RFC2894
compares the addresses and prefixes
configured on its interfaces.
MATIP MATIP Mapping of Airline Traffic over Internet RFC2351
Protocol
Maximum 最大転送速度 The highest forwarding rate of a RFC2285
forwarding rate DUT/SUT taken from an iterative set of
(MFR)
packet/frame/cell functions: A
conference bridge with all
packet interfaces could be an
MG, as well as an (IVR)
interactive voice recognition
unit, an audio resource
function, or a voice
recognition system with a cell
interface.
Media Gateway メディアゲートウェイ An MGC-Unit is a physical entity RFC2719
Control Unit 制御ユニット containing the MGC function.
Media Gateway メディアゲートウェイ An MGC handles the registration and RFC2719
Controller (MGC) 制御器 management of resources at the MG.
The MGC may have the ability to
authorize resource usage based on local
policy. For signaling transport purposes,
the MGC serves as a possible
termination and origination point for SCN
application protocols, such as SS7 ISDN
User Part and Q.931/DSS1.
Media Gateway メディアゲートウェイ Controls the parts of the call state that RFC2885
Controller (MGC) 制御器 pertain to connection control for media
channels in a MG.
Media Gateway メディアゲートウェイ A Media Gateway Controller (MGC) RFC2805
Controller (MGC) 制御機能 function controls a MG.
function
Media Gateway Unit メディアゲートウェイ An MG-Unit is a physical entity that RFC2719
(MGU) ・ユニット contains the MG function. It may contain
other functions, esp. an SG function for
handling facility-associated signaling.
Media Gateway unit メディアゲートウェイ An MG-unit is a physical entity that RFC2805
(MG-unit) ・ユニット contains an MG function and may
also contain other functions, e.g. an SG
function.
Media initialization メディア初期化 Datatype/codec specific initialization. RFC2326
This includes suchthings as clockrates,
color tables, etc. Any transport-
independent information which is required
by a client forplayback of a media stream
occurs in the media initializationphase of
stream setup.
Media parameter メディアパラメタ Parameter specific to a media type that RFC2326
may be changed beforeor during stream
playback.
Media Path メディアパス the mechanisms that transport instances RFC1759
of the media from an input, through the
marker, possibly through media buffers
and duplexing pathways, out to the
output with optional finishing applied.
The inputs and outputs are not part of
the Media Path.
Media Resource メディア情報源 Examples of media resources are RFC2805
codecs, announcements, tones, and
modems, interactive voice response
(IVR) units, bridges, etc.
Media server メディアサーバ The server providing playback or RFC2326
recording services for one ormore media
streams. Different media streams within
apresentation may originate from
different media servers. Amedia server
may reside on the same or a different
host as theweb server the presentation
is invoked from.
Media server メディアサーバ変更 Redirection of a media client to a RFC2326
indirection different media server.
media type メディア型 An attribute of data which describes the RFC1614
general nature of its expected
presentation. The value of this attribute
could be one of the following (not
exhaustive) list:Text, Sound, Image (e.g.,
a "photograph"), Graphics (e.g., a
"drawing"), Animation (i.e., moving
graphics) and Movie (i.e., moving image).
member メンバ A web member is any process that has RFC1301
been permitted to join the web (by the
master) as well as the master itself.
Member of Version バージョン木の要素 A resource that is a node in a version RFC2291
Graph graph, and so is derived from the
resources that precede it in the graph,
and is the basis of those that succeed it.
Member URI URI要素 A URI which is a member of the set of RFC2518
URIs contained by a collection.
Member-AS AS要素 An autonomous system that is contained RFC1965
in a given AS confederation.
membership class 所属クラス Every member is classified as to its RFC1301
intentions for joining the web.
Membership classes are defined to be
consumer, producer and master. Each
successive class is a formal superset of
the previous.
Merchant 取引者 The Organisation from whom the service RFC2801
or goods are being obtained, who is
legally responsible for providing the
goods or services and receives the
benefit of any payment made
merchant 取引者 (O) SET usage: "A seller of goods, RFC2828
services, and/or other
information who accepts payment
for these items electronically."
[SET2] A merchant may also provide
electronic selling services
and/or electronic delivery of items
for sale. With SET, the
merchant can offer its cardholders
secure electronic interactions,
but a merchant that accepts
payment cards is required to have a
relationship with an acquirer. [SET1,
SET2]
merchant certificate 取引証明 (O) SET usage: A public-key RFC2828
certificate issued to a merchant.
Sometimes used to refer to a pair of
such certificates where one
is for digital signature use and the
other is for encryption.
merchant 取引証明権限 (O) SET usage: A CA that issues RFC2828
certification digital certificates to merchants
authority (MCA) and is operated on behalf of a
payment card brand, an acquirer, or
another party according to brand
rules. Acquirers verify and
approve requests for merchant
certificates prior to issuance by
the MCA. An MCA does not issue a
CRL, but does distribute CRLs
issued by root CAs, brand CAs,
geopolitical CAs, and payment
gateway CAs. [SET2]
Merchant Customer 取引顧客ケアプロバ The Organisation that is involved with RFC2801
Care Provider イダ customer dispute negotiation and
resolution on behalf of the Merchant
Merge policing マージ方策 Traffic policing that takes place at data RFC2205
merge point of a shared reservation.
Merging マージ The process of taking the maximum (or RFC2205
more generally the least upper bound) of
the reservations arriving on outgoing
interfaces, and forwarding this maximum
on the incoming interface. See Section
2.2 for more information.
mesh PKI メッシュPKI (I) A non-hierarchical PKI RFC2828
architecture in which there are several
trusted CAs rather than a single
root. Each certificate user bases
path validations on the public key of
one of the trusted CAs,
usually the one that issued that
user's own public-key
certificate. Rather than having
superior-to-subordinate
relationships between CAs, the
relationships are peer-to-peer, and
CAs issue cross-certificates to each
other. (See: hierarchical
PKI, trust-file PKI.)
Message メッセージ Data which is transmitted from a sender RFC 2703
to a receiver, together with any
encapsulation which may be applied.
Where a data resource is the original
data which may be available in a number
of representations, a message contains
those representation(s) which are
actually transmitted. Negotiation
metadata is not generally considered to
be part of a message. Message data is
distinguished from other transmitted data
by the fact that its content is fully
determined before the start of
Message メッセージ In this description of the lower-layer RFC1122
protocols, a message is the unit of
transmission in a transport layer
protocol. In particular, a TCP segment is
a message. A message consists of a
transport protocol header followed by
application protocol data. To be
transmitted end-to- end through the
Internet, a message must be
encapsulated inside a datagram.
Message メッセージ This term is used by some application RFC1123
layer protocols (particularly SMTP) for an
application data unit.
message メッセージ An MTP message is a concatenation of RFC1301
the user data portions of a series of data
packets with the last packet in the series
carrying an end of message indication. A
message may contain any number of
bytes of user data, including zero.
MESSAGE メッセージ In the context of Message Handling RFC1330
Systems (MHSs), the unit of information
transferred by the Message Transfer
System (MTS). It consists of an
envelope and a content.
message メッセージ The basic unit of HTTP communication, RFC1945
consisting of a structured sequence of
octets matching the syntax defined in
Section 4 and transmitted via the
connection.
Message メッセージ The term "message", when not further RFC2045
qualified, means either a (complete or
"top-level") RFC 822 message being
transferred on a network, or a message
encapsulated in a body of type
"message/rfc822" or "message/partial".
Message メッセージ The basic unit of RTSP communication, RFC2326
consisting of astructured sequence of
octets matching the syntax defined
inSection 15 and transmitted via a
connection or aconnectionless protocol.
message メッセージ The basic unit of HTTP communication, RFC2616
consisting of a structured sequence of
octets matching the syntax defined in
section 4 and transmitted via the
connection.
Message = user メッセージ Data submitted to SCTP by the Upper RFC2960
message Layer Protocol (ULP).
Message メッセージ認証符号 A Message Authentication Code is a one- RFC2246
Authentication way hash computed from a message and
Code (MAC) some secret data. It is difficult to forge
without knowing the secret data. Its
purpose is to detect if the message has
been altered.
Message メッセージ認証符号 An integrity check mechanism based on RFC2960
Authentication cryptographic hash functions using a
Code (MAC) secret key. Typically, message
authentication codes are used between
two parties that share a secret key in
order to validate information transmitted
between these parties. In SCT
message メッセージ認証符号 1. (N) Capitalized: "(The) Message RFC2828
authentication code Authentication Code" refers to
vs. Message an ANSI standard for a checksum
Authentication that is computed with a keyed hash
Code (MAC) that is based on DES. [A9009] (Also
known as the U.S. Government
standard Data Authentication Code.
[FP113])
(C) The ANSI standard MAC
algorithm is equivalent to cipher block
chaining with IV = 0.
2. (D) Not capitalized: ISDs SHOULD
NOT use the uncapitalized form
"message authentication code",
because this term mixes concepts in
a potentially misleading way. Instead,
use "checksum", "error
detection code", "hash", "keyed
hash", "Message Authentication
Code", or "protected checksum",
depending on what is meant. (See:
authentication code.)
(C) In the uncapitalized form, the
word "message" is misleading
because it implies that the
mechanism is particularly suitable for
or limited to electronic mail (see:
Message Handling Systems), the
message digest メッセージダイジェス (D) ISDs SHOULD NOT use this RFC2828
ト term as a synonym for "hash result"
because it unnecessarily duplicates
the meaning of the other, more
general term and mixes concepts in
a potentially misleading way.
(See: cryptographic hash, Message
Handling System.)
Message Digest メッセージダイジェス Message digests are algorithmic RFC1983
(MD-2, MD-4, MD- ト operations, generally performed on text,
5) which produce a unique signature for
that text. MD-2, described in RFC 1319;
MD-4, described in RFC 1320; and MD-5,
described in RFC 1321 all produce a 128-
bit signature. They differ in their
operating speed and resistance to crypto-
analytic attack. Generally, one must be
traded off for the other.
Message Digest 5 メッセージダイジェス A one-way cryptographic hash function. RFC2636
(MD5) ト Widely deployed in Internet protocols.
Published as RFC 1321.
Message Digest 5 メッセージダイジェス A one-way cryptographic hash function. RFC2637
(MD5) ト Widely deployed in Internet protocols.
Published as RFC 1321.
MESSAGE メッセージ操作アドレ An Originator/Recipient (O/R) address RFC1330
HANDLING ス which is comprised of an Administrative
ADDRESS Management Domain (ADMD), a country
name, and a set of user attributes.
MESSAGE メッセージ操作シス The set of User Agents (UAs) plus the RFC1330
HANDLING SYSTEM テム Message Transfer System (MTS).
Message Handling メッセージ操作シス The collection of UAs and MTAs is called RFC1421
System (MHS) テム the Message Handling System (MHS).
The MHS and all of its users are
collectively referred to as the Message
Handling Environment.
Message Handling メッセージ操作シス (I) A ITU-T/ISO system concept, RFC2828
Systems テム which encompasses the notion of
electronic mail but defines more
comprehensive OSI systems and
services that enable users to
exchange messages on a store-and-
forward basis. (The ISO equivalent is
"Message Oriented Text
Interchange System".) (See: X.400.)
message indicator メッセージ表示器 (D) ISDs SHOULD NOT use this RFC2828
term as a synonym for "initialization
value" because it mixes concepts in
a potentially misleading way.
message integrity メッセージ整合確認 (D) ISDs SHOULD NOT use these RFC2828
check, message 、メッセージ整合符 terms because they mix concepts in a
integrity code 号 potentially misleading way. (The word
"message" is misleading
because it suggests that the
mechanism is particularly suitable
for or limited to electronic mail. The
word "code" is misleading
because it suggests that either
encoding or encryption is
involved, or that the term refers to
computer software.) Instead,
use "checksum", "error detection
code", "hash", "keyed hash",
"Message Authentication Code", or
"protected checksum", depending
on what is meant.
Message Security メッセージセキュリテ (N) A secure message handling RFC2828
Protocol (MSP) ィプロトコル protocol [SDNS7] for use with X.400
and Internet mail protocols.
Developed by NSA's SDNS program and
used in the U.S. Defense Message
System.
Message Stream メッセージストリーム The SNMPv2 protocol is typically based RFC1910
Modification 変更 upon a connectionless transport service
which may operate over any subnetwork
service. The re-ordering, delay or replay
of messages can and does occur through
the natural operation of many such
subnetwork services. The message
stream modification threat is the danger
that messages may be maliciously re-
ordered, delayed or replayed to an extent
which is greater than can occur through
the natural operation of a subnetwork
service, in order to effect unauthorized
management operations.
Message Stream メッセージストリーム The SNMP protocol is typically based RFC2571
Modification 変更 upon a connectionless transport service
which may operate over any subnetwork
service. The re-ordering, delay or replay
of messages can and does occur through
the natural operation of many such
subnetwork services. The message
stream modification threat is the danger
that messages may be maliciously re-
ordered, delayed or replayed to an extent
which is greater than can occur through
the natural operation of a subnetwork
service, in order to effect unauthorized
management operations.
Message メッセージ承認エー A process which conforms to this RFC2476
Submission Agent ジェント specification, which acts as a submission
(MSA) server to accept messages from MUAs,
and either delivers them or acts as an
SMTP client to relay them to an MTA.
message switching メッセージ交換 See: packet switching RFC1983
MESSAGE メッセージ転送エー The functional component that, together RFC1330
TRANSFER AGENT ジェント with the other Message Transfer Agents
(MTAs), constitutes the Message
Transfer System (MTS). The MTAs
provide message transfer service
elements by: (1) interacting with
originating User Agents (UAs) via the
submission dialogue, (2) relaying
messages to other MTAs based upon
recipient designations, and (3) interacting
with recipient UAs via the delivery
dialogue.
Message Transfer メッセージ転送エー The MTS is composed of a number of RFC1421
Agent (MTA) ジェント Message Transfer Agents (MTAs).
Operating together, the MTAs relay
messages and deliver them to the
intended recipient UAs, which then make
the messages available to the intended
recipients.
Message Transfer メッセージ転送エー A process which conforms to [SMTP- RFC2476
Agent (MTA) ジェント MTA], which acts as an SMTP server to
accept messages from an MSA or
another MTA, and either delivers them or
acts as an SMTP client to relay them to
another MTA.
MESSAGE メッセージ転送エー The Message Transfer Agent Entity RFC1330
TRANSFER AGENT ジェント実体 (MTAE) is an entity, located in an MTA,
ENTITY that is responsible for controlling the
Message Transfer Layer (MTL). It
controls the operation of the protocol to
other peer entities in the MTL.
MESSAGE メッセージ転送層 The Message Transfer Layer (MTL) is a RFC1330
TRANSFER LAYER layer in the Application layer that
provides Message Transfer System
(MTS) service elements. These services
are provided by means of the services of
the layer below plus the functionality of
the entities in the layer, namely the
Message Transfer Agent Entities
(MTAEs) and the Submission and
MESSAGE メッセージ転送プロト The Message Transfer Protocol (P1) is RFC1330
TRANSFER コル the protocol which defines the relaying of
PROTOCOL messages between Message Transfer
Agents (MTAs) and other interactions
necessary to provide Message Transfer
layer (MTL) services.
MESSAGE メッセージ転送サー The Message Transfer Service is the set RFC1330
TRANSFER ビス of optional service elements provided by
SERVICE the Message Transfer System (MTS).
MESSAGE メッセージ転送シス The Message Transfer System (MTS) is RFC1330
TRANSFER テム the collection of Message Transfer
SYSTEM Agents (MTAs), which provide the
Message Transfer Service elements.
Message Transfer メッセージ転送シス The MTS delivers to one or more RFC1421
System (MTS) テム recipient UAs the messages submitted to
it.
message unit メッセージ単位 In SNA, the unit of data processed by RFC2043
any layer; for example, a basic
information unit (BIU), a path information
unit (PIU), or a request/response unit
Message User メッセージ利用者エ A process which acts (usually on behalf RFC2476
Agent (MUA) ージェント of a user) to compose and submit new
messages, and process delivered
messages. In the split-MUA model, POP
or IMAP is used to access delivered
messages.
metadata メタデータ Information describing an attribute, its RFC2244
value and any access controls associated
with that attribute. See section 3.1.2.
Meter メータ a device that performs metering. RFC2475
METER READERS メータ読取器 which read data from meters and store it RFC2123
for later use,
Metering メータリング the process of measuring the RFC2475
temporalproperties (e.g., rate) of a traffic
streamselected by a classifier.
Theinstantaneous state of this process
may beused to affect the operation of a
marker,shaper, or dropper, and/or may be
used foraccounting and measurement
purposes.
METERS メータ which are attached to the network at the RFC2123
points where it is desired to measure the
traffic,
Metropolitan Area メトロポリタンエリア A data network intended to serve an area RFC1983
Network (MAN) 網 approximating that of a large city. Such
networks are being implemented by
innovative techniques, such as running
fiber cables through subway tunnels. A
popular example of a MAN is SMDS. See
also: Local Area Network, Switched
Multimegabit Data Service, Wide Area
Network. [Source: NNSC]
MF MF The More-Fragments Flag carried in the RFC791
internet header flags field.
MF Classifier MF分類器 a multi-field (MF) classifier which selects RFC2475
packets based on the content of some
arbitrary number of header fields;
typically some combination of source
address, destination address, DS field,
protocol ID, source port and destination
MH Service MHサービス要素 MH Service elements define the set of RFC1421
elements message types and the capabilities that
enable an originator to transfer messages
of those types to one or more recipients.
MHS MHS Message Handling System. The system of RFC1208
message user agents, message transfer
agents, message stores, and access units
which together provide OSI electronic
mail. MHS is specified in the CCITT
X.400 series of Recommendations.
MHS MHS See MESSAGE HANDLING SYSTEM. RFC1330
MHS MHS See: message handling system. RFC2828
MHS community MHSコミュニティ One or more MHS domains form an MHS RFC1465
community. Mail exchange between
these MHS domains is defined by the
coordination procedures within this
document. Examples of such
communities are the Global Open MHS
service GO-MHS and the COSINE-MHS
service.
MHS domain MHSドメイン One or more MHS subtrees form an MHS RFC1465
domain. This is a purely administrative
grouping of MHS subtrees. It is helpful, if
someone is responsible for several MHS
subtrees, to refer to an MHS domain
instead of listing all the subtrees.
MHS subtree MHS部分木 An MHS subtree consists of the total of RFC1465
the mailboxes addressable within a
subtree of the X.400 OR address space.
Example: O=SWITCH; P=SWITCH;
A=ARCOM; C=CH; MHS domain of
SWITCH in Switzerland, consisting of all
mailboxes with O=SWITCH; P=SWITCH;
A=ARCOM; C=CH; in the OR address.
MIB MIB Management Information Base. A RFC1208
collection of objects that can be
accessed via a network management
protocol. See SMI.
MIB MIB Management Information Base - the RFC1759
specification for a set of management
objects to be managed using SNMP or
other management protocol; also an
instance of the data for such a set
MIB MIB See: Management Information Base RFC1983
MIC MIC Message Integrity Codes, codes use to RFC2557
verify that a message has not been
modified.
Microcom MNP A series of protocols built into most RFC1983
Networking modems which error-check or compress
Protocol (MNP) data being transmitted over a phone line.
Microflow マイクロフロー a single instance of an application-to- RFC2474
application flow ofpackets which is
identified by source address, destination
address,protocol id, and source port,
destination port (where applicable).
Microflow マイクロフロー a single instance of an application-to- RFC2475
application flow of packets which
isidentified by source address, source
port,destination address, destination port
andprotocol id.
mid-level network 中位ネットワーク Mid-level networks (a.k.a. regionals) make RFC1983
up the second level of the Internet
hierarchy. They are the transit networks
which connect the stub networks to the
backbone networks. See also: backbone,
Internet, stub network, transit network.
MILNET MILNET MILitary NETwork. Originally part of the RFC1208
ARPANET, MILNET was partitioned in
1984 to make it possible for military
installations to have reliable network
service, while the ARPANET continued
to be used for research. See DDN.
MIME MIME See: Multipurpose Internet Mail RFC1983
MIME MIME See the MIME specifications [MIME1 to RFC2557
MIME5].
MIME MIME see Multipurpose Internet Mail Extensions RFC2651
MIME MIME See: Multipurpose Internet Mail RFC2828
Extensions.
MIME Object MIMEオブジェクトセ (I) An Internet protocol [R1848] that RFC2828
Security Services キュリティサービス applies end-to-end
(MOSS) encryption and digital signature to
MIME message content, using
symmetric cryptography for
encryption and asymmetric cryptography
for key distribution and signature.
MOSS is based on features and
specifications of PEM. (See:
Min/Max Multicast 最大・最小マルチキ The difference between the maximum RFC2432
Latency (Min/Max ャストラテンシ latency measurement and the minimum
ML) latency measurement from the set of
latencies produced by the Multicast
Latency benchmark.
Minimum 最小PKI相互運用仕 (N) A technical description to RFC2828
Interoperability 様 provide a basis for interoperation
Specification for between PKI components from
PKI Components different vendors; consists primarily
(MISPC) of a profile of certificate and CRL
extensions and a set of
transactions for PKI operation.
[MISPC]
Mini-slot ミニスロット See [16]. In general, an interval of time RFC2670
which is allocated by the CMTS to a
given CM for that CM to transmit in an
upstream direction.
MISPC MISPC See: Minimum Interoperability RFC2828
Specification for PKI Components.
MISSI MISSI (N) Multilevel Information System RFC2828
Security Initiative, an NSA
program to encourage development
of interoperable, modular
products for constructing secure
network information systems in
support of a wide variety of
Government missions. (See: MSP.)
MISSI user MISSI利用者 (O) MISSI usage: A system entity RFC2828
that is the subject of one or
more MISSI X.509 public-key
certificates issued under a MISSI
certification hierarchy. (See:
personality.)
(C) MISSI users include both end
users and the authorities that
issue certificates. A MISSI user is
usually a person but may be a
machine or other automated
process. Some machines are required to
operate non-stop. To avoid
downtime needed to exchange the
FORTEZZA cards of machine
operators at shift changes, the machines
may be issued their own cards, as if
they were persons.
Mixed Class 混合クラススルプット The maximum rate at which none of the RFC2432
Throughput (MCT) offered frames, comprised from a unicast
Class and a multicast Class, to be
forwarded are dropped by the device
across a fixed number of ports.
Mixer ミキサ An intermediate system that receives RFC1889
RTP packets from one or more sources,
possibly changes the data format,
combines the packets in some manner
and then forwards a new RTP packet.
Since the timing among multiple input
sources will not generally be
synchronized, the mixer will make timing
adjustments among the streams and
generate its own timing for the combined
stream. Thus, all data packets originating
from a mixer will be identified as having
the mixer as their synchronization source.
MNP MNP See: Microcom Networking Protocol RFC1983
Mobile Identification モバイル識別番号 The 10-digit number that represents a RFC2636
Number (MIN) mobile station's directory number.
Mobile Identification モバイル識別番号 The 10-digit number that represents a RFC2637
Number (MIN) mobile station's directory number.
Mobile Node モバイルノード A host or router that changes its point of RFC2002
attachment from one network or
subnetwork to another. A mobile node
may change its location without changing
its IP address; it may continue to
communicate with other Internet nodes
at any location using its (constant) IP
address, assuming link-layer connectivity
to a point of attachment is available.
Mobile Node モバイルノード A host or router that changes its point- RFC2290
of-attachment from one link to another.
A mobile node may change its location
without changing its IP address; it may
continue to communicate with other
Internet nodes at any location using its
(permanent) home, IP address, assuming
link-layer connectivity is available at its
current location.
Mobile Node (MN) モバイルノード A host that wishes to use a Home RFC2107
Network address while physically
connected by a point-to-point link
(phone line, ISDN, etc.) to a NAS that
does not reside on the Home Network.
Also referred to as the client.
Mobile Node (MN) モバイルノード Its permanent address falls within the RFC2356
range of the privatenetwork. The user
removes the system from its home
network,and connects it to the Internet
at another point. Themechanisms
outlined in this discussion render this
mobilitytransparent: the mobile node
continues accessing its homenetwork
and its resources exactly as if it were
still withinit. Notice that when the mobile
node leaves its homenetwork, it may
migrate both within and outside of
theprivate network's boundaries. As
defined by Mobile IP [1], amobile node
uses a care-of address while roaming.
Mobile Station (MS) モバイルステーショ A station, fixed or mobile, which serves RFC2636
ン as the end user's wireless
communications link with the base
station. Mobile stations include portable
units (e.g., hand-held personal units) and
units installed in vehicles.
Mobile Station (MS) モバイルステーショ A station, fixed or mobile, which serves RFC2637
ン as the end user's wireless
communications link with the base
station. Mobile stations include portable
units (e.g., hand-held personal units) and
units installed in vehicles.
Mobile Switching モバイル交換センタ A configuration of equipment that RFC2636
Center (MSC) provides cellular radiotelephone service.
Mobile Switching モバイル交換センタ A configuration of equipment that RFC2637
Center (MSC) provides cellular radiotelephone service.
Mobile Terminal モバイル端末認定シ A control system that provides the RFC2636
Authorizing System ステム capability to load the CDMA network
(MTAS) HLR with mobile station profile
Mobile Terminal モバイル端末認定シ A control system that provides the RFC2637
Authorizing System ステム capability to load the CDMA network
(MTAS) HLR with mobile station profile
Mobility Agent モビリティエージェン Either a home agent or a foreign agent. RFC2002
Mobility Binding モビリティ束縛 The association of a home address with RFC2002
a care-of address, along with the
remaining lifetime of that association.
Mobility Binding モビリティ束縛 The association of a Home Address with RFC2107
a Foreign Agent IP address and a Tunnel
ID.
Mobility Security モビリティセキュリテ A collection of security contexts, RFC2002
Association ィ連携 between a pair of nodes, which may be
applied to Mobile IP protocol messages
exchanged between them. Each context
indicates an authentication algorithm and
mode (Section 5.1), a secret (a shared
key, or appropriate public/private key
pair), and a style of replay protection in
use (Section 5.6).
mode モード The mode in which data is to be RFC959
transferred via the data connection. The
mode defines the data format during
transfer including EOR and EOF. The
transfer modes defined in FTP are
described in the Section on Transmission
Modes.
mode, mode of モード、操作モード (I) Encryption usage: A technique for RFC2828
operation enhancing the effect of a
cryptographic algorithm or adapting
the algorithm for an
application, such as applying a block
cipher to a sequence of data
blocks or a data stream. (See:
electronic codebook, cipher block
chaining, cipher feedback, output
feedback.)
(I) System operation usage: A type
of security policy that states
the range of classification levels of
information that a system is
permitted to handle and the range of
clearances and authorizations
of users who are permitted to
access the system. (See: dedicated
security mode, multilevel security
mode, partitioned security
mode, system high security mode.)
moderator 調整者 A person, or small group of people, who RFC1983
manage moderated mailing lists and
newsgroups. Moderators are responsible
for determining which email submissions
are passed on to list. See also:
Electronic Mail, mailing list, Usenet.
Modification of 情報修正 The modification threat is the danger RFC1910
Information that some unauthorized entity may alter
in-transit SNMPv2 messages generated
on behalf of an authorized user in such a
way as to effect unauthorized
management operations, including
falsifying the value of an object.
Modification of 情報修正 The modification threat is the danger RFC2571
Information that some unauthorized entity may alter
in-transit SNMP messages generated on
behalf of an authorized principal in such
a way as to effect unauthorized
management operations, including
falsifying the value of an object.
module モジュール An implementation, usually in software, of RFC791
a protocol or other procedure.
module モジュール An implementation, usually in software, of RFC793
a protocol or other procedure.
modulus 率 Integer constructed as the product of RFC2313
two primes.
modulus 率 (I) The defining constant in modular RFC2828
arithmetic, and usually a
part of the public key in asymmetric
cryptography that is based on
modular arithmetic. (See: Diffie-
Hellman, Rivest-Shamir-Adleman.)
Monitor モニタ An application that receives RTCP RFC1889
packets sent by participants in an RTP
session, in particular the reception
reports, and estimates the current
quality of service for distribution
monitoring, fault diagnosis and long-term
statistics. The monitor function is likely
to be built into the application(s)
participating in the session, but may also
be a separate application that does not
otherwise participate and does not send
or receive the RTP data packets. These
are called third party monitors.
monomedia 単一メディア Said of data which is all of the same RFC1614
(adjective) media type.
more-fragments flag モアフラグメントフラ A flag indicating whether or not this RFC791
グ internet datagram contains the end of an
internet datagram, carried in the internet
header Flags field.
Morris Worm モリスワーム (I) A worm program written by RFC2828
Robert T. Morris, Jr. that flooded
the ARPANET in November, 1988,
causing problems for thousands of
hosts. (See: worm.)
MOSPF MOSPF Multicast Open Shortest-Path First. See: RFC1983
Open Shortest-Path First.
MOSS MOSS See: MIME Object Security Services. RFC2828
MSB MSB Most Significant Bit RFC2351
MSL MSL Maximum Segment Lifetime, the time a RFC793
TCP segment can exist in the
internetwork system. Arbitrarily defined
to be 2 minutes.
MSP MSP See: Message Security Protocol. RFC2828
MTA MTA Message Transfer Agent. An OSI RFC1208
application process used to store and
forward messages in the X.400 Message
Handling System. Equivalent to Internet
mail agent.
MTA MTA See MESSAGE TRANSFER AGENT. RFC1330
MTAE MTAE See MESSAGE TRANSFER AGENT RFC1330
ENTITY.
MTL MTL See MESSAGE TRANSFER LAYER. RFC1330
MTS MTS See MESSAGE TRANSFER SYSTEM. RFC1330
MTU MTU The maximum transmission unit, i.e., the RFC1122
size of the largest packet that can be
transmitted.
MTU MTU Maximum Transmission Unit. The largest RFC1208
possible unit of data that can be sent on
a given physical medium. Example: The
MTU of Ethernet is 1500 bytes. See
fragmentation.
MTU MTU See: Maximum Transmission Unit RFC1983
MTU MTU Maximum Transmission Unit. RFC2205
MTU (Maximum MUT(最大伝送単位) The size of the largest packet that can RFC1812
Transmission Unit) be transmitted or received through a
logical interface. This size includes the
IP header but does not include the size
of any Link Layer headers or framing.
MTU-mismatch MTU不整合挙動 The network MTU (Maximum RFC1242
behavior Transmission Unit) of the output network
is smaller than the MTU of the input
network, this results in fragmentation.
MUA MUA Messaging User Agent. RFC2557
MUD MUD See: Multi-User Dungeon RFC1983
multicas a link that supports a native mechanism RFC2461
at the link layer for sending packets to all
(i.e., broadcast) or a subset of all
neighbors.
multicast 複数配信 A special form of broadcast where copies RFC1208
of the packet are delivered to only a
subset of all possible destinations. See
broadcast.
multicast 複数配信 unless otherwise qualified, means the use RFC1256
of either IP multicast [4] or IP broadcast
[6] service.
multicast 複数配信 Data transmission to one or more RFC1768
destinations in a selected group in a
single service invocation.
Multicast 複数配信 A packet that is destined for multiple RFC1812
hosts. See broadcast.
multicast 複数配信 A packet with a special destination RFC1983
address which multiple nodes on the
network may be willing to receive. See
also: broadcast, unicast.
Multicast 複数配信 An identifier for a set of interfaces RFC2373
(typicallybelonging to different nodes). A
packet sent to amulticast address is
delivered to all interfacesidentified by
that address.
Multicast 複数配信 IP Multicast, as defined for IPv4 in RFC2909
[RFC1112] and for IPv6 in [RFC2460].
Multicast Address 複数配信アドレス A special type of address that is RFC1812
recognizable by multiple hosts. A
Multicast Address is sometimes known
as a Functional Address or a Group
multicast address 複数配信アドレス an identifier for a set of interfaces RFC1971
(typically belonging to different nodes). A
packet sent to a multicast address is
delivered to all interfaces identified by
that address.
multicast address 複数配信アドレス an identifier for a set of interfaces RFC2462
(typically belonging to different nodes). A
packet sent to a multicast address is
delivered to all interfaces identified by
that address.
Multicast Address 複数配信アドレス An IP multicast address or group RFC2909
address, as defined in [RFC1112] and
[RFC2373]. An identifier for a group of
Multicast Address 複数配信アドレス解 A server that distributes multicast group RFC2417
Resolution Server 決サーバ membership information toendpoints.
(MARS)
multicast capable 複数配信支援中位 An Intermediate System which RFC1768
Intermediate System システム incorporates the multicast features of
the Network layer.
Multicast Capable 複数配信支援サブ A multicast capable subnet supports a RFC1932
Subnet ネット facility to send a packet which reaches a
subset of the destinations on the subnet.
Multicast setup may be sender initiated,
or leaf initiated. ATM UNI 3.0 [4] and
UNI 3.1 support only sender initiated
while IP supports leaf initiated join. UNI
4.0 will support leaf initiated join.
Multicast destination 複数配信宛先 A multicast IP address indicating all RFC2386
hostsand routers that are members of
the corresponding group.
Multicast Group 複数配信グループ A group of endpoints that communicate RFC2417
with each other such thatpackets sent
from one endpoint are received by all
other members ofthe multicast group.
Multicast Group 複数配信グループ The maximum number of multicast RFC2432
Capacity (MGC) groups a SUT/DUT can support while
maintaining the ability to forward
multicast frames to all multicast groups
registered to that SUT/DUT.
multicast interface 複数配信インタフェ an interface to a multicast link, that is, RFC1256
ース an interface to a link over which IP
multicast or IP broadcast service is
Multicast Latency 複数配信潜在性 The set of individual latencies from a RFC2432
(ML) single input port on the DUT or SUT to
all tested ports belonging to the
destination multicast group.
multicast link 複数配信リンク a link over which IP multicast or IP RFC1256
broadcast service is supported. This
includes broadcast media such as LANs
and satellite channels, single point-to-
point links, and some store-and-forward
networks such as SMDS networks [8].
Multicast path (or 複数配信パス(また A subtree of the network topologyin RFC2386
Multicast Tree) は複数配信ツリー) which all the leaves and zero or more
interior nodes are membersof the same
multicast group. A multicast path may be
per-source, inwhich case the subtree is
rooted at the source.
Multicast Server 複数配信サーバ A server that sets up ATM Virtual RFC2417
(MCS) Channels (VCs) between endpoints ina
multicast group and to which the
endpoints forward data traffic
fortransmission on their behalf.
MULTICASTING 複数配信 Multicasting is a mode of interaction RFC1330
which may optionally be used by a
Directory System Agent (DSA) which
cannot perform an operation itself. The
DSA multicasts the operation (i.e. it
invokes the operation of several other
DSAs (in series or in parallel) and passes
an appropriate outcome to the original
requestor).
Multi-destination 複数宛先アドレス as defined in ISO 8802 RFC1142
address
Multihomed 複数ホーム化 A host is said to be multihomed if it has RFC1122
multiple IP addresses. For a discussion
of multihoming.
Multihomed 複数ホーム化 A host is said to be multihomed if it has RFC1123
multiple IP addresses to connected
networks.
multihomed host 複数ホーム化ホスト A host which has more than one RFC1983
connection to a network. The host may
send and receive data over any of the
links but will not route traffic for other
nodes. See also: host, router. [Source:
MALAMUD]
multi-homed host 複数ホーム化ホスト A computer connected to more than one RFC1208
physical data link. The data links may or
may not be attached to the same
multilevel secure 多階層安全性 (I) A class of system that has RFC2828
(MLS) system resources (particularly
stored information) at more than one
security level (i.e., has
different types of sensitive
resources) and that permits
concurrent access by users who
differ in security clearance and
need-to-know, but is able to prevent
each user from accessing
resources for which the user lacks
authorization.
multilevel security 多階層セキュリティ (I) A mode of operation of an RFC2828
mode information system, that allows two
or more classification levels of
information to be processed
concurrently within the same system
when not all users have a
clearance or formal access
authorization for all data handled by
the system.
(C) This mode is defined formally in
U.S. Department of Defense
policy regarding system
accreditation [DOD2], but the term is also
used outside the Defense
Department and outside the Government.
multimedia マルチメディアの Said of data which contains different RFC1614
(adjective) media types. This definition is stricter
than general usage, where "multimedia"
is often used as a generic term for non-
textual data, and where it may even be
used as a noun.
Multipoint Control 多点制御ユニット An entity that controls the setup and RFC2885
Unit (MCU) coordination of a multi-user conference
that typically includes processing of
audio, video and data.
multipoint link 多点リンク A link that connects the single primary RFC1747
link station to several secondary link
stations. A multipoint link may be either
switched or leased. Note: The physical
interface signals for a multipoint link are
different than for a point-to-point link.
Synonymous with multidrop line.
Multipurpose 多目的インターネット A set of rules for encoding Internet Mail RFC2651
Internet Mail メール拡張法 messages that gives them richer
Extensions structure. CIP uses MIME rules to
simplify object encoding issues. MIME is
specified in RFC-1521 and RFC-1522.
Multipurpose 多目的インターネット An extension to Internet email which RFC1983
Internet Mail メール拡張法 provides the ability to transfer non-
Extensions (MIME) textual data, such as graphics, audio and
fax. See also: Electronic Mail
Multipurpose 多目的インターネット (I) An Internet protocol [R2045] that RFC2828
Internet Mail メール拡張法 enhances the basic format of
Extensions (MIME) Internet electronic mail messages
[R0822] to be able to use
character sets other than US-ASCII
for textual headers and text
content, and to carry non-textual
and multi-part content. (See:
S/MIME.)
Multi-User Dungeon MUD Adventure, role playing games, or RFC1983
(MUD) simulations played on the Internet.
Devotees call them "text-based virtual
reality adventures." The games can
feature fantasy combat, booby traps and
magic. Players interact in real time and
can change the "world" in the game as
they play it. Most MUDs are based on
the Telnet protocol. See also: Telnet.
[Source: LAQUEY]
mutual suspicion 相互不確実 (I) The state that exists between RFC2828
two interacting system entities
in which neither entity can trust the
other to function correctly
with regard to some security
requirement.
MX Record MX記録 See: Mail Exchange Record RFC1983
NAK NAK See: Negative Acknowledgment RFC1983
NAME 名前 A name is a construct that singles out a RFC1330
particular object from all other objects.
A name must be unambiguous (i.e. denote
just one object); however, it need not be
unique (i.e. be the only name which
unambiguously denotes the object).
name 名前 an identifier such as a person's name, a RFC2277
hostname, a domainname, a filename or
an E-mail address; it is often treated as
an identifier rather than as a piece of
text, and is often used in protocols as an
identifier for entities, without surrounding
text.
Name 名前 A type that uniquely identifies or RFC2314
"distinguishes" objects in aX.500
directory. This type is defined in X.501.
In an X.509certificate, the type identifies
the certificate issuer and theentity
whose public key is certified.
Name 名前 A type that uniquely identifies or RFC2315
"distinguishes" objects inan X.500
directory. This type is defined in X.501. In
an X.509certificate, the type identifies
the certificate issuer and theentity
whose public key is certified.
Name 名前 A type that uniquely identifies or RFC2986
"distinguishes" objects in an X.500 [7]
directory. This type is defined in X.501.
In an X.509 certificate, the type identifies
the certificate issuer and the certificate
subject, the entity whose public key is
certifie
name resolution 名前解決 The process of mapping a name into the RFC1208
corresponding address. See DNS.
name resolution 名前解決 The process of mapping a name into its RFC1983
corresponding address. See also: Domain
Name System. [Source: RFC1208]
Name servers 名前サーバ Programs that hold information about a RFC2828
subset of the tree's structure and data
holdings, and also hold pointers to
other name servers that can provide
information from any part of the tree.
namespace 名前空間 A commonly distributed set of names in RFC1983
which all names are unique. [Source:
MALAMUD]
Naming Authority 命名権限 The agency or group which catalogues RFC2165
given Service Types and Attributes. The
default Naming Authority is IANA, the
Internet Assigned Numbers Authority.
Naming Authority 命名権限 The agency or group which catalogues RFC2608
given Service Types and Attributes. The
default Naming Authority is IANA.
Naming Authority 命名権限(NA) This is a 'suffix' to the service type RFC2614
(NA) string. It completely changes the meaning
of the service type. NAs are used for
private definitions of well known Service
Types and experimental Service Type
extensions. The default NA is "IANA",
which must not be explicitly included.
Service types with the IANA naming
authority are registered with the Internet
Assigned Numbers Authority (see [8] for
more information on the registration
procedure).
NAS NAS Network Access Server RFC2881
National Computer 米国計算機保全セ (N) A U.S. Department of Defense RFC2828
Security Center ンタ organization, housed in NSA, that
(NCSC) has responsibility for encouraging
widespread availability of
trusted computer systems
throughout the Federal Government. It
has
established criteria for, and performs
evaluations of, computer
and network systems that have a
trusted computing base. (See:
Evaluated Products List, Rainbow
National Information 米国情報保証協会( (N) An organization created by NIST RFC2828
Assurance NIAP) and NSA to enhance the quality
Partnership (NIAP) of commercial products for
information security and increase
consumer confidence in those
products through objective evaluation
and testing methods.
(C) NIAP is registered, through the
U.S. Department of Defense, as
a National Performance Review
Reinvention Laboratory. NIAP
functions include the following:
- Developing tests, test methods,
and other tools that developers
and testing laboratories may use
to improve and evaluate
security products.
- Collaborating with industry and
others on research and testing
programs.
- Using the Common Criteria to
develop protection profiles and
associated test sets for security
products and systems.
- Cooperating with the NIST
National Voluntary Laboratory
Accreditation Program to develop
a program to accredit private-
National Institute of 米国標準化技術協 States governmental the that
United sector laboratories forbody testing RFC1983
Standards and 会 provides assistance in developing
Technology (NIST) standards. Formerly the National Bureau
of Standards. [Source: MALAMUD]
National Institute of 米国標準化技術協 (N) A U.S. Department of Commerce RFC2828
Standards and 会 agency that promotes U.S.
Technology (NIST) economic growth by working with
industry to develop and apply
technology, measurements, and
standards. Has primary Government
responsibility for INFOSEC
standards for unclassified but
sensitive information. (See: ANSI,
DES, DSA, DSS, FIPS, NIAP,
NSA.)
National Research 米国研究教育ネット The NREN is the realization of an RFC1983
and Education ワーク(NREN) interconnected gigabit computer network
Network (NREN) devoted to Hign Performance Computing
and Communications. See also: HPPC,
IINREN. [Source: HPCC]
National Science 米国科学財団(NSF A U.S. government agency whose RFC1983
Foundation (NSF) ) purpose is to promote the advancement
of science. NSF funds science
researchers, scientific projects, and
infrastructure to improve the quality of
scientific research. The NSFNET, funded
by NSF, was once an essential part of
academic and research communications.
It was a highspeed, hierarchical "network
of networks." At the highest level, it had
a backbone network of nodes,
interconnected with T3 (45Mbps)
facilities which spaned the continental
United States. Attached to that were
mid-level networks, and attached to the
mid-levels were campus and local
networks. See also: backbone network,
mid- level network.
National Security 国家安全保障機関( (N) A U.S. Department of Defense RFC2828
Agency (NSA) NSA) intelligence agency that has
primary Government responsibility
for INFOSEC for classified
information and for unclassified but
sensitive information handled
by national security systems. (See:
FORTEZZA, KEA, MISSI, NIAP,
NIST, SKIPJACK.)
NAT-PT flavors NAT-PTフレーバ Just as there are various flavors RFC2766
identified with V4 NAT in [NAT- TERM],
the following NAT-PT variations may be
identified in this document.
need-to-know 要認知 (I) The necessity for access to, RFC2828
knowledge of, or possession of
specific information required to carry
out official duties.
(C) This criterion is used in security
procedures that require a
custodian of sensitive information,
prior to disclosing the
information to someone else, to
establish that the intended
recipient has proper authorization to
access the information.
Negative NAK Response to the receipt of either a RFC1983
Acknowledgment corrupted or unnexpected packet of
(NAK) information. See also: Acknowledgement.
Negative caching ネガティブキャッシン the storage of knowledge that something RFC2308
グ does notexist. We can store the
knowledge that a record has a
particularvalue. We can also do the
reverse, that is, to store the
knowledgethat a record does not exist.
It is the storage of knowledge
thatsomething does not exist, cannot or
does not give an answer that wecall
negative caching.
Negotiable resource 折衝可能な資源 A data resource which has multiple RFC 2703
representations (variants) associated
with it. Selection of an appropriate
variant for transmission in a message is
accomplished by content negotiation
between the sender and recipient.
Negotiated content 折衝されたコンテン Message content which has been RFC 2703
ツ selected by content negotiation.
Negotiation 折衝 (See: content negotiation) RFC 2703
Negotiation 折衝メタデータ Information which is exchanged between RFC 2703
metadata the sender and receiver of a message by
content negotiation in order to determine
the variant which should be transferred.
neighboring 隣接の having an IP address belonging to the RFC1256
same subnet.
Neighboring 隣接スイッチ Two switches attached to a common link. RFC2642
Neighboring 隣接スイッチ Two switches attached to a common RFC2643
switches (network) link.
neighboring variant 隣接バリアント A variant resource is called a neighboring RFC2295
variant resource of some transparently
negotiable HTTP resource if the variant
resource has a HTTP URL, and if the
absolute URL of the variant resource up
to its last slash equals the absolute URL
of the negotiable resource up to its last
slash, where equality is determined with
the URI comparison rules in section 3.2.3
of [1]. The property of being a
neighboring variant is important because
of security considerations (section 14.2).
Not all variants of a negotiable resource
need to be neighboring variants.
However, access to neighboring variants
can be more highly optimized by the use
of remote variant selection algorithms
(section 7) and choice responses
(section 10.2).
neighbors 隣接ノード nodes attached to the same link. RFC2185
neighbors 隣接ノード nodes attached to the same link. RFC2461
Neighbour 隣接系 An adjacent system reachable by RFC1142
traversal of a single subnetwork by a
A particular representation (variant) of a
Neighbouring variant 隣接バリアント RFC 2703
variant resource which can safely be
assumed to be subject to the same
access controls as the variant resource
itself. Not all variants of a given variant
resource are necessarily neighbouring
variants. The fact that a particular
variant is or is not a neighbouring variant
has implications for security
considerations when determining whether
that variant can be sent to a receiver in
place of the corresponding variant
resource. It may also have implications
when determining whether or not a
sender is authorized to transmit a
nested 入れ子カプセル化 encapsulation of an encapsulated packet. RFC2473
nested tunnel 入れ子トンネルヘッ the tunnel header of a nested tunnel RFC2473
header ダ packet.
nested tunnel 入れ子トンネルパケ a tunnel packet that has as payload a RFC2473
packet ット tunnel packet.
NetBIOS ネットバイオス Network Basic Input Output System. RFC1208
The standard interface to networks on
IBM PC and compatible systems.
netfind ネットファインド A research prototype to provide a simple RFC1983
Internet "white pages" user directory.
Developed at the University of Colorado,
Boulder, it tries to locate telephone and
email information given a person's name
and a rough description of where the
person works. See also: Knowbot, whois,
white pages, X.500. [Source: Ryan Moats]
netiquette ネチケット A pun on "etiquette" referring to proper RFC1983
behavior on a network. RFC 1855 (FYI
28) contains a netiquette guide produced
by the User Services area of the IETF.
See also: Acceptable Use Policy, Internet
Engineering Task Force.
Netnews ネットニュース See: Usenet RFC1983
network ネットワーク A computer network is a data RFC1983
communications system which
interconnects computer systems at
various different sites. A network may
be composed of any combination of
LANs, MANs or WANs. See also: Local
Area Network, Metropolitan Area
Network, Wide Area Network, internet.
Network ネットワーク A connected group of computers RFC2664
network ネットワーク See: computer network. RFC2828
Network ネットワーク A single Internet network (which may or RFC950
may not be divided into subnets).
Network Access ネットワークアクセス In order to provide for the routing of RFC2477
Identifier 識別子 authentication and accounting packets,
user name MAY contain structure. This
structure provides a means by which the
authentication or accounting proxies will
locate the authentication
Network Access ネットワークアクセス The Network Access Identifier (NAI) is RFC2486
Identifier 識別子 the userID submitted by the client during
PPP authentication. In roaming, the
purpose of the NAI is to identify the user
as well as to assist in the routing of the
authentication request. Please note that
the NAI may not necessarily be the same
as the user's e-mail address or the
userID submitted in an application layer
authentication.
Network Access ネットワークアクセス In order to provide for the routing of RFC2607
Identifier 識別子 RADIUS authentication and accounting
requests, the userID field used in PPP
(known as the Network Access Identifier
or NAI) and in the subsequent RADIUS
authentication and accounting requests,
can contain structure. This structure
provides a means by which the RADIUS
proxy will locate the RADIUS server that
is to receive the request. The NAI is
defined in [6].
Network Access ネットワークアクセス The Network Access Server (NAS) is the RFC2477
Server サーバ device that clients dial in order to get
access to the network.
Network Access ネットワークアクセス The Network Access Server (NAS) is the RFC2486
Server サーバ device that clients dial in order to get
access to the network. In PPTP
terminology this is referred to as the
PPTP Access Concentrator (PAC), and
in L2TP terminology, it is referred to as
the L2TP Access Concentrator (LAC).
Network Access ネットワークアクセス The Network Access Server (NAS) is the RFC2607
Server サーバ device that clients contact in order to
get access to the network.
Network Access ネットワークアクセス The Network Access Server (NAS) is the RFC2809
Server サーバ device that clients
contact in order to get access
to the network. In L2TP
terminology, a NAS performing
compulsory tunneling is
referred to as the L2TP
Access Concentrator (LAC).
Network Access ネットワークアクセス A device providing temporary, on- RFC2107
Server (NAS) サーバ(NAS) demand, network access to users. This
access is point-to-point using phone or
Network Access ネットワークアクセス A device providing local network access RFC2661
Server (NAS) サーバ(NAS) to users across a remote access network
such as the PSTN. An NAS may also
serve as an LAC, LNS or both.
Network Address ネットワークアドレス See Internet address or OSI Network RFC1208
Address.
network address ネットワークアドレス The network portion of an IP address. RFC1983
For a class A network, the network
address is the first byte of the IP
address. For a class B network, the
network address is the first two bytes of
the IP address. For a class C network,
the network address is the first three
bytes of the IP address. In each case,
the remainder is the host address. In the
Internet, assigned network addresses are
globally unique. See also: Internet, IP
address, subnet address, host address,
Internet Registry.
Network Address ネットワークアドレス A 4-bit field specified in RFC2625
Authority 権限 Network_Headers that distinguishes
between various name registration
authorities that may be used to identify
the WW_PN and the WW_NN. NAA=b'0001'
indicates IEEE-48-bit MAC addresses
Network address ネットワークアドレス A method of mapping one or more RFC2647
translation 変換 private, reserved IP addresses to one or
more public IP addresses.
Network Address ネットワークアドレス The term NAT in this document is very RFC2766
Translation (NAT) 変換 similar to the IPv4 NAT described in
[NAT-TERM], but is not identical. IPv4
NAT translates one IPv4 address into
another IPv4 address. In this document,
NAT refers to translation of an IPv4
address into an IPv6 address and vice
versa. While the V4 NAT [NAT-TERM]
provides routing between private V4 and
external V4 address realms, NAT in this
document provides routing between a V6
address realm and an external V4
address realm.
Network Byte Order ネットワークバイト順 Most significant byte first, a.k.a., Big RFC2960
序 Endian.
Network Element ネットワーク要素 A "Network Element" (or the equivalent RFC2216
shorter form "Element"), is any
component of an internetwork which
directly handles data packets and thus is
potentially capable of exercising QoS
control over data flowing through it.
Network elements include routers,
subnetworks, and end-node operating
systems. A QoS-capable network
element is one which offers one or more
of the services defined according to the
rules given in this document. Note that
this definition, by itself, preclude QoS-
capable network elements that meet
performance goals purely through
adequate provisioning rather than active
admission and traffic control
mechanisms. A "QoS-aware" network
element is one which supports the
interfaces (described below) required by
the service definitions. Thus, a QoS-
aware network element need not actually
offer any of the services defined
according to the format of this
document; it merely needs to know how
Network Element or ネットワーク要素ま Routers, switches, hubs are examples of RFC2753
Node たはノード network nodes. They are the entities
where resource allocation decisions have
to be made and the decisions have to be
enforced. A RSVP router which allocates
part of a link capacity (or buffers) to a
particular flow and ensures that only the
admitted flows have access to their
reserved resources is an example of a
network element of interest in our
context. In this document, we use the
terms router, network element, and
network node interchangeably, but the
should all be interpreted as references to
a network element.
Network entity ネットワーク実体 as defined in ISO 7498 RFC1142
Network Entity Title ネットワーク実体タイ as defined in ISO 8348/Add.2 RFC1142
トル
Network File ネットワークファイル A protocol developed by Sun RFC1983
System (NFS) システム(NFS) Microsystems, and defined in RFC 1094
(RFC 1813 defines Version 3), which
allows a computer system to access files
over a network as if they were on its
local disks. This protocol has been
incorporated in products by more than
two hundred companies, and is now a de
facto Internet standard. [Source: NNSC]
Network File ネットワークファイル NFS is an application and protocol suite RFC2504
System (NFS, file システム(NFS、PC that provides a way ofsharing files
sharing with PCs, 等によるファイル共 between clients and servers. There are
etc.) 有) otherprotocols which provide file access
over networks. These providesimilar
functionality, but do not interoperate
with each other.
Network ネットワーク情報セ an organization whose goal is to provide RFC1302
Information Center ンタ(NIC) informational, administrative, and
(NIC) procedural support, primarily to users of
its network and, secondarily, to users of
the greater Internet and to other service
agencies.
Network ネットワーク情報セ A NIC provides information, assistance RFC1983
Information Center ンタ(NIC) and services to network users. See also:
(NIC) Network Operations Center.
Network ネットワーク情報サ A set of services, generally provided by a RFC1983
Information ービス(NIS) NIC, to assist users in using the network.
Services (NIS) See also: Network Information Center.
Network Interfaces ネットワークインタフ A NAS has one or more network RFC2881
ェース interfaces, which connect to the
networks to which access is being
granted.
Network Layer ネットワーク層 as defined in ISO 7498 RFC1142
Network Layer ネットワーク層 The OSI layer that is responsible for RFC1208
routing, switching, and subnetwork
access across the entire OSI
network layer ネットワーク層 Layer three in the ISO reference model. RFC1547
Responsible for routing packets (q.v)
between physical networks.
Network link ネットワークリンク The physical connection between two RFC2642
switches. A link is associated with a
switch interface. There are two physical
types of network links supported by
VLSP: o Point-to-point links that join a
single pair of switches. A serial line is an
example of a point-to-point network link.
o Multi-access broadcast links that
support the attachment of multiple
switches, along with the capability to
address a single message to all the
attached switches. An attached ethernet
is an example of a multi-access
broadcast network link. A single topology
can contain both types of links. At
startup, all links are assumed to be point-
to-point. A link is determined to be multi-
access when more than one neighboring
switch is discovered on the link.
Network link ネットワークリンク The physical connection between two RFC2643
switches. A network link is associated
with a network interface (or port) of a
switch.
network mask ネットワークマスク See: address mask RFC1983
network name ネットワーク名 The terms "device-name", "LU name" RFC2355
and "network name" can be considered
interchangeable in this document. They
refer to a specific terminal or printer
device.
Network News ネットワークニュース A protocol, defined in RFC 977, for the RFC1983
Transfer Protocol 転送プロトコル distribution, inquiry, retrieval, and posting
(NNTP) of news articles. See also: Usenet.
network number ネットワーク番号 See: network address RFC1983
Network Number ネットワーク番号 The network field of the Internet RFC950
Network Operations ネットワーク管理セ an organization whose goal is to oversee RFC1302
Center (NOC) ンタ(NOC) and maintain the daily operations of a
network. Although sometimes one
organization may fulfill the duties of both
a NIC and a NOC, this document
assumes NIC functions to be separate
from NOC functions and addresses NIC
functions only. Obviously, however, a
NIC must work closely with its NOC to
ensure users get the best service
possible.
Network Operations ネットワーク管理セ A location from which the operation of a RFC1983
Center (NOC) ンタ(NOC) network or internet is monitored.
Additionally, this center usually serves as
a clearinghouse for connectivity
problems and efforts to resolve those
problems. See also: Network Information
Center. [Source: NNSC]
Network port ネットワークポート An interface on a switch that attaches to RFC2643
another switch.
Network Prefix ネットワークプレフィ The portion of an IP Address that RFC1812
ックス signifies a set of systems. It is selected
from the IP Address by logically ANDing
a subnet mask with the address, or
(equivalently) setting the bits of the
address not among the most significant
bits of the address to
zero.
Network protocol ネットワークプロトコ as defined in ISO 7498 RFC1142
ル
Network protocol ネットワークプロトコ as defined in ISO 7498 RFC1142
data unit ルデータ単位
Network relay ネットワーク中継 as defined in ISO 7498 RFC1142
network service ネットワークサービ It is a collection of one or more remote RFC1057
ス programs.
network service ネットワークサービ A network service is a collection of one RFC1831
ス or more remote programs.
Network Service ネットワークサービ as defined in ISO 7498 RFC1142
access point ス
Network Service ネットワークサービ A conceptual point on the RFC1136
Access Point スアクセス地点 Network/Transport Layer boundary in an
(NSAP) End System that is globally addressable
(and the address globally unambiguous) in
the OSIE. An NSAP represents a service
available above the Network Layer (such
as a choice of transport protocols). An
End System may have multiple NSAPs.
An NSAP address is roughly equivalent
to the Internet [address, protocol] pair.
Network Service ネットワークサービ as defined in ISO 7498 RFC1142
access point スアクセス地点アド
Network Services ネットワークサービ Services which are not provided on the RFC2504
ス local computer system theend-user is
working on but on a server located in the
network.
Network Time ネットワークサービ A protocol that assures accurate local RFC1983
Protocol (NTP) ス timekeeping with reference to radio and
atomic clocks located on the Internet.
This protocol is capable of synchronizing
distributed clocks within milliseconds
over long time periods. See also:
Internet. [Source: NNSC]
Networking ソフトウエアのネット Some software has features which make RFC2504
Features of ワーク機能 use of the network toretrieve or share
Software data. It may not be obvious that
software hasnetworking features.
New Prefix 新プレフィックス A prefix constructed from a Use-Prefix, RFC2894
possibly including some of the Matched
Prefix.
Next hop 次期ホップ The next router in the direction of traffic RFC2205
flow.
Next Hop 次期ホップサーバ(N An Next Hop Resolution Protocol client RFC2332
Resolution Protocol HS) (NHC) is an entity which initiates NHRP
client (NHC) requests of various types in order to
obtain access to the NHRP service.
Next Hop Server 次期ホップサーバ(N An NHS is an entity performing the Next RFC2332
(NHS) HS) Hop Resolution Protocol service within
the NBMA cloud. An NHS is always
tightly coupled with a routing entity
(router, route server or edge device)
although the converse is not yet
guaranteed until ubiquitous deployment
of this functionality occurs. Note that
the presence of intermediate routers
that are not coupled with an NHS entity
may preclude the use of NHRP when
source and destination stations on
different sides of such routers and thus
such routers may partition NHRP
reachability within an NBMA network.
NFB NFB The Number of Fragment Blocks in a the RFC791
data portion of an internet fragment.
That is, the length of a portion of data
measured in 8 octet units.
NFS NFS a Network File System debugging tool. RFC1470
NFS NFS See: Network File System RFC1983
NFS® NFS® Network File System. A distributed file RFC1208
system developed by Sun Microsystems
which allows a set of computers to
cooperatively access each other's files in
a transparent manner.
NHOP NHOP An object that carries the Next Hop RFC2205
information in RSVP control messages.
NIAP NIOP See: National Information Assurance RFC2828
Partnership.
NIC NIC Network Information Center. Originally RFC1208
there was only one, located at SRI
International and tasked to serve the
ARPANET (and later DDN) community.
Today, there are many NICs, operated by
local, regional, and national networks all
over the world. Such centers provide
user assistance, document service,
training, and much more.
NIC NIC See: Network Information Center RFC1983
NIC.DDN.MIL NIC.DDN.MIL This is the domain name of the DDN NIC. RFC1983
See also: Defense Data Network,
Domain Name System, Network
Information Center.
NIL NIL This represents the non-existence of a RFC2244
particular data item.
NIS NIS See: Network Information Services RFC1983
NIS-related entities NIS関連実体 The term "NIS-related entities" broadly RFC2307
refers to entities which are typically
resolved using the Network Information
Service.
NIST NIST National Institute of Standards and RFC1208
Technology. (Formerly NBS). See OIW.
NIST NIST The national institute of standards, a RFC1330
government organization which develops,
endorses, and promulgates standards for
use by the U.S. government.
NIST NIST See: National Institute of Standards and RFC1983
Technology
NIST NIST See: National Institute of Standards RFC2828
and Technology.
NLP NLP Network Layer Packet. In High RFC2043
Performance Routing (HPR), the
message unit used to carry data over the
route. Network Layer Packet is
analogous to datagram.
NLSP NLSP Network Layer Security Protocol. An RFC2828
OSI protocol (IS0 11577) for
end-to-end encryption services at
the top of OSI layer 3. NLSP is
derived from an SDNS protocol, SP3,
but is much more complex.
NMS NMS Network Management Station. The RFC1208
system responsible for managing a
(portion of a) network. The NMS talks to
network management agents, which
reside in the managed nodes, via a
network management protocol. See agent.
NMS NMS the tool is a component of or queries a RFC1470
Network Management System.
NNI NNI Network to Network Interface RFC2954
NNTP NNTP See: Network News Transfer Protocol RFC1983
NOC NOC Network Operations Center. Any center RFC1208
tasked with the operational aspects of a
production network. These tasks include
monitoring and control, trouble-shooting,
user assistance, and so on.
NOC NOC See: Network Operations Center RFC1983
Nodal Switching ノード交換機(NSS) Main routing nodes in the NSFnet RFC1983
System (NSS) backbone. See also: backbone, National
Science Foundation. [Source: MALAMUD]
NODATA データ不在 a pseudo RCODE which indicates that RFC2308
the name is valid, forthe given class, but
are no records of the given type. A
NODATAresponse has to be inferred
from the answer.
node ノード a device that implements IP. RFC1971
node ノード a device that implements IPv6. RFC1981
node ノード An addressable device attached to a RFC1983
computer network. See also: host, router.
Node ノード A host or a router. RFC2002
Node ノード An entity consisting of one HIPPI RFC2067
Source/Destination pair that is
connected by parallel or serial HIPPI to a
HIPPI-SC switch and that transmits and
receives IP datagrams. A node may be
an Internet host, bridge, router or
gateway. This memo uses the term node
in place of the usual "host" to indicate
that a host might be connected to the
HIPPI LAN not directly, but through an
external adaptor that does some of the
protocol processing for the host.
node ノード a protocol module that implements IPv4 RFC2185
or IPv6.
Node ノード A router or host system. RFC2205
node ノード a device that implements IP. RFC2461
node ノード a device that implements IP. RFC2462
Node ノード A collection of one or more Ports RFC2625
identified by a unique World Wide Node
Name (WW_NN).
no-lone zone 不在域 (I) A room or other space to which RFC2828
no person may have
unaccompanied access and that,
when occupied, is required to be
occupied by two or more
appropriately authorized persons. (See:
dual control.)
non-broadcast 非広域多重アクセス a link to which more than two interfaces RFC2461
multi-access (NBMA) can attach, but that does not support a
(NBMA) native form of multicast or broadcast
(e.g., X.25, ATM, frame relay, etc.). Note
that all link types (including NBMA) are
expected to provide multicast service for
IP (e.g., using multicast servers), but it is
an issue for further study whether ND
should use such facilities or an alternate
mechanism that provides the equivalent
ND services.
Non-Broadcast 非広域多重アクセス An NBMA supports an arbitrary number RFC1932
Multiple Access (NBMA)サブネット of hosts and routers but does not
(NBMA) Subnet natively support a convenient multi-
destination connectionless transmission
facility, as does a broadcast or multicast
capable subnetwork.
Non-broadcast 非広域配信ネットワ A network supporting the attachment of RFC1584
networks ーク more than two stations, but not
supporting the delivery of a single
physical datagram to multiple
destinations (i.e., not supporting data-link
multicast). [OSPF] describes these
networks as non-broadcast, multi-access
networks. An example of a non-
broadcast network is an X.25 PDN.
Nonce 臨時値 A randomly chosen value, different from RFC2002
previous choices, inserted in a message
to protect against replays.
nonce 臨時値 (I) A random or non-repeating value RFC2828
that is included in data
exchanged by a protocol, usually for
the purpose of guaranteeing
liveness and thus detecting and
protecting against replay attacks.
non-critical 非緊急 See: critical (extension of certificate). RFC2828
Non-critical Alert 非緊急警報 an alert triggered by a reportable event RFC1759
which does not lead to a state in which
printing is no longer possible; such an
alert may lead to a state from which
printing may no longer be possible in the
future, such as the low toner state or the
alert may be pure informational, such as
a configuration change at the printer.
non-IP dialup 非IPダイアルアップ This is a dialup network providing user RFC2194
network ネトワーク access to the member systems via
protocols other than IP. These networks
may implement phone book
synchronization facilities, in order to
provide systems, administrators and
users with a current list of participating
systems. Examples of non-IP dialup
networks supporting phone book
synchronization include FidoNet and
WWIVnet.
Non-local 非局所接続 A connection for which neither endpoint RFC2922
Connection is located on the local chassis.
Non-meshed traffic 非メッシュトラフィック Frames offered to a single input interface RFC2285
, where n >=0, each hi is a host, each
li is a link between hi-1 and hi,each
h1...hn-1 is a router. A pair is
termed a 'hop'.In an appropriate
operational configuration, the links
androuters in the path facilitate network-
layer communication ofpackets from h0
to hn. Note that path is a
unidirectionalconcept.
Path 経路 A unicast or multicast path. RFC2386
Path 経路 The route taken by the SCTP packets RFC2960
sent by one SCTP endpoint to a specific
destination transport address of its peer
SCTP endpoint. Sending to different
path digest 経路消化 destination transport addresses does ...,
A sequence of the form , where n >=0, h0 and hn are
hosts, each e1 ... en is an exchange, and
eachC1 ... Cn-1 is a cloud subpath.
path discovery 経路発見 (I) For a digital certificate, the RFC2828
process of finding a set of
public-key certificates that comprise
a certification path from a
trusted key to that specific
certificate.
Path MTU 経路MTU path MTU. RFC1981
path MTU 経路MTU the minimum link MTU of all the links in a RFC1981
path between a source node and a
destination node.
Path state 経路状態 Information kept in routers and hosts RFC2205
about all RSVP senders.
path validation 経路検証 (I) The process of validating (a) all of RFC2828
the digital certificates
in a certification path and (b) the
required relationships between
those certificates, thus validating
the contents of the last
certificate on the path. (See:
certificate validation.)
PathErr PathErr Path Error RSVP control message. RFC2205
pathname 経路名、パス名 Pathname is defined to be the character RFC959
string which must be input to a file
system by a user in order to identify a
file. Pathname normally contains device
and/or directory names, and file name
specification. FTP does not yet specify
a standard pathname convention. Each
user must follow the file naming
conventions of the file systems involved
in the transfer.
PathTear PathTear Path Teardown RSVP control message. RFC2205
payload 有料荷重 The application domain specific indexing RFC2651
information stored inside an index object.
The format of the payload is specified
externally to this document, and depends
on the type of the containing index
payment card 支払いカード (N) SET usage: Collectively refers RFC2828
"to credit cards, debit cards,
charge cards, and bank cards issued
by a financial institution and
which reflects a relationship between
the cardholder and the
financial institution." [SET2]
payment gateway 支払い通路、支払い (O) SET usage: A system operated RFC2828
ゲートウェイ by an acquirer, or a third party
designated by an acquirer, for the
purpose of providing electronic
commerce services to the
merchants in support of the acquirer, and
which interfaces to the acquirer to
support the authorization,
capture, and processing of merchant
payment messages, including
payment instructions from
cardholders. [SET1, SET2]
payment gateway 支払い通路証明認 (O) SET usage: A CA that issues RFC2828
certification 証 digital certificates to payment
authority (SET PCA) gateways and is operated on behalf
of a payment card brand, an
Payment Handler 支払い処理部 The Organisation that physically receives RFC2801
the payment from the Consumer on
behalf of the Merchant
Payment Instrument 支払手段 A Payment Instrument is the means by RFC2801
which Consumer pays for goods or
services offered by a Merchant. It can
be, for example: -- a credit card such as
PC card PCカード (N) A type of credit card-sized, plug- RFC2828
in peripheral device that
was originally developed to provide
memory expansion for portable
computers, but is also used for other
kinds of functional
expansion. (See: FORTEZZA,
PCMCIA.)
(C) The international PC Card
Standard defines a non-proprietary
form factor in three standard sizes--
Types I, II and III--each of
which have a 68-pin interface
between the card and the socket into
which it plugs. All three types have
the same length and width,
roughly the size of a credit card, but
differ in their thickness
from 3.3 to 10.5 mm. Examples
include storage modules, modems,
device interface adapters, and
cryptographic modules.
PCA PCA (D) ISDs SHOULD NOT use this RFC2828
acronym without a qualifying
adjective because that would be
ambiguous. (See: Internet policy
certification authority, (MISSI) policy
creation authority, (SET)
payment gateway certification
authority.)
PCI PCI Protocol Control Information. The RFC1208
protocol information added by an OSI
entity to the service data unit passed
down from the layer above, all together
forming a Protocol Data Unit (PDU).
PCMCIA PCMCIA (N) Personal Computer Memory Card RFC2828
International Association, a
group of manufacturers, developers,
and vendors, founded in 1989
to standardize plug-in peripheral
memory cards for personal
computers and now extended to deal
with any technology that works
in the PC card form factor. (See: PC
card.)
PD PD Public Domain RFC1983
PDF PDF Portable Document Format, see [PDF]. RFC2557
PDISC PDISC Discover Port. An ELS for exchanging RFC2625
Service Parameters without affecting
Login state.
PDU PDU Protocol Data Unit. This is OSI RFC1208
terminology for "packet." A PDU is a
data object exchanged by protocol
machines (entities) within a given layer.
PDUs consist of both Protocol Control
Information (PCI) and user data.
PDU PDU See: Protocol Data Unit RFC1983
PDU PDU Protocol Data Unit RFC2625
peer ピア、隣接 The other end of the point-to-point link. RFC1552
peer ピア The other end of the point-to-point link. RFC1661
peer ピア The other end of the point-to-point link. RFC1662
peer ピア The other end of the point-to-point link. RFC1763
peer ピア The other end of the point-to-point link. RFC1764
peer ピア The other end of the point-to-point link. RFC1967
peer ピア The other end of the point-to-point link. RFC1976
peer ピア The other end of the point-to-point link; RFC1994
the end which is being authenticated by
the authenticator.
peer ピア The other end of the point-to-point link. RFC2043
peer ピア The other end of the point-to-point link. RFC2097
peer ピア The other end of the point-to-point link RFC2125
peer ピア The other end of the point-to-point link; RFC2284
the end which is being authenticated by
the authenticator.
Peer ピア The PPP peer of a mobile node. The RFC2290
mobile node's peer might support home
agent functionality, foreign agent
Peer ピア functionality, both, or neither.
When used in context with L2TP, peer RFC2661
refers to either the LAC or LNS. An
LAC's Peer is an LNS and vice versa.
When used in context with PPP, a peer is
either side of the PPP connection.
Peer ピア Other MASC speakers a node directly RFC2909
communicates with.
peer entity ピア実体認証 (I) "The corroboration that a peer RFC2828
authentication entity in an association is the
one claimed." [I7498 Part 2] (See:
authentication.)
peer entity ピア実体認証サービ (I) A security service that verifies an RFC2828
authentication ス identity claimed by or for
service a system entity in an association.
(See: authentication,
authentication service.)
(C) This service is used at the
Peers ピア Two LS's are peers when they have a RFC2871
persistent association between them
over which gateway information is
exchanged.
PEM PEM Privacy Enhanced Mail; and Internet RFC1943
Standard for sending secure Electronic
mail.
PEM PEM See: Privacy Enhanced Mail RFC1983
PEM PEM Internet Privacy-Enhanced Mail, as RFC2313
defined in RFC 1423 and related
documents.
PEM PEM Internet Privacy-Enhanced Mail, as RFC2315
defined in RFCs 1421-1424.
PEM PEM See: Privacy Enhanced Mail. RFC2828
penetration 貫通 (I) Successful, repeatable, RFC2828
unauthorized access to a protected
penetration test 貫通試験 (I) A system test, often part of RFC2828
system certification, in which
evaluators attempt to circumvent
the security features of the
system. [NCS04]
(C) Penetration testing may be
performed under various constraints
and conditions. However, for a
TCSEC evaluation, testers are
assumed to have all system design
and implementation
documentation, including source
code, manuals, and circuit
diagrams, and to work under no
greater constraints than those
applied to ordinary users.
perfect forward 完全進行機密 See: (discussion under) public-key RFC2828
secrecy forward secrecy.
Per-hop Behavior ホップ毎振る舞い a description of the externally RFC2474
(PHB) observableforwarding treatment applied
at a differentiated services-
compliantnode to a behavior aggregate.
Per-hop Behavior ホップ毎振る舞い群 a set of one or more PHBs that can only RFC2474
Group bemeaningfully specified and
implemented simultaneously, due to
Per-Hop-Behavior ホップ毎振る舞い acommon constraint applying to all PHBs
the externally observable forwarding RFC2475
(PHB) behavior applied at a DS-compliant node
perimeter 周囲長 See: security perimeter. RFC2828
periods processing 期間処理 (I) A mode of system operation in RFC2828
which information of different
sensitivities is processed at
distinctly different times by the
same system, with the system being
properly purged or sanitized
between periods. (See: color change.)
Permanent Virtual 永続仮想接続 A virtual connection that has its end- RFC2954
Connection (PVC) points and bearer capabilities defined at
subscription time.
permission 許可 (I) A synonym for "authorization", RFC2828
but "authorization" is
preferred in the PKI context. (See:
privilege.)
Permissions 許可 Another word for the access controls RFC2504
that are used to control theaccess to
files and other resources.
personal 個人識別番号 (I) A character string used as a RFC2828
identification password to gain access to a
number (PIN) system resource. (See:
authentication information.)
(C) Despite the words
"identification" and "number", a PIN
seldom
serves as a user identifier, and a
PIN's characters are not
necessarily all numeric. A better
name for this concept would have
been "personal authentication
system string (PASS)".
(C) Retail banking applications
commonly use 4-digit PINs.
FORTEZZA PC card's use up to 12
characters for user or SSO PINs.
Personal Mailbox" 個人郵便箱モデル The "Personal Mailbox" model, in which RFC2342
model the default namespace that is presented
consists of only the user's personal
mailboxes. To access shared mailboxes,
the user must use an escape mechanism
to reach another namespace.
Personal Namespace 個人名前空間 A namespace that the server considers RFC2342
within the personal scope of the
authenticated user on a particular
connection. Typically, only the
authenticated user has access to
mailboxes in their Personal Namespace.
It is the part of the namespace that
belongs to the user that is allocated for
mailboxes. If an INBOX exists for a user,
it MUST appear within the user's
personal namespace. In the typical case,
there SHOULD be only one Personal
Namespace on a server.
personality, 個人性、個人性ラベ (O) MISSI usage: A set of MISSI RFC2828
personality label ル X.509 public-key certificates that
have the same subject DN, together
with their associated private
keys and usage specifications, that
is stored on a FORTEZZA PC
card to support a role played by the
card's user.
(C) When a card's user selects a
personality to use in a FORTEZZA-
aware application, the data
determines behavior traits (the
personality) of the application. A
card's user may have multiple
personalities on the card. Each has a
"personality label", a user-
friendly character string that
applications can display to the
user for selecting or changing the
personality to be used. For
example, a military user's card might
contain three personalities:
GENERAL HALFTRACK,
COMMANDER FORT SWAMPY, and NEW
YEAR'S EVE PARTY
CHAIRMAN. Each personality
includes one or more certificates of
different types (such as DSA versus
RSA), for different purposes
personnel security 人員セキュリティ (I) Procedures signature versus
(such as digitalto ensure that RFC2828
persons who access a system have
proper clearance, authorization, and
need-to-know as required by
the system's security policy.
PGP See: Pretty Good Privacy RFC1983
PGP (Pretty Good PGP is an application package that RFC2504
Privacy) provides tools to encrypt anddigitally sign
files on computer systems. It is
especially usefulto encrypt and/or sign
files and messages before sending them
viaEmail.
PGP(trademark) See: Pretty Good Privacy. RFC2828
PHB group PHB群 a set of one or more PHBs that can only RFC2475
be meaningfully specified and
implemented simultaneously, due to a
common constraint applying to all PHBs
in the set such as a queue servicing or
queue management policy. A PHB group
provides a service building block that
allows a set of related forwarding
behaviors to be specified together (e.g.,
four dropping priorities). A single PHB is
a special case of a PHB group.
phone book 電話帳 This is a database or document RFC2194
containing data pertaining to dialup
access, including phone numbers and any
associated attributes.
phone book 電話帳 This is a database or document RFC2477
containing data pertaining to dialup
phone book server 電話帳サーバ This is a server that maintains the latest RFC2477
version of the phone book. Clients
communicate with phone book servers in
order to keep their phone books up to
PHOP An object that carries the Previous Hop RFC2205
information in RSVP control messages.
Photuris (I) A UDP-based, key establishment RFC2828
protocol for session keys,
designed for use with the IPsec
protocols AH and ESP. Superseded
by IKE.
phreaking フレーキング (I) A contraction of "telephone RFC2828
breaking". An attack on or
penetration of a telephone system
or, by extension, any other
communication or information
system. [Raym]
(D) ISDs SHOULD NOT use this
term because it is not listed in most
Physical Layer 物理層 The OSI layer that provides the means RFC1208
to activate and use physical connections
for bit transmission. In plain terms, the
physical layer 物理層 The first layer in the ISO reference RFC1547
model. Describes electrical, mechanical
and timing characteristics of a link.
Physical Media 物理媒体 Any means in the physical world for RFC1208
transferring signals between OSI
systems. Considered to be outside the
OSI Model, and therefore sometimes
referred to as "Layer 0." The physical
physical media 物理媒体 Magnetic or optical storage. Not to be RFC1614
confused with media type!
Physical Network 物理ネットワーク A Physical Network is a network (or a RFC1812
piece of an internet) which is contiguous
at the Link Layer. Its internal structure
(if any) is transparent to the Internet
Layer.
Physical network 物理ネットワークイン This is a physical interface to a RFC1122
interface タフェース connected network and has a (possibly
unique) link-layer address. Multiple
Physical Network 物理ネットワークイン This is a physical interface to a RFC1812
Interface タフェース Connected Network and has a (possibly
unique) Link-Layer address. Multiple
Physical Network Interfaces on a single
router may share the same Link-Layer
address, but the address must be unique
for different routers on the same
Physical Network.
physical security 物理セキュリティ (I) Tangible means of preventing RFC2828
unauthorized physical access to a
system. E.g., fences, walls, and other
Physical Topology 物理トポロジ、物理 Physical topology represents the RFC2922
構成形態 topology model for layer 1 of the OSI
stack - the physical layer. Physical
topology consists of identifying the
devices on the network and how they are
physically interconnected. By definition
PI PI The protocol interpreter. The user and RFC959
server sides of the protocol have distinct
roles implemented in a user-PI and a
server-PI.
PIBES PIBES The Protocol for Internet Broadcast RFC2834
Emulation Server (see section 7).
PIBES PIBES The Protocol for Internet Broadcast RFC2835
Emulation Server (see section 7).
piggyback attack ピギーバック攻撃、 (I) A form of active wiretapping in RFC2828
おんぶ攻撃 which the attacker gains
access to a system via intervals of
inactivity in another user's
legitimate communication
connection. Sometimes called a
"between-
the-lines" attack. (See: hijack
attack, man-in-the-middle attack.)
PIN See: personal identification number. RFC2828
ping ピング Packet internet groper. A program used RFC1208
to test reachability of destinations by
sending them an ICMP echo request and
waiting for a reply. The term is used as
a verb: "Ping host X to see if it is up!"
Ping ピング a tool that sends packet probes such as RFC1470
ICMP echo messages; to help
distinguish tools, we do not consider
NMS queries or protocol spoofing (see
PING PING See: Packet INternet Groper RFC1983
ping of death 致死ピング (I) An attack that sends an RFC2828
improperly large ICMP [R0792] echo
request packet (a "ping") with the
intent of overflowing the input
buffers of the destination machine
and causing it to crash.
ping sweep ピング掃引 (I) An attack that sends ICMP RFC2828
[R0792] echo requests ("pings") to a
range of IP addresses, with the goal
of finding hosts that can be
PINT PSTN/Internet Interworking RFC2848
PINT Client PINTクライアント An Internet host that sends requests for RFC2848
invocation of a PINT Service, in
accordance with this document.
PINT Gateway PINTゲートウェイ An Internet host that accepts requests RFC2848
for PINT Service and dispatches them
PINT Service PINTサービス onwards towards awithin a phone system
A service invoked telephone network. RFC2848
in response to a request received from
an PINT client.
PIU PIU Path information unit. A message unit RFC2043
consisting of a transmission header (TH)
alone, or a TH followed by a basic
information unit (BIU) or a BIU segment.
PIU is analogous to datagram.
PKCS PKCS See: Public-Key Cryptography RFC2828
Standards.
PKCS #10 PKCS #10 (N) A standard [PKC10] from the RFC2828
PKCS series; defines a syntax for
requests for public-key certificates.
(See: certification
request.)
(C) A PKCS #10 request contains a
PKCS #11 PKCS #11 (N) A standard [PKC11] from the RFC2828
PKCS series; defines a software
CAPI called Cryptoki (pronounced
"crypto-key"; short for
"cryptographic token interface") for
devices that hold
cryptographic information and
PKCS #7 PKCS #7 (N) A standard [PKC07, R2315] from RFC2828
the PKCS series; defines a
syntax for data that may have
cryptography applied to it, such as
PKI PKI See: public-key infrastructure. RFC2828
PKIX PKIX (I) (1.) A contraction of "Public-Key RFC2828
Infrastructure (X.509)", the
PKIX private PKIX私的拡張 (I) PKIX defines a private extension RFC2828
extension to identify an on-line
verification service supporting the
issuing CA.
Plaintext 平文 The input to an encryption function or RFC1510
the output of a decryption function.
Decryption transforms ciphertext into
plaintext.
plaintext 平文 (I) Data that is input to and RFC2828
transformed by an encryption
process, or that is output by a
decryption process.
Plain-text 平文 Unencrypted text. RFC1704
PLOGI Port Login. RFC2625
Plug-in Modules プラグインモジュー Software components that integrate into RFC2504
ル other software (such asweb browsers) to
provide additional features.
PMTU path MTU, Path MTU. RFC1981
Point Of Presence 存在時点 A site where there exists a collection of RFC1983
(POP) telecommunications equipment, usually
digital leased lines and multi-protocol
routers.
Point to Point Line 点対線 A physical medium capable of connecting RFC1812
exactly two systems. In this document,
it is only used to refer to such a line
when used to connect IP entities. See
General Purpose Serial Interface.
Point-of-Contact, 接触点セキュリティ In case of security breaches or problems, RFC2504
Security many organisationsprovide a designated
point-of-contact which can alert others
andtake the appropriate actions.
point-to-point 点対 a link that connects exactly two RFC2461
interfaces. A point-to-point link is
assumed to have multicast capability and
have a link-local address.
point-to-point link 点対リンク A link that connects the single primary RFC1747
link station to single secondary link
station. A point-to-point link may be
either switched or leased.
point-to-point 点対プロトコル A data link layer protocol for the RFC1547
protocol (ppp) transmission of packets (q.v.) over a
point-to-point link. In the following
discussion, the acronym "ppp" refers to
any generic point-to-point protocol.
Point-to-Point 点対プロトコル The Point-to-Point Protocol, defined in RFC1983
Protocol (PPP) RFC 1661, provides a method for
transmitting packets over serial point-to-
point links. There are many other RFCs
Point-to-Point 点対プロトコル (I) An Internet Standard protocol RFC2828
Protocol (PPP) [R1661] for encapsulation and
full-duplex transportation of network
layer (mainly OSI layer 3)
protocol data packets over a link
between two peers, and for
multiplexing different network layer
protocols over the same link.
Includes optional negotiation to
select and use a peer entity
authentication protocol to
authenticate the peers to each other
before they exchange network layer
data. (See: CHAP, EAP, PAP.)
Point-to-Point 点対トンネルプロトコ (I) An Internet client-server protocol RFC2828
Tunneling Protocol ル (originally developed by
(PPTP) Ascend and Microsoft) that enables
a dial-up user to create a
virtual extension of the dial-up link
across a network by
tunneling PPP over IP. (See: L2TP.)
(C) PPP can encapsulate any
Internet Protocol Suite network layer
protocol (or OSI layer 3 protocol).
Therefore, PPTP does not
specify security services; it depends
on protocols above and below
it to provide any needed security.
PPTP makes it possible to
divorce the location of the initial dial-
up server (i.e., the PPTP
Access Concentrator, the client,
which runs on a special-purpose
host) from the location at which the
dial-up protocol (PPP)
connection is terminated and access
to the network is provided
(i.e., the PPTP Network Server,
which runs on a general-purpose
host).
Police Police See traffic policing. RFC2205
Policing 取り締まり Policing is the set of actions triggered RFC2216
when a flow's actual data traffic
characteristics exceed the expected
values given in the flow's traffic
specification. Services which require
policing functions to operate correctly
must specify both the action to be taken
when such discrepancies occur and the
locations in the network where
discrepancies are to be detected.
Examples of such actions might include
relegating the packet to best effort
service, dropping packets, reshaping the
traffic, or marking non-conforming traffic
in some fashion.
Policing 取り締まり the process of discarding packets (by a RFC2475
dropper) within a traffic stream in
accordance with the state of a
corresponding meter enforcing a traffic
profile.
Policy 方針文書 A document defining acceptable access RFC2647
to protected, DMZ, and unprotected
networks.
Policy 方針 The combination of rules and services RFC2753
where rules define the criteria for
resource access and usage.
policy 方針 (D) ISDs SHOULD NOT use this RFC2828
word as an abbreviation for either
"security policy" or "certificate
policy". Instead, to avoid
misunderstanding, use the fully
qualified term, at least at the
point of first usage.
policy approving 方針承認機関 (O) MISSI usage: The top-level RFC2828
authority (PAA) signing authority of a MISSI
certification hierarchy. The term
refers both to that
authoritative office or role and to
the person who plays that
role. (See: root registry.)
(C) A PAA registers MISSI PCAs
and signs their X.509 public-key
certificates. A PAA issues CRLs but
does not issue a CKL. A PAA
may issue cross-certificates to
other PAAs.
Policy based filtering 方針基盤フィルタリ Filtering is the process of discarding RFC1242
ング received frames by administrative
decision where normal operation would
be to forward them.
policy certification 方針証明機関 (I) An X.509-compliant CA at the RFC2828
authority (Internet second level of the Internet
PCA) certification hierarchy, under the
Internet Policy Registration
Authority (IPRA). Each PCA
operates in accordance with its
published security policy (see:
certification practice statement)
and within constraints established by
the IPRA for all PCAs.
[R1422]. (See: policy creation
authority.)
Policy control 方針制御 A function that determines whether a RFC2205
new request for quality of service has
administrative permission to make the
requested reservation. Policy control
may also perform accounting (usage
feedback) for a reservation.
Policy control 方針制御 The application of rules to determine RFC2753
whether or not access to a particular
resource should be granted.
policy creation 方針作成機関 (O) MISSI usage: The second level of RFC2828
authority (MISSI a MISSI certification
PCA) hierarchy; the administrative root of
a security policy domain of
MISSI users and other, subsidiary
authorities. The term refers
both to that authoritative office or
role and to the person who
fills that office. (See: policy
certification authority.)
(C) A MISSI PCA's certificate is
issued by a policy approving
authority. The PCA registers the
CAs in its domain, defines their
configurations, and issues their
X.509 public-key certificates.
(The PCA may also issue
certificates for SCAs, ORAs, and other
end
entities, but a PCA does not usually
do this.) The PCA
periodically issues CRLs and CKLs
Policy data 方針データ Data carried in a Path or Resv message RFC2205
and used as input to policy control to
determine authorization and/or usage
feedback for the given flow.
Policy Decision 方針決定時点 The point where policy decisions are RFC2753
Point (PDP) made.
Policy Decision 方針決定時点 The point where policy decisions are RFC2904
Point (PDP) made.
Policy Decision 方針決定時点 The point where policy decisions are RFC2905
Point (PDP) made.
Policy Element 方針要素 Subdivision of policy objects; contains RFC2753
single units of information necessary for
the evaluation of policy rules. A single
policy element may carry an user or
application identification whereas another
policy element may carry user
credentials or credit card information.
The policy elements themselves are
expected to be independent of which
QoS signaling protocol is used.
Policy Enforcement 方針実施時点 The point where the policy decisions are RFC2753
Point (PEP) actually enforced.
Policy Enforcement 方針実施時点 The point where the policy decisions are RFC2904
Point (PEP) actually enforced.
Policy Enforcement 方針実施時点 The point where the policy decisions are RFC2905
Point (PEP) actually enforced.
Policy Ignorant 方針無知節点 A network element that does not RFC2753
Node (PIN) explicitly support policy control using the
mechanisms defined in this document.
Policy Management 方針管理機関 (N) Canadian usage: An organization RFC2828
Authority responsible for PKI oversight
and policy management in the
Government of Canada.
Policy Management 方針管理インタフェ A NAS provides an interface which RFC2881
Interface ース allows access to network services to be
managed on a per-user basis. This
interface may be a configuration file, a
graphical user interface, an API, or a
protocol such as RADIUS, Diameter, or
COPS [19]. This interface pr
policy mapping 方針対応 (I) "Recognizing that, when a CA in RFC2828
one domain certifies a CA in
another domain, a particular
certificate policy in the second
domain may be considered by the
authority of the first domain to
be equivalent (but not necessarily
identical in all respects) to a
particular certificate policy in the
first domain." [X509]
Policy Object 方針オブジェクト Contains policy-related information such RFC2753
as policy elements and is carried in a
request or response related to a
resource allocation decision.
Policy qualifier 方針修飾子 Policy-dependent information that RFC2527
accompanies a certificate policy
identifier in an X.509 certificate.
polled server 被確認サーバ A CIP server which receives a request to RFC2651
generate and pass an index to a peer
server.
polling server 確認サーバ A CIP server which generates a request RFC2651
to a peer server for its index.
POP POP See: Post Office Protocol and Point Of RFC1983
Presence
POP3 POP3 See: Post Office Protocol, version 3. RFC2828
POP3 APOP POP3 APOP (I) A POP3 "command" (better RFC2828
described as a transaction type, or a
protocol-within-a-protocol) by which
a POP3 client optionally uses
a keyed hash (based on MD5) to
authenticate itself to a POP3
server and, depending on the server
implementation, to protect
against replay attacks. (See: CRAM,
POP3 AUTH, IMAP4
AUTHENTICATE.)
(C) The server includes a unique
timestamp in its greeting to the
client. The subsequent APOP
command sent by the client to the
server contains the client's name
and the hash result of applying
MD5 to a string formed from both
the timestamp and a shared secret
that is known only to the client and
the server. APOP was designed
to provide as an alternative to using
POP3's USER and PASS (i.e.,
password) command pair, in which
the client sends a cleartext
password to the server.
POP3 AUTH POP3 AUTH (I) A "command" [R1734] (better RFC2828
described as a transaction type,
or a protocol-within-a-protocol) in
POP3, by which a POP3 client
optionally proposes a mechanism to
a POP3 server to authenticate
the client to the server and provide
other security services.
(See: POP3 APOP, IMAP4
AUTHENTICATE.)
(C) If the server accepts the
proposal, the command is followed by
performing a challenge-response
authentication protocol and,
optionally, negotiating a protection
mechanism for subsequent POP3
interactions. The security
mechanisms used by POP3 AUTH are
those
used by IMAP4.
port ポート The abstraction used by Internet RFC1208
transport protocols to distinguish among
multiple simultaneous connections to a
single destination host. See selector.
Port ポート The "abstraction that transport RFC1889
protocols use to distinguish among
multiple destinations within a given host
computer. TCP/IP protocols identify
ports using small positive integers." [3]
The transport selectors (TSEL) used by
the OSI transport layer are equivalent to
ports. RTP depends upon the lower-
layer protocol to provide some
mechanism such as ports to multiplex
the RTP and RTCP packets of a session.
port ポート A port is a transport layer demultiplexing RFC1983
value. Each application has a unique port
number associated with it. See also:
Transmission Control Protocol, User
Datagram Protocol.
Port ポート The transmitter, receiver and associated RFC2625
logic at either end of a link within a Node.
There may be multiple Ports per Node.
Each Port is identified by a unique
Port_ID, which is volatile, and a unique
World Wide Port Name (WW_PN), which is
unchangeable. In this document, the term
"port" may be used interchangeably with
NL_Port or N_Port.
Port ポート An entity consisting of one HIPPI RFC2834
Source/Destination dual simplex pair
that is connected by parallel or serial
HIPPI to a HIPPI-SC switch and that
transmits and receives IP datagrams.
Port ポート An entity consisting of one HIPPI RFC2835
Source/Destination dual simplex pair
that is connected by parallel or serial
HIPPI to a HIPPI-SC switch and that
transmits and receives IP datagrams. A
port may be an Internet host, bridge,
Port ポート A port is a physical component which RFC2922
can be connected to another port
through some medium. It is identified by
an entPhysicalEntry with an
entPhysicalClass value of 'port(10)'. A
port identifier consists of an
SnmpAdminString which must be unique
port ポート The portion of a socket that specifies RFC793
which logical input or output channel of a
process is associated with the data.
Port ID ポートID A 10-octet value that uniquely identifies RFC2643
an interface of a switch. The value
consists of the 6-octet base MAC
address of the switch, followed by the 4-
octet local port number of the interface.
port scan ポート走査 (I) An attack that sends client RFC2828
requests to a range of server port
addresses on a host, with the goal of
finding an active port and
exploiting a known vulnerability of
that service.
Port_ID Port_ID Fibre Channel ports are addressed by RFC2625
unique 24-bit Port_IDs. In a Fibre
Channel frame header, the Port_ID is
referred to as S_ID (Source ID) to
identify the port originating a frame, and
D_ID to identify the destination port. The
Port_ID of a given port is volatile
POSI POSI Promoting Conference for OSI. The OSI RFC1208
"800-pound gorilla" in Japan. Consists
of executives from the six major
Japanese computer manufacturers and
Nippon Telephone and Telegraph. They
set policies and commit resources to
promote OSI.
POSIX POSIX (N) Portable Operating System RFC2828
Interface for Computer Environments,
a standard [FP151, IS9945-1]
(originally IEEE Standard P1003.1)
that defines an operating system
interface and environment to
support application portability at the
source code level. It is
intended to be used by both
application developers and system
implementers.
(C) P1003.1 supports security
functionality like those on most
UNIX systems, including
discretionary access control and
privilege. IEEE Draft Standard
P1003.6.1 specifies additional
functionality not provided in the
base standard, including (a)
discretionary access control, (b)
audit trail mechanisms, (c)
privilege mechanisms, (d) mandatory
access control, and (e)
information label mechanisms.
Post Office 郵便局プロトコル A protocol designed to allow single user RFC1983
Protocol (POP) hosts to read electronic mail from a
server. Version 3, the most recent and
most widely used, is defined in RFC 1725.
See also: Electronic Mail.
Post Office 郵便局プロトコル第3 (I) An Internet Standard protocol RFC2828
Protocol, version 3 版 [R1939] by which a client
(POP3) workstation can dynamically access
a mailbox on a server host to
retrieve mail messages that the
server has received and is holding
for the client. (See: IMAP4.)
(C) POP3 has mechanisms for
optionally authenticating a client to
a server and providing other security
services. (See: POP3 APOP,
POP3 AUTH.)
Postal Telegraph 電信電話公社 Outside the USA, PTT refers to a RFC1983
and Telephone telephone service provider, which is
(PTT) usually a monopoly, in a particular
postmaster 郵便局長 The person responsible for taking care of RFC1983
electronic mail problems, answering
queries about users, and other related
work at a site. See also: Electronic Mail.
[Source: ZEN]
POTS POTS Plain Old Telephone Service. RFC2661
PPP PPP Point-to-Point Protocol. The successor RFC1208
to SLIP, PPP provides router-to-router
and host-to-network connections over
both synchronous and asynchronous
circuits. See SLIP.
PPP PPP See: Point-to-Point Protocol RFC1983
PPP PPP See: Point-to-Point Protocol. RFC2828
PPP (Point to Point PPP (Point to Point PPP is the mechanism which most end- RFC2504
Protocol) Protocol) users establish a networkconnection
between their PC and their Internet
service providerwith. Once connected,
the PC is able to transmit and receive
datato any other system on the network.
PPTP PPTP See: Point-to-Point Tunneling RFC2828
Protocol.
PRDMD PRDMD See PRIVATE DIRECTORY RFC1330
MANAGEMENT DOMAIN.
pre-authorization 予備認証 (I) A capability of a CAW that RFC2828
enables certification requests to
be automatically validated against
data provided in advance to the
CA by an authorizing entity.
Predicate 述語 A boolean expression of attributes, RFC2165
relations and logical operators. The
predicate is used to find services which
satisfy particular requirements. See
section 5.3.
predictive delay 予測遅延 predictive delay provides a probabilistic RFC1821
delay bound [24];
Preference 選好 An attribute of a sender or receiver RFC 2703
(often the receiver) which indicates an
preference to generate or process one
particular type of message content over
another, even if both are possible.
preferred address 選好アドレス an address assigned to an interface RFC1971
whose use by upper layer protocols is
unrestricted. Preferred addresses may be
used as the source (or destination)
address of packets sent from (or to) the
interface.
preferred address 選好アドレス an address assigned to an interface RFC2462
whose use by upper layer protocols is
unrestricted. Preferred addresses may be
used as the source (or destination)
address of packets sent from (or to) the
interface.
preferred lifetime 選好生存時間 the length of time that a valid address is RFC1971
preferred (i.e., the time until deprecation).
When the preferred lifetime expires, the
address becomes deprecated.
preferred lifetime 選好生存時間 the length of time that a valid address is RFC2462
preferred (i.e., the time until deprecation).
When the preferred lifetime expires, the
address becomes deprecated.
prefix 接頭辞 a bit string that consists of some number RFC2461
of initial bits of an address.
Prefix 接頭辞 A prefix can be understood as an RFC2894
address plus a length, the latter being an
integer in the range 0 to 128 indicating
how many leading bits are significant.
When referring to bits within a prefix,
they are numbered in the same way as
the bits of an addres
Prefix Control 接頭辞制御演算 This is the smallest individual unit of RFC2894
Operation Router Renumbering operation. A Router
Renumbering Command packet includes
zero or more of these, each comprising
one matching condition, called a Match-
Prefix Part, and zero or more
substitution specifications, ca
Pre-mark 予備マーク to set the DS codepoint of a packet prior RFC2475
to entry into a downstream DS domain.
Presentation プレゼンテーション A set of one or more streams presented RFC2326
to the client as acomplete media feed,
using a presentation description
asdefined below. In most cases in the
RTSP context, this impliesaggregate
control of those streams, but does not
Presentation プレゼンテーションア See OSI Presentation Address. RFC1208
Address ドレス
Presentation プレゼンテーション A presentation description contains RFC2326
description 記述 information about one ormore media
streams within a presentation, such as
the set ofencodings, network addresses
and information about thecontent. Other
IETF protocols such as SDP (RFC 2327)
usethe term "session" for a live
presentation. The
presentationdescription may take several
different formats, including butnot limited
to the session description format SDP.
Presentation Layer プレゼンテーション The OSI layer that determines how RFC1208
層 Application information is represented
(i.e., encoded) while in transit between
two end systems.
Pretty Good Pretty Good A program, developed by Phil RFC1983
Privacy (PGP) Privacy (PGP) Zimmerman, which cryptographically
protects files and electronic mail from
being read by others. It may also be
used to digitally sign a document or
message, thus authenticating the creator.
See also: encryption, Data Encryption
Pretty Good Pretty Good (O) Trademarks of Network RFC2828
Privacy(trademark) Privacy(trademark) Associates, Inc., referring to a
(PGP(trademark)) (PGP(trademark)) computer program (and related
protocols) that uses cryptography to
provide data security for electronic
mail and other applications
on the Internet. (See: MOSS, PEM,
S/MIME.)
(C) PGP encrypts messages with
IDEA in CFB mode, distributes the
IDEA keys by encrypting them with
RSA, and creates digital
signatures on messages with MD5
and RSA. To establish ownership of
public keys, PGP depends on the
web of trust. (See: Privacy
Enhanced Mail.)
Previous hop 前ホップ The previous router in the direction of RFC2205
traffic flow. Resv messages flow towards
previous hops.
primary account 主アカウント番号 (O) SET usage: "The assigned RFC2828
number (PAN) number that identifies the card
issuer and cardholder. This account
number is composed of an
issuer identification number, an
individual account number
identification, and an accompanying
check digit as defined by ISO
7812-1985." [SET2, IS7812] (See:
bank identification number.)
(C) The PAN is embossed, encoded,
or both on a magnetic-strip-
based credit card. The PAN
identifies the issuer to which a
transaction is to be routed and the
account to which it is to be
applied unless specific instructions
indicate otherwise. The
authority that assigns the bank
identification number part of the
PAN is the American Bankers
Association.
Primary IP Address 主IPアドレス An IP address selected from the set of RFC2338
realinterface addresses. One possible
selectionalgorithm is to always select the
firstaddress. VRRP advertisements are
always sentusing the primary IP address
as the source ofthe IP packet.
primary link station 主リンク局 The link station instance on a link RFC1747
connection that is responsible for the
control of the data link. There must be
only one primary link station on a link
connection. The primary link station
issues commands to one or more
secondary link stations.
Primary Master 一次マスタ master server at the root of the zone RFC1996
transfer dependency graph. The primary
master is named in the zone's SOA
MNAME field and optionally by an NS RR.
There is by definition only one primary
master server per zone.
Primary Master 一次マスタ master server at the root of the RFC2136
AXFR/IXFR dependency graph. The
primary master is named in the zone's
SOA MNAME field and optionally by an
NS RR. There is by definition only one
primary master server per zone.
Primary Path 一次経路 The primary path is the destination and RFC2960
source address that will be put into a
packet outbound to the peer endpoint by
default. The definition includes the
source address since an implementation
MAY wish to specify both destination and
source address to
Primary Server 主サーバ An authoritative server for which the RFC2182
zone information is locally configured.
Sometimes known as a Master server.
PRIMITIVE NAME 基本名 A name assigned by a naming authority. RFC1330
Primitive names are components of
descriptive names.
Primitive Sequence 基本系列 A primitive Sequence is an Ordered Set RFC2625
that is transmitted repeatedly and
continuously.
principal 主体 Abstract entity which can be RFC1507
authenticated by name. In DASS there
are user principals and server principals.
Principal 主体 A uniquely named client or server RFC1510
instance that participates in a network
communication.
PRINCIPAL 主キー a cryptographic key, capable of RFC2693
generating a digital signature. We deal
with public-key signatures in this
document but any digital signature
Principal identifier 主識別子 The name used to uniquely identify each RFC1510
different principal.
Printer プリンタ a physical device that takes media from RFC1759
an input source, produces marks on that
media according to some page
description or page control language and
puts the result in some output
destination, possibly with finishing applied.
printer プリンタ Throughout this document, 'printer' shall RFC2567
be interpreted to include any device
which is capable of marking on a piece of
media using any available technology.
These design goals do not include
support for multi-tiered printing solutions
involving servers (single or multiple)
logically in front of the actual printing
device yet all such configurations shall
be supported but shall appear to the end-
user as only a single device.
Printing 印刷 the entire process of producing a printed RFC1759
document from generation of the file to
be printed, choosing printing properties,
selection of a printer, routing, queuing,
resource management, scheduling, and
finally printing including notifying the user
privacy プライバシ (I) The right of an entity (normally a RFC2828
person), acting in its own
behalf, to determine the degree to
which it will interact with its
environment, including the degree to
which the entity is willing
to share information about itself with
others. (See: anonymity.)
(O) "The right of individuals to
control or influence what
information related to them may be
collected and stored and by
whom and to whom that information
may be disclosed." [I7498 Part
2]
(D) ISDs SHOULD NOT use this
term as a synonym for "data
confidentiality" or "data
confidentiality service", which are
different concepts. Privacy is a
reason for security rather than a
kind of security. For example, a
system that stores personal data
needs to protect the data to prevent
harm, embarrassment,
inconvenience, or unfairness to any
person about whom data is
maintained, and to protect the
Privacy Enhanced person's email which provides
プライバシ強化メー Internet privacy. For that reason, RFC1983
Mail (PEM) ル confidentiality, authentication and
message integrity using various
encryption methods. See also: Electronic
Mail, encryption.
Privacy Enhanced プライバシ強化メー (I) An Internet protocol to provide RFC2828
Mail (PEM) ル data confidentiality, data
integrity, and data origin
authentication for electronic mail.
[R1421, R1422]. (See: MOSS, MSP,
PGP, S/MIME.)
(C) PEM encrypts messages with
DES in CBC mode, provides key
distribution of DES keys by
encrypting them with RSA, and signs
messages with RSA over either MD2
or MD5. To establish ownership
of public keys, PEM uses a
certification hierarchy, with X.509
public-key certificates and X.509
CRLs that are signed with RSA
and MD2. (See: Pretty Good Privacy.)
(C) PEM is designed to be
compatible with a wide range of key
management methods, but is limited
to specifying security services
only for text messages and, like
MOSS, has not been widely
implemented in the Internet.
Privacy Programs プライバシプログラ Another term for encryption software RFC2504
ム that highlights the use ofthis software to
protect the confidentiality and therefore
privacyof the end-users that make use
of it.
private component 私的コンポーネント (I) A synonym for "private key". RFC2828
(D) In most cases, ISDs SHOULD
NOT use this term; to avoid
confusing readers, use "private key"
instead. However, the term
MAY be used when specifically
discussing a key pair; e.g., "A key
pair has a public component and a
private component."
PRIVATE 私的ディレクトリ管理 A Private Directory Management Domain RFC1330
DIRECTORY 領域 (PRDMD) is a Directory Management
MANAGEMENT Domain which is managed by an
DOMAIN organization other than an administration.
Private extension 私的拡張 Additional extensions, each named by an RFC2828
OID, can be locally defined as needed
by applications or communities. (See:
PKIX private extension, SET private
extensions.)
private extension 私的拡張 See: (secondary definition under) RFC2828
extension.
private key 私的キー Cryptographic key used in asymmetric RFC1507
(public key) cryptography to decrypt
and/or sign messages. In asymmetric
cryptography, knowing the encryption key
is independent of knowing the decryption
key. The decryption (or signing) private
key cannot be derived from the
encrypting (or verifying) public key.
private key 私的キー Modulus and private exponent. RFC2313
private key 私的キー (I) The secret component of a pair of RFC2828
cryptographic keys used for asymmetric
cryptography. (See: key pair, public key.)
(O) "(In a public key cryptosystem) that
key of a user's key pair which is known
only by that user." [X509]
Private Loop Device 私的ループ機器 A device that does not attempt Fabric RFC2625
Login (FLOGI) and usually adheres to
PLDA. The Area and Domain components
of the NL_Port ID must be 0x0000. These
devices cannot communicate with any
port not in the local loop.
PRIVATE 私的管理領域 A Private Management Domain (PRMD) is RFC1330
MANAGEMENT a management domain managed by a
DOMAIN company or non-commercial organization.
Private Network 専用ネットワーク A protected network separated from the RFC2356
Internet by hostsenforcing access
restrictions (firewalls). A private
networkmay use a private address space,
and its addresses may noteven be
routable by the general internet.
private network 専用ネットワーク A private network is an address realm RFC2663
independent of external network
addresses. Private network may also be
referred alternately as Local Network.
Transparent routing between hosts in
private realm and external realm is
facilitated by a NAT router.
private-key 私的キー A value that is kept secret, and is part of RFC2522
an asymmetric public/private key-pair.
PrivateKeyInfo A type that specifies a private key and a RFC2985
set of extended attributes. This type
and the associated
EncryptedPrivateKeyInfo type are
privilege 特権 (I) An authorization or set of RFC2828
authorizations to perform security-
relevant functions, especially in the
context of a computer operating system.
Privilege attributes 特権属性 Attributes, associated with a security RFC2820
subject that, when matched against
control attributes of a security object,
are used to grant or deny access to that
subject. Group and role memberships
are examples of privilege attributes.
privilege 特権管理基盤構造 (N) "The complete set of processes RFC2828
management required to provide an authorization
infrastructure service", i.e., processes concerned with
attribute certificates. [FPDAM] (See: PKI.)
(D) ISDs SHOULD NOT use this term
and its definition because the definition
is vague, and there is no consensus on
an alternate definition.
privileged process 特権プロセス (I) An computer process that is RFC2828
authorized (and, therefore, trusted) to
perform some security-relevant
functions that ordinary processes are
not. (See: privilege, trusted process.)
PRMD Private Management Domain. An X.400 RFC1208
Message Handling System private
organization mail system. Example:
NASAmail. See ADMD.
PRMD PRMD See PRIVATE MANAGEMENT DOMAIN. RFC1330
procedural security 手続き的セキュリテ (D) ISDs SHOULD NOT use this term as RFC2828
ィ a synonym for "administrative security".
Any type of security may involve
procedures; therefore, the term may be
misleading. Instead, use "administrative
security", "communication security",
"computer security", "emanations
security", "personnel security", "physical
security", or whatever specific type is
meant. (See: security architecture.)
process プロセス A program in execution. A source or RFC793
destination of data from the point of view
of the TCP or other host-to-host
protocol.
processing 処理 The term "processing" indicates the RFC2532
action of rendering or transmitting the
contents of the message to a printer,
display device, or fax machine.
processing 処理確認 The term "processing confirmation" is an RFC2532
confirmation indication by the recipient of a message
that it is able to process the contents of
that message.
producer プロデューサ、生産 Producer is a class of membership that RFC1301
者 is a formal superset of a consumer. A
producer is permitted (and expected) to
transmit client data as well as consume
data transmitted by other producers.
Promotional Brand 販売促進ブランド A Promotional Brand means that, if the RFC2801
Consumer pays with that Brand, then the
Consumer will receive some additional
benefit which can be received in two
ways: -- at the time of purchase. For
example if a Consumer pays with a
"Walmart MasterCard" at a Walmart web
site, then a 5% discount might apply,
which means the Consumer actually pays
less, -- from their Payment Instrument
(card) issuer when the payment appears
on their statement. For example loyalty
points in a frequent flyer scheme could
be awarded based on the total payments
made with the Payment Instrument since
the last statement was issued. Each
Promotional Brand should be identified
as a separate Brand in the list of Brands
offered by the Merchant.
Property 特性、プロパティ Named descriptive information about a RFC2291
resource.
Property 特性、プロパティ A name/value pair that contains RFC2518
descriptive information about a resource.
Property 特性、プロパティ A component of a Usage Event. A Usage RFC2924
Event describing a phone call, for
instance, might have a "duration"
Property.
Proposed Standard 提案標準プロトコル These are protocol proposals that may RFC2300
Protocol be considered by the IESGfor
standardization in the future.
Implementation and testing byseveral
groups is desirable. Revision of the
Proprietary 私企業の a distributed tool that uses proprietary RFC1470
communications techniques to link its
components.
proprietary 私企業情報 (I) Refers to information (or other RFC2828
property) that is owned by an individual
or organization and for which the use is
restricted by that entity.
Prospero A distributed filesystem which provides RFC1983
the user with the ability to create
multiple views of a single collection of
files distributed across the Internet.
Prospero provides a file naming system,
and file access is provided by existing
access methods (e.g. anonymous FTP
and NFS). The Prospero protocol is also
used for communication between clients
and servers in the archie system. See
also: anonymous FTP, archie, archive
site, Gopher, Network File System, Wide
Area Information Servers.
protected checksum 保護検査合計 (I) A checksum that is computed for a RFC2828
data object by means that protect
against active attacks that would
attempt to change the checksum to
make it match changes made to the data
object. (See: digital signature, keyed
hash, (discussion under) checksum.
protected 保護分散システム (I) A wireline or fiber-optic system that RFC2828
distribution system includes sufficient safeguards (acoustic,
electric, electromagnetic, and physical)
to permit its use for unencrypted
transmission of (cleartext) data.
Protected network 保護ネットワーク A network segment or segments to which RFC2647
access is controlled by the DUT/SUT.
protection authority 保護認証 See: (secondary definition under) Internet RFC2828
Protocol Security Option.
protection ring 保護リング (I) One of a hierarchy of privileged RFC2828
operation modes of a system that gives
certain access rights to processes
authorized to operate in that mode.
protocol プロトコル A formal description of messages to be RFC1208
exchanged and rules to be followed for
two or more systems to exchange
information.
protocol プロトコル A formal description of message formats RFC1983
and the rules two computers must follow
to exchange those messages. Protocols
can describe low-level details of
machine-to-machine interfaces (e.g., the
order in which bits and bytes are sent
across a wire) or high-level exchanges
between allocation programs (e.g., the
way in which two programs transfer a file
across the Internet). [Source: MALAMUD]
Protocol プロトコル These are protocols that are unlikely to RFC2300
ever become standards inthe Internet
either because they have been
superseded by laterdevelopments or due
to lack of interest.
protocol プロトコル (I) A set of rules (i.e., formats and RFC2828
procedures) to implement and control
some type of association (e.g.,
communication) between systems. (E.g.,
see: Internet Protocol.)
(C) In particular, a series of ordered
steps involving computing and
communication that are performed by
two or more system entities to achieve a
joint objective. [A9042]
protocol プロトコル A particular protocol layer, as specified RFC2895
by encoding rules in this document.
Usually refers to a single layer in a given
encapsulation. Note that this term is
sometimes used in the RMON-2 MIB
[RFC2021] to name a fully-specified
protocol-identifier string
Protocol プロトコル In this document, the next higher level RFC791
protocol identifier, an internet header
protocol converter プロトコル変換器 A device/program which translates RFC1983
between different protocols which serve
similar functions (e.g. TCP and TP4).
Protocol Data Unit プロトコルデータ単 PDU is RFC1983
(PDU) 位 internationalstandardscomitteespeak for
packet. See also: packet.
protocol プロトコルカプセル Protocol encapsulations can be organized RFC2895
encapsulation tree 化木 into an inverted tree. The nodes of the
root are the base encapsulations. The
children nodes, if any, of a node in the
tree are the encapsulations of child
protocols.
protocol stack プロトコルスタック A layered set of protocols which work RFC1983
together to provide a set of network
functions. See also: layer, protocol.
Protocol State プロトコル状態 Every protocol listed in this document is RFC2300
assigned to a "maturitylevel" or STATE
of standardization: "standard", "draft
standard","proposed standard",
"experimental", or "historic".
protocol suite プロトコルスイート (I) A complementary collection of RFC2828
communication protocols used in a
computer network. (See: Internet, OSI.)
Protocol プロトコル翻訳 PT in this document refers to the RFC2766
Translation (PT) translation of an IPv4 packet into a
semantically equivalent IPv6 packet and
vice versa. Protocol translation details
are described in [SIIT].
protocolDirTable protocolDirTable A protocol-identifier and protocol- RFC2895
INDEX INDEX parameters octet string pair that have
been converted to an INDEX value,
according to the encoding rules in
section 7.7 of RFC 1902 [RFC1902].
ProtocolId ProtocolId The component of session identification RFC2205
that specifies the IP protocol number
used by the data stream.
protocol-identifier プロトコル識別子マ Also called a PI macro; A macro-like RFC2895
macro クロ textual construct used to describe a
particular networking protocol. Only
protocol attributes which are important
for RMON use are documented. Note
that the term 'macro' is historical, and PI
macros are not real macros
protocol-identifier プロトコル識別子文 An octet string representing a particular RFC2895
string 字列 protocol encapsulation, as specified by
the encoding rules in this document. This
string is identified in the RMON-2 MIB
[RFC2021] as the protocolDirID object.
A protocol-identifier string is composed
of one or m
protocol-parameter プロトコルパラメタ A single octet, corresponding to a RFC2895
specific layer-identifier in the protocol-
identifier. This octet is a bit-mask
indicating special functions or capabilities
that this agent is providing for the
corresponding protocol. (See section
3.2.6 for details.)
protocol- プロトコルパラメタ文 An octet string, which contains one RFC2895
parameters string 字列 protocol-parameter for each layer-
identifier in the protocol-identifier. This
string is identified in the RMON-2 MIB
[RFC2021] as the protocolDirParameters
object. (See the section 3.2.6 for details.)
protocol-variant- プロトコル変形識別 Also called a PI-variant macro; A special RFC2895
identifier macro 子マクロ kind of PI macro, used to describe a
particular protocol layer, which cannot be
identified with a deterministic, and
(usually) hierarchical structure, like most
networking protocols.
Note that the PI-variant macro
Provider プロバイダ The administrator of an ITAD. RFC2871
Provider DS domain プロバイダDSドメイン the DS-capable provider of services to a RFC2475
source domain.
Provisional response 臨時応答 A response used by the server to RFC2543
indicate progress, but that does not
terminate a SIP transaction. 1xx
responses are provisional, other
responses are considered final.
proxy プロキシ The mechanism whereby one system RFC1208
"fronts for" another system in
responding to protocol requests. Proxy
systems are used in network
management to avoid having to
implement full protocol stacks in simple
proxy プロキシ A mapping from an external name to a RFC1507
local account name for purposes of
establishing a set of local access rights.
Note that this differs from the definition
in ECMA TR/46.
proxy プロキシ An intermediary program which acts as RFC1945
both a server and a client for the
purpose of making requests on behalf of
other clients. Requests are serviced
internally or by passing them, with
possible translation, on to other servers.
A proxy must interpret and, if necessary,
rewrite a request message before
forwarding it. Proxies are often used as
client-side portals through network
firewalls and as helper applications for
handling requests via protocols not
implemented by the user agent.
proxy プロキシ An intermediary program which acts as RFC2295
both a server and a client for the
purpose of making requests on behalf of
other clients. Requests are serviced
internally or by passing them on, with
possible translation, to other servers. A
proxy must implement both the client
and server requirements of this
proxy プロキシ a router that responds to Neighbor RFC2461
Discovery query messages on behalf of
another node. A router acting on behalf
of a mobile node that has moved off-link
could potentially act as a proxy for the
mobile node.
proxy プロキシ A 'proxy' is an intermediary program RFC2594
which acts as both a server and a client
for the purpose of making requests on
behalf of other clients. Requests are
serviced internally or by passing them on,
with possible translation, to other servers.
proxy プロキシ An intermediary program which acts as RFC2616
both a server and a client for the
purpose of making requests on behalf of
other clients. Requests are serviced
internally or by passing them on, with
possible translation, to other servers. A
proxy MUST implement both the client
and server requirements of this
specification. A "transparent proxy" is a
proxy that does not modify the request
or response beyond what is required for
proxy authentication and identification. A
"non-transparent proxy" is a proxy that
modifies the request or response in order
to provide some added service to the
user agent, such as group annotation
services, media type transformation,
protocol reduction, or anonymity filtering.
Except where either transparent or non-
transparent behavior is explicitly stated,
the HTTP proxy requirements apply to
both types of proxies.
Proxy プロキシ A request for a connection made on RFC2647
behalf of a host.
proxy ARP プロキシARP The technique in which one machine, RFC1208
usually a router, answers ARP requests
intended for another machine. By
"faking" its identity, the router accepts
responsibility for routing packets to the
"real" destination. Proxy ARP allows a
site to use a single IP address with two
physical networks. Subnetting would
normally be a better solution.
proxy ARP プロキシARP The technique in which one machine, RFC1983
usually a router, answers ARP requests
intended for another machine. By
"faking" its identity, the router accepts
responsibility for routing packets to the
"real" destination. Proxy ARP allows a
site to use a single IP address with two
physical networks. Subnetting would
normally be a better solution. See also:
Address Resolution Protocol [Source:
RFC1208]
proxy server プロキシサーバ A SIP device which receives invitations RFC2824
and other requests, and forwards them to
other SIP devices. It then receives the
responses to the requests it forwarded,
and forwards them back to the sender of
the initial request.
proxy server プロキシサーバ (I) A computer process--often used as, RFC2828
or as part of, a firewall-- that relays a
protocol between client and server
computer systems, by appearing to the
client to be the server and appearing to
the server to be the client. (See: SOCKS.)
(C) In a firewall, a proxy server usually
runs on a bastion host, which may
support proxies for several protocols
(e.g., FTP, HTTP, and TELNET). Instead
of a client in the protected enclave
connecting directly to an external server,
the internal client connects to the proxy
server which in turn connects to the
external server. The proxy server waits
for a request from inside the firewall,
forwards the request to the remote
server outside the firewall, gets the
response, then sends the response back
to the client. The proxy may be
transparent to the clients, or they may
need to connect first to the proxy
server, and then use that association to
also initiate a connection to the real
server.
(C) Proxies are generally preferred over
SOCKS for their ability to perform
caching, high-level logging, and access
Proxy, proxy server プロキシ, An intermediary program that acts as RFC2543
プロキシサーバ both a server and a client for the
purpose of making requests on behalf of
other clients. Requests are serviced
internally or by passing them on, possibly
after translation, to other servers. A
proxy interprets, and, if necessary,
rewrites a request message before
Pseudonode 擬似ノード Where a broadcast subnetwork has n RFC1142
connected Intermediate systems, the
broadcast subnetwork itself is considered
to be a pseudonode. The pseudonode has
links to each of the n Intermediate
systems and each of the ISs has a single
link to the pseudonode (rather than n-1
links to each of the other Intermediate
systems). Link State PDUs are generated
on behalf of the pseudonode by the
Designated IS.
pseudo-protocol 擬似プロトコル A convention or algorithm used only RFC2895
within this document for the purpose of
encoding protocol-identifier strings.
pseudo-random 擬似乱数 (I) A sequence of values that appears to RFC2828
be random (i.e., unpredictable) but is
actually generated by a deterministic
algorithm. (See: random.)
pseudo-random 擬似乱数発生器 (I) A process used to deterministically RFC2828
number generator generate a series of numbers (usually
integers) that appear to be random
according to certain statistical tests, but
actually are pseudo-random.
(C) Pseudo-random number generators
are usually implemented in software.
PSI PSI Performance Systems International, Inc.; RFC1943
operator of the Internet White Pages
Project
PSN PSN Packet Switch Node. The modern term RFC1208
used for nodes in the ARPANET and
MILNET. These used to be called IMPs
(Interface Message Processors). PSNs
are currently implemented with BBN C30
or C300 minicomputers.
PSN PSN See: Packet Switch Node. RFC1983
pstn-email PSTN(公衆電話網) The complete structure used to transfer RFC2303
電子メール a minimal PSTN address over the
Internet e-mail transport system is
called "pstn-email". This object is a an e-
mail address which conforms to RFC822
[2] and RFC1123 [3] "addr-spec" syntax,
with some extra structure which allows
the PSTN number to be identified. pstn-
email = ["/"] pstn-address ["/"] "@"
mta-I-pstn
PTT PTT See: Postal, Telegraph and Telephone RFC1983
public component 公開要素 (I) A synonym for "public key". RFC2828
(D) In most cases, ISDs SHOULD NOT
use this term; to avoid confusing readers,
use "private key" instead. However, the
term MAY be used when specifically
discussing a key pair; e.g., "A key pair
has a public component and a private
component."
public key 公開鍵 Cryptographic key used in asymmetric RFC1507
cryptography to encrypt messages
and/or verify signatures.
public key 公開鍵 Modulus and public exponent. RFC2313
public key 公開鍵 (I) The publicly-disclosable component of RFC2828
a pair of cryptographic keys used for
asymmetric cryptography. (See: key pair,
private key.)
(O) "(In a public key cryptosystem) that
key of a user's key pair which is publicly
known." [X509]
public key 公開鍵暗号化 A class of cryptographic techniques RFC2246
cryptography employing two-key ciphers. Messages
encrypted with the public key can only
be decrypted with the associated private
key. Conversely, messages signed with
the private key can be verified with the
public key.
Public Loop Device 公衆ループ装置 A device whose Area and Domain RFC2625
components of the NL_Port ID cannot be
0x0000. Additionally, to be FLA
compliant, the device must attempt to
open AL_PA 0x00 and attempt FLOGI.
These devices communicate with devices
on the local loop as well as devices on
the other side of a Fabric.
Public Network 公衆網 The Internet at large. Hosts are able to RFC2356
communicate with eachother throughout
the public network without firewall-
imposedrestrictions.
Public/Global/Exter 公衆/広域/外部網 A Global or Public Network is an address RFC2663
nal network realm with unique network addresses
assigned by Internet Assigned Numbers
Authority (IANA) or an equivalent
address registry. This network is also
referred as External network during NAT
public-key 公開鍵 A publically distributable value that is RFC2522
part of an asymmetric public/private key-
public-key 公開鍵認証 (I) A digital certificate that binds a RFC2828
certificate system entity's identity to a public key
value, and possibly to additional data
items; a digitally-signed data structure
that attests to the ownership of a public
key. (See: X.509 public-key certificate.)
(C) The digital signature on a public-key
certificate is unforgeable. Thus, the
certificate can be published, such as by
posting it in a directory, without the
directory having to protect the
certificate's data integrity.
(O) "The public key of a user, together
with some other information, rendered
unforgeable by encipherment with the
privatekey of the certification authority
which issued it." [X509]
public-key 公開鍵暗号化 (I) The popular synonym for "asymmetric RFC2828
cryptography cryptography".
Public-Key 公開鍵暗号化規格( (I) A series of specifications published by RFC2828
Cryptography PKCS) RSA Laboratories for data structures
Standards (PKCS) and algorithm usage for basic
applications of asymmetric cryptography.
(See: PKCS #7, PKCS #10, PKCS #11.)
(C) The PKCS were begun in 1991 in
cooperation with industry and academia,
originally including Apple, Digital, Lotus,
Microsoft, Northern Telecom, Sun, and
MIT. Today, the specifications are widely
used, but they are not sanctioned by an
official standards organization, such as
ANSI, ITU-T, or IETF. RSA Laboratories
retains sole decision-making authority
over the PKCS.
public-key forward 公開鍵前方機密 (I) For a key agreement protocol based RFC2828
secrecy (PFS) on asymmetric cryptography, the
property that ensures that a session key
derived from a set of long-term public
and private keys will not be compromised
if one of the private keys is compromised
in the future.
(C) Some existing RFCs use the term
"perfect forward secrecy" but either do
not define it or do not define it precisely.
While preparing this Glossary, we tried to
find a good definition for that term, but
found this to be a muddled area. Experts
did not agree. For all practical purposes,
the literature defines "perfect forward
secrecy" by stating the Diffie-Hellman
algorithm. The term "public-key forward
secrecy" (suggested by Hilarie Orman)
and the "I" definition stated for it here
were crafted to be compatible with
current Internet documents, yet be
narrow and leave room for improved
terminology.
(C) Challenge to the Internet security
community: We need a taxonomy--a
family of mutually exclusive and
collectively exhaustive terms and
definitions to cover the basic properties
discussed here--for the full range of
cryptographic algorithms and protocols
used in Internet Standards:
public-key 公開鍵基盤(PKI) (I) A system of CAs (and, optionally, RAs RFC2828
infrastructure (PKI) and other supporting servers and agents)
that perform some set of certificate
management, archive management, key
management, and token management
functions for a community of users in an
application of asymmetric cryptography.
(See: hierarchical PKI, mesh PKI, security
management infrastructure, trust-file
PKI.)
(O) PKIX usage: The set of hardware,
software, people, policies, and
procedures needed to create, manage,
store, distribute, and revoke digital
certificates based on asymmetric
cryptography.
(C) The core PKI functions are (a) to
register users and issue their public-key
certificates, (b) to revoke certificates
when required, and (c) to archive data
needed to validate certificates at a much
later time. Key pairs for data
confidentiality may be generated (and
perhaps escrowed) by CAs or RAs, but
requiring a PKI client to generate its own
digital signature key pair helps maintain
system integrity of the cryptographic
system, because then only the client
ever possesses the private key it uses.
pull model プルモデル In the "pull" model, the program on A RFC2371
merely sends a message to B on the
order of "Do some work, and make it
part of the transaction that my TM
knows by the name ...". The program on
B asks its TM to enlist in the
transaction. At that time, B's TM will
"pull" the transaction over from A. As a
result of this pull, A's TM knows to
involve B's TM in the two-phase commit
PUSH プッシュ A control bit occupying no sequence RFC793
space, indicating that this segment
contains data that must be pushed
through to the receiving user.
push model プッシュモデル In the "push" model, the program on A RFC2371
first asks his transaction manager to
export the transaction to node B. A's
transaction manager sends a message to
B's TM asking it to instantiate the
transaction as a subordinate of A, and
return its name for the transaction. The
program on A then sends a message to
its counterpart on B on the order of "Do
some work, and make it part of the
transaction that your transaction
manager already knows of by the name
...". Because A's TM knows that it sent
the transaction to B's TM, A's TM knows
to involve B's TM in the two-phase
commit process.
QAM QAM Quadrature Amplitude Modulation. A RFC2670
particular modulation scheme on on RF
medium. Usually expressed with a
number indicating the size of the
modulation constellation (e.g. 16 QAM).
See [19], or any other book on digital
communications over RF for a complete
QCIF QCIF Quarter CIF source format with 176 x RFC2190
144 pixels for luminance and 88 x 72
pixels for chrominance.
QNAME QNAME the name in the query section of an RFC2308
answer, or where thisresolves to a
CNAME, or CNAME chain, the data field
of the lastCNAME. The last CNAME in
this sense is that which contains a
valuewhich does not resolve to another
CNAME. Implementations should
notethat including CNAME records in
responses in order, so that the firsthas
the label from the query section, and
then each in sequence hasthe label from
the data section of the previous (where
more than oneCNAME is needed) allows
the sequence to be processed in one
pass, andconsiderably eases the task of
the receiver. Other relevant
records(such as SIG RRs [RFC2065])
can be interspersed amongst the
QoS QoS Quality of Service. RFC2205
QoS Signaling QoS信号プロトコル A signaling protocol that carries an RFC2753
Protocol admission control request for a resource,
e.g., RSVP.
QoS-based routing QoSに基づくルーテ A routing mechanism under which paths RFC2386
ィング for flowsare determined based on some
knowledge of resource availability inthe
network as well as the QoS requirement
of flows.
QPSK QPSK Quadrature Phase Shift Keying. A RFC2670
particular modulation scheme on an RF
medium. See [19].
Quality of Service サービス品質(QoS) In the context of this document, quality RFC2216
(QoS) of service refers to the nature of the
packet delivery service provided, as
described by parameters such as
achieved bandwidth, packet delay, and
packet loss rates. Traditionally, the
Internet has offered a single quality of
service, best-effort delivery, with
available bandwidth and delay
characteristics dependent on
instantaneous load. Control over the
quality of service seen by applications is
exercised by adequate provisioning of the
network infrastructure. In contrast, a
network with dynamically controllable
quality of service allows individual
application sessions to request network
packet delivery characteristics according
to their perceived needs, and may
provide different qualities of service to
different applications. It should be
understood that there is a range of
useful possibilities between the two
endpoints of providing no dynamic QoS
control at all and providing extremely
Quality-of-Service サービス品質(QoS) A set of service requirements to be met RFC2386
(QoS) bythe network while transporting a flow.
query routing 問合わせルーティン Based on reference to indexing RFC2651
グ information, redirecting and replicating
queries through a distributed database
system towards the servers holding the
actual results.
queue キュー A backup of packets awaiting processing. RFC1983
Quick-Net-Connect 即時ネット接続(QNC An IS-707 data service capability that RFC2636
(QNC) ) utilizes the Async Data Service Option
number but bypasses the modem
connection for a direct connection to an
IP-based internet.
Quick-Net-Connect 即時ネット接続(QNC An IS-707 data service capability that RFC2637
(QNC) ) utilizes the Async Data Service Option
number but bypasses the modem
connection for a direct connection to an
IP-based internet.
QUIPU QUIPU X.500 Directory implementation RFC1943
developed by Colin Robbins while at the
University College of London.
RA RA registration authority, i.e., an optional RFC2585
system to which a CA delegates certain
management functions.
RA RA See: registration authority. RFC2828
RA domains RAドメイン (I) A capability of a CAW that allows a RFC2828
CA to divide the responsibility for
certification requests among multiple RAs.
(C) This capability might be used to
restrict access to private authorization
data that is provided with a certification
request, and to distribute the
responsibility to review and approve
certification requests in high volume
environments. RA domains might
segregate certification requests
according to an attribute of the
certificate subject, such as an
rading Block Trading A Trading Block consists of one or more RFC2801
Blockの間違いでは? Trading Components. One or more
? Trading Blocks may be contained within
the IOTP Messages which are physically
sent in the form of [XML] documents
between the different Trading Roles that
are taking part in a trade. Trading Blocks
are of three main types: -- a Request
Block, -- an Exchange Block, or -- a
Response Block
RADIUS RADIUS See: Remote Authentication Dial-In User RFC2828
Service.
RADIUS RADIUS認証サーバ This is a server which provides for RFC2809
authentication authentication/authorization
server via the protocol described in
[1].
RADIUS proxy RADIUSプロキシ In order to provide for the routing of RFC2607
RADIUS authentication and accounting
requests, a RADIUS proxy can be
employed. To the NAS, the RADIUS
proxy appears to act as a RADIUS
server, and to the RADIUS server, the
proxy appears to act as a RADIUS client.
RADIUS proxy RADIUSプロキシ In order to provide for the routing of RFC2809
RADIUS
authentication requests, a
RADIUS proxy can be employed.
To the NAS, the RADIUS
proxy appears to act as a RADIUS
server, and to the RADIUS
server, the proxy appears to act
as a RADIUS client. Can be
used to locate the tunnel
endpoint when realm-based
tunneling is used.
RADIUS server RADIUSサーバ This is a server which provides for RFC2607
authentication/authorization via the
protocol described in [3], and for
accounting as described in [4].
Rainbow Series 虹色シリーズ (O) A set of more than 30 technical and RFC2828
policy documents with colored covers,
issued by the NCSC, that discuss in
detail the TCSEC and provide guidance
for meeting and applying the criteria.
(See: Green Book, Orange Book, Red
Book, Yellow Book.)
random 無作為 (I) General usage: In mathematics, RFC2828
random means "unpredictable". A
sequence of values is called random if
each successive value is obtained merely
by chance and does not depend on the
preceding values of the sequence, and a
selected individual value is called random
if each of the values in the total
population of possibilities has equal
probability of being selected. [Knuth]
(See: cryptographic key, pseudo-random,
random number generator.)
(I) Security usage: In cryptography and
other security applications, random
means not only unpredictable, but also
"unguessable". When selecting data
values to use for cryptographic keys,
"the requirement is for data that an
adversary has a very low probability of
guessing or determining." It is not
sufficient to use data that "only meets
traditional statistical tests for
randomness or which is based on limited
range sources, such as clocks.
Frequently such random quantities are
determinable [i.e., guessable] by an
adversary searching through an
embarrassingly small space of
random delay 無作為遅延 when sending out messages, it is RFC2461
sometimes necessary to delay a
transmission for a random amount of
time in order to prevent multiple nodes
from transmitting at exactly the same
time, or to prevent long-range periodic
transmissions from synchronizing with
each other [SYNC]. When a random
component is required, a node calculates
the actual delay in such a way that the
computed delay forms a uniformly-
distributed random value that falls
between the specified minimum and
maximum delay times. The implementor
must take care to insure that the
granularity of the calculated random
component and the resolution of the
timer used are both high enough to
insure that the probability of multiple
nodes delaying the same amount of time
is small.
random delay seed 無作為遅延速度 If a pseudo-random number generator is RFC2461
used in calculating a random delay
component, the generator should be
initialized with a unique seed prior to
being used. Note that it is not sufficient
to use the interface token alone as the
seed, since interface tokens will not
always be unique. To reduce the
probability that duplicate interface
tokens cause the same seed to be used,
the seed should be calculated from a
variety of input sources (e.g., machine
components) that are likely to be
different even on identical "boxes". For
example, the seed could be formed by
combining the CPU's serial number with
an interface token.
random number 乱数発生器 (I) A process used to generate an RFC2828
generator unpredictable, uniformly distributed
series of numbers (usually integers).
(See: pseudo-random, random.)
(C) True random number generators are
hardware-based devices that depend on
the output of a "noisy diode" or other
physical phenomena. [R1750]
RAR RAR The international committee comprising RFC1210
representatives of European National and
international research networks.
RARE RARE Reseaux Associes pour la Recherche RFC1208
Europeenne. European association of
research networks.
RARE RARE Reseaux Associes pour la Recherche RFC1983
Europeenne. See: Trans- European
Research and Education Networking
Association.
RARP RARP Reverse Address Resolution Protocol. RFC1208
The Internet protocol a diskless host
uses to find its Internet address at
startup. RARP maps a physical
(hardware) address to an Internet
RARP RARP See: Reverse Address Resolution RFC1983
RAS RAS The Registration, Admission and Status RFC2824
messages communicated between two
H.323 entities, for example between an
endpoint and a gatekeeper.
RBAC RBAC See: Role-Based Access Control. RFC2828
RBOC RBOC Regional Bell Operating Company. See RFC1208
BOC.
RBOC RBOC Regional Bell Operating Company RFC1983
RC2 RC2 A block cipher developed by Ron Rivest RFC2246
at RSA Data Security, Inc. [RSADSI]
described in [RC2].
RC2, RC4 RC2, RC4 See: Rivest Cipher #2, Rivest Cipher #4. RFC2828
RC4 RC4 A stream cipher licensed by RSA Data RFC2246
Security [RSADSI]. A compatible cipher
is described in [RC4].
RCID RCID Cluster ID RFC1862
RCV.NXT RCV, NXT receive next sequence number RFC793
RCV.UP RCV, UP receive urgent pointer RFC793
RCV.WND RCV, WND receive window RFC793
RDN RDN See RELATIVE DISTINGUISHED NAME. RFC1330
RDN RDN Relative Distinguished Name; a unique RFC1943
identifier for each list subject, defined by
the hierarchy of the DSA.
RDP RDP The Reliable Data Protocol (RDP) is a RFC909
transport layer protocol designed as a
low-overhead alternative to TCP. RDP is
a connection oriented protocol that
provides reliable, sequenced message
delivery.
reachability 到達可能性 whether or not the one-way "forward" RFC2461
path to a neighbor is functioning properly.
In particular, whether packets sent to a
neighbor are reaching the IP layer on the
neighboring machine and are being
processed properly by the receiving IP
layer. For neighboring routers,
reachability means that packets sent by
a node's IP layer are delivered to the
router's IP layer, and the router is indeed
forwarding packets (i.e., it is configured
as a router, not a host). For hosts,
reachability means that packets sent by
a node's IP layer are delivered to the
neighbor host's IP layer.
reachability 到達可能情報 information describing the set of RFC2185
information reachable destinations that can be used
for packet forwarding decisions.
Read The F*cking ?? This acronym is often used when RFC1983
Manual (RTFM) someone asks a simple or common
question.
Read The Source ソースコード参照 This acronym is often used when a RFC1983
Code (RTSC) software developer asks a question
about undocumented code.
realm レルム (O) Kerberos usage: The domain of RFC2828
authority of a Kerberos server
(consisting of an authentication server
and a ticket-granting server), including
the Kerberized clients and the Kerberized
application servers
Real-time 実時間課金 Real-time accounting involves the RFC2977
Accounting processing of information on resource
usage within a defined time window.
Time constraints are typically imposed in
order to limit financial risk.
reassembly 再組立て The IP process in which a previously RFC1983
fragmented packet is reassembled before
being passed to the transport layer. See
also: fragmentation.
Receipt Component 受端要素 A Receipt Component is a record of the RFC2801
successful completion of a Trading
Exchange. Examples of Receipt
Components include: Payment Receipts,
and Delivery Notes. It's content may
dependent on the technology used to
perform the Trading Exchange. For
example a Secure Electronic Transaction
(SET) payment receipt consists of SET
payment messages which record the
result of the payment.
receive next 次に受信するシーケ This is the next sequence number the RFC793
sequence number ンス番号 local TCP is expecting to receive.
receive window 受信ウィンドウ This represents the sequence numbers RFC793
the local (receiving) TCP is willing to
receive. Thus, the local TCP considers
that segments overlapping the range
RCV.NXT to RCV.NXT + RCV.WND - 1
carry acceptable data or control.
Segments containing sequence numbers
entirely outside of this range are
considered duplicates and discarded.
Receiver 受信器 A system component (device or program) RFC 2703
which receives a message.
receiver 受信器 A receiver is assumed to have a `quality' RFC2354
ranking of the differing encodings, and so
is capable of choosing the `best' unit for
playout, given multiple options.
receiver 受信器 The term "receiver" refers to the IPP RFC2639
object that receives a request and to a
client that receives a response.
RECEIVER 受信器の最大素片 The RMSS is the size of the largest RFC2581
MAXIMUM サイズ(RMSS) segment the receiver is willing to accept.
SEGMENT SIZE This is the value specified in the MSS
(RMSS) option sent by the receiver during
connection startup. Or, if the MSS option
is not used, 536 bytes [Bra89]. The size
does not include the TCP/IP headers
and options.
RECEIVER 受信器ウィンドウ(rw The most recently advertised receiver RFC2581
WINDOW (rwnd) nd) window.
Receiver Window 受信器ウィンドウ(rw An SCTP variable a data sender uses to RFC2960
(rwnd) nd) store the most recently calculated
receiver window of its peer, in number of
bytes. This gives the sender an
indication of the space available in the
receiver's inbound buffer.
Receiver-initiated 受信器起動の転送 A message transmission which is RFC 2703
transmission requested by the eventual receiver of
the message. Sometimes described as
'pull' messaging. E.g. an HTTP GET
receiver-SMTP 受信器のSMTP処理 A process which transfers mail in RFC821
process cooperation with a sender-SMTP
process. It waits for a connection to be
established via the transport service. It
receives SMTP commands from the
sender-SMTP, sends replies, and
performs the specified operations.
Receiving agent 受信エージェント software that interprets and processes RFC2632
S/MIME CMS objects, MIME body parts
that contain CMS objects, or both.
Receiving agent 受信エージェント software that interprets and processes RFC2633
S/MIME CMS objects, MIME body parts
that contain CMS objects, or both.
RECIPIENT 受端 A user, a human being or computer RFC1330
process, who receives a message from
the Message Handling System (MHS).
recipient 受端 The term "recipient" indicates the RFC2532
device which performs the processing
function. For example, a recipient could
be implemented as a traditional Mail User
Agent on a PC, a standalone device
which retrieves mail using POP3 or
IMAP, an SMTP server which prints
incoming messages (similar to an LPR
RECIPIENT USER 受端利用者エージェ A User Agent (UA) to which a message is RFC1330
AGENT ント delivered or that is specified for delivery.
Recommended 推奨プロトコル A system should implement the RFC2300
Protocol recommended protocols.
record レコード A sequential file may be structured as a RFC959
number of contiguous parts called
records. Record structures are
supported by FTP but a file need not
have record structure.
Recorded Sequence 記録済みシーケンス The highest sequence number found in a RFC2894
Number 番号 valid message MUST be recorded in non-
volatile storage. Note that "matches" is
a transitive relation but not symmetric. If
two prefixes match each other, they are
identical.
recursive 巡回的 See: recursive RFC1983
recursive 巡回的カプセル化 encapsulation of a packet that reenters a RFC2473
encapsulation tunnel before exitingit.
RED RED (I) Designation for information system RFC2828
equipment or facilities that handle (and
for data that contains) only plaintext (or,
depending on the context, classified
information), and for such data itself.
This term derives from U.S. Government
COMSEC terminology. (See: BLACK,
RED/BLACK separation.)
Red Book レッドブック (D) ISDs SHOULD NOT use this term as RFC2828
a synonym for "Trusted Network
Interpretation of the Trusted Computer
System Evaluation Criteria" [NCS05].
Instead, use the full proper name of the
document or, in subsequent references, a
more conventional abbreviation. (See:
TCSEC, Rainbow Series, (usage note
under) Green Book.)
RED/BLACK 赤黒分離 (I) An architectural concept for RFC2828
separation cryptographic systems that strictly
separates the parts of a system that
handle plaintext (i.e., RED information)
from the parts that handle ciphertext
(i.e., BLACK information). This term
derives from U.S. Government COMSEC
terminology. (See: BLACK, RED.)
Redirect server リダイレクトサーバ A redirect server is a server that RFC2543
accepts a SIP request, maps the address
into zero or more new addresses and
returns these addresses to the client.
Unlike a proxy server, it does not initiate
its own SIP request. Unlike a user agent
server , it does not accept calls.
redirect server リダイレクトサーバ A SIP device which responds to RFC2824
invitations and other requests by
informing the request originator of an
alternate address to which the request
should be sent.
Re-encapsulation 再カプセル化スルー The maximum rate at which frames of RFC2432
Throughput (RET) プット one encapsulated format offered a DUT
are converted to another encapsulated
format and correctly forwarded by the
DUT without loss.
Reference レファレンス a tool for documenting MIB structure or RFC1470
system configuration.
reference monitor 参照モニタ (I) "An access control concept that RFC2828
refers to an abstract machine that
mediates all accesses to objects by
subjects." [NCS04] (See: security kernel.)
(C) A reference monitor should be (a)
complete (i.e., it mediates every access),
(b) isolated (i.e., it cannot be modified by
other system entities), and (c) verifiable
(i.e., small enough to be subjected to
analysis and tests to ensure that it is
correct).
REFERRAL リフェラル A referral is an outcome which can be RFC1330
returned by a Directory System Agent
(DSA) which cannot perform an operation
itself, and which identifies one or more
other DSAs more able to perform the
operation.
referral chain リフェラルチェーン The set of referrals generated by the RFC2651
process of routing a query. See query
routing.
reflection attack リフェラル攻撃 (I) A type of replay attack in which RFC2828
transmitted data is sent back to its
originator.
regional リジョナル See: mid-level network RFC1983
register, registration 登録 (I) An administrative act or process RFC2828
whereby an entity's name and other
attributes are established for the first
time at a CA, prior to the CA issuing a
digital certificate that has the entity's
name as the subject. (See: registration
authority.)
(C) Registration may be accomplished
either directly, by the CA, or indirectly,
by a separate RA. An entity is presented
to the CA or RA, and the authority either
records the name(s) claimed for the
entity or assigns the entity's name(s).
The authority also determines and
records other attributes of the entity
that are to be bound in a certificate
(such as a public key or authorizations)
or maintained in the authority's database
(such as street address and telephone
number). The authority is responsible,
possibly assisted by an RA, for
authenticating the entity's identity and
verifying the correctness of the other
attributes, in accordance with the CA's
CPS.
(C) Among the registration issues that a
CPS may address are the following
[R2527]:
- How a claimed identity and other
attributes are verified.
Registrar 登録簿 - How organization affiliation or
A registrar is a server that accepts RFC2543
REGISTER requests. A registrar is
typically co-located with a proxy or
redirect server and MAY offer location
services.
Registration 登録オーソリティ(RA An entity that is responsible for RFC2527
authority (RA) ) identification and authentication of
certificate subjects, but that does not
sign or issue certificates (i.e., an RA is
delegated certain tasks on behalf of a
CA). [Note: The term Local Registration
Authority (LRA) is used elsewhere for
the same concept.]
registration Registration (I) An optional PKI entity (separate from RFC2828
authority (RA) authority (RA) the CAs) that does not sign either digital
certificates or CRLs but has
responsibility for recording or verifying
some or all of the information
(particularly the identities of subjects)
needed by a CA to issue certificates and
CRLs and to perform other certificate
management functions. (See:
organizational registration authority,
registration.)
(C) Sometimes, a CA may perform all
certificate management functions for all
end users for which the CA signs
certificates. Other times, such as in a
large or geographically dispersed
community, it may be necessary or
desirable to offload secondary CA
functions and delegate them to an
assistant, while the CA retains the
primary functions (signing certificates
and CRLs). The tasks that are delegated
to an RA by a CA may include personal
authentication, name assignment, token
distribution, revocation reporting, key
generation, and archiving. An RA is an
optional PKI component, separate from
the CA, that is assigned secondary
functions. The duties assigned to RAs
vary from case to case but may include
regrade 復帰 (I) following:
theDeliberately change the classification RFC2828
level of information in an authorized
manner.
Regular header 通常ヘッダ A normal, uncompressed, header. Does RFC2507
not carry CID or generation association.
Rejected traffic 削除されたトラフィッ Packets dropped as a result of the rule RFC2647
ク set of the DUT/SUT.
rekey 鍵変更 (I) Change the value of a cryptographic RFC2828
key that is being used in an application of
a cryptographic system. (See: certificate
rekey.)
(C) For example, rekey is required at the
end of a cryptoperiod orkey lifetime.
Relational Database リレーショナルデータ A collection of integrated services which RFC1697
Management ベース管理システム support database management and
System (RDBMS) together support and control the
creation, use and maintenance of
relational databases. Servers as defined
in this MIB provide the functions of the
RELATIVE 相対分離名 A Relative Distinguished Name (RDN) is RFC1330
DISTINGUISHED a set of attribute value assertions, each
NAME of which is true, concerning the
distinguished values of a particular entry.
Relative URI, 相対URI, 相対URI See HTML 2 [HTML2] and RFC 1808 RFC2557
RelativeURI [RELURL].
RELAYING 中継 The interaction by which one Message RFC1330
Transfer Agent (MTA) transfers to
another MTA the content of a message
plus the relaying envelope.
RELAYING 中継エンベロープ The envelope which contains the RFC1330
ENVELOPE information related to the operation of
the Message Transfer System (MTS) plus
the service elements requested by the
originating User Agent (UA).
RELAY-MTA 中継MTA An X.400 MTA serving one or several RFC1465
MHS domains. Note that the term WEP -
Well Known Entry Point- has been used
since the early X.400ies (1987/88) until
now, giving the wrong impression of a
single entry point (and therefore a single
point of failure). This document proposes
to use the term RELAY-MTA, reflecting
more clearly the functionality of the MTA.
reliability 信頼性 (I) The ability of a system to perform a RFC2828
required function under stated conditions
for a specified period of time. (See:
availability, survivability.)
Relying party 信頼パーティ A recipient of a certificate who acts in RFC2527
reliance on that certificate and/or digital
signatures verified using that certificate.
In this document, the terms "certificate
user" and "relying party" are used
interchangeably.
relying party 信頼パーティ (N) A synonym for "certificate user". RFC2828
Used in a legal context to mean a
recipient of a certificate who acts in
reliance on that certificate. (See: ABA
Guidelines.)
Re-mark リマーク to change the DS codepoint of a packet, RFC2475
usually performed by a marker in
accordance with a TCA.
Remote Access 遠隔アクセスソフトウ This software allows a computer to use a RFC2504
Software ェア modem to connect toanother system. It
also allows a computer to 'listen' for
callson a modem (this computer provides
'remote access service'.)Remote access
software may provide access to a single
computer orto a network.
Remote 遠隔証明ダイアルイ (I) An Internet protocol [R2138] for RFC2828
Authentication Dial- ン利用者サービス carrying dial-in users' authentication
In User Service information and configuration information
(RADIUS) between a shared, centralized
authentication server (the RADIUS
server) and a network access server (the
RADIUS client) that needs to
authenticate the users of its network
access ports. (See: TACACS.)
(C) A user of the RADIUS client presents
authentication information to the client,
and the client passes that information to
the RADIUS server. The server
authenticates the client using a shared
secret value, then checks the user's
authentication information, and finally
returns to the client all authorization and
configuration information needed by the
client to deliver service to the user.
Remote Hardware 遠隔ハードウェア網 A physical network which is separated RFC919
Network from the host by at least one gateway.
Remote Hardware 遠隔ハードウェア網 A physical network which is separated RFC922
Network from the host by at least one gateway.
Remote Log In 遠隔ログイン If an end-user uses a network to log in RFC2504
to a system, this act isknown as remote
log in.
remote login 遠隔ログイン Operating on a remote computer, using a RFC1983
protocol over a computer network, as
though locally attached. See also: Telnet.
Remote Procedure 遠隔プロシジァ呼出 An easy and popular paradigm for RFC1983
Call (RPC) し(RPC) implementing the client-server model of
distributed computing. In general, a
request is sent to a remote system to
execute a designated procedure, using
arguments supplied, and the result
returned to the caller. There are many
variations and subtleties in various
implementations, resulting in a variety of
different (incompatible) RPC protocols.
[Source: RFC1208]
remote program 遠隔プログラム It implements one or more remote RFC1057
procedures.
remote program 遠隔プログラム A remote program implements one or RFC1831
more remote procedures; the procedures,
their parameters, and results are
documented in the specific program's
protocol specification.
Remote System 遠隔システム An end-system or router attached to a RFC2661
remote access network (i.e. a PSTN),
which is either the initiator or recipient
of a call. Also referred to as a dial-up or
virtual dial-up client.
remote variant 遠隔変分選択アル A standardized algorithm by which a RFC2295
selection algorithm ゴリズム server can sometimes choose a best
variant on behalf of a negotiating user
agent. The algorithm typically computes
whether the Accept- headers in the
request contain sufficient information to
allow a choice, and if so, which variant is
the best variant. The use of a remote
algorithm can speed up the negotiation
process.
Remove Service 遠隔サービス Any service which accepts dial-up RFC2217
connections, including fax machines.
renew 更新 See: certificate renewal. RFC2828
repeater レピータ A device which propagates electrical RFC1208
signals from one cable to another without
making routing decisions or providing
packet filtering. In OSI terminology, a
repeater is a Physical Layer intermediate
system. See bridge and router.
repeater レピータ A device which propagates electrical RFC1983
signals from one cable to another. See
also: bridge, gateway, router.
Replay Attack 再生攻撃 An attack on an authentication system RFC1704
by recording and replaying previously
sent valid messages (or parts of
messages). Any constant authentication
information, such as a password or
electronically transmitted biometric data,
can be recorded and used later to forge
messages that appear to be authentic.
replay attack 再生攻撃 (I) An attack in which a valid data RFC2828
transmission is maliciously or
fraudulently repeated, either by the
originator or by an adversary who
intercepts the data and retransmits it,
possibly as part of a masquerade attack.
(See: active wiretapping.)
reply 応答 A reply is an acknowledgment (positive RFC821
or negative) sent from receiver to sender
via the transmission channel in response
to a (including error codes) followed by a
text string. The codes are for use by
programs and the text is usually intended
for human users.
reply 応答 A reply is an acknowledgment (positive RFC959
or negative) sent from server to user via
the control connection in response to
FTP commands. The general form of a
reply is a completion code (including
error codes) followed by a text string.
The codes are for use by programs and
the text is usually intended for human
Reportable event 報告可能事象 an event that is deemed of interest to a RFC1759
management station watching the printer
Repository レポジトリ a system or collection of distributed RFC2585
systems that store certificates and CRLs
and serves as a means of distributing
these certificates and CRLs to end
entities.
repository レポジトリ (I) A system for storing and distributing RFC2828
digital certificates and related
information (including CRLs, CPSs, and
certificate policies) to certificate users.
(See: directory.)
(O) "A trustworthy system for storing
and retrieving certificates or other
information relevant to certificates."
[ABA]
(C) A certificate is published to those
who might need it by putting it in a
repository. The repository usually is a
publicly accessible, on-line server. In the
Federal Public-key Infrastructure, for
example, the expected repository is a
directory that uses LDAP, but also may
be the X.500 Directory that uses DAP, or
an HTTP server, or an FTP server that
representation 表現 An entity included with a response that RFC2616
is subject to content negotiation, as
described in section 12. There may exist
multiple representations associated with
a particular response status.
republishing 再発行 The act of the DUA making this RFC2307
information to the client is termed
"republishing".
repudiation 拒否 (I) Denial by a system entity that was RFC2828
involved in an association (especially an
association that transfers information) of
having participated in the relationship.
(See: accountability, non-repudiation
service.)
(O) "Denial by one of the entities
involved in a communication of having
participated in all or part of the
communication." [I7498 Part 2]
request 要求 An HTTP request message (as defined in RFC1945
Section 5).
request 要求 An HTTP request message. RFC2295
Request 要求 An RTSP request. If an HTTP request is RFC2326
meant, that isindicated explicitly.
request 要求 A 'request' is a DTP protocol operation RFC2594
which is targeted to a 'document' and
invokes an action on the target
document. The request type specifies
the action that should be performed. A
request can have a document associated
with it.
request 要求 An HTTP request message, as defined in RFC2616
section 5.
Request Block 要求ブロック A Request Block is Trading Block that RFC2801
contains a request for a Trading
Exchange to start. The Trading
Components in a Request Block may be
signed by a Signature Block so that their
authenticity may be checked and to
determine that the Trading Exchange
being requested is authorised.
Authorisation for a Trading Exchange to
start can be provided by the signatures
contained on Receipt Components
contained in Response Blocks resulting
from previously completed Trading
Exchanges. Examples of Request Blocks
are Payment Request and Delivery
Request
Request for コメント要求(RFC) (I) One of the documents in the archival RFC2828
Comment (RFC) series that is the official channel for
ISDs and other publications of the
Internet Engineering Steering Group, the
Internet Architecture Board, and the
Internet community in general. [R2026,
R2223] (See: Internet Standard.)
(C) This term is *not* a synonym for
"Internet Standard".
Request For コメント要求(RFC) The document series, begun in 1969, RFC1983
Comments (RFC) which describes the Internet suite of
protocols and related experiments. Not
all (in fact very few) RFCs describe
Internet standards, but all Internet
standards are written up as RFCs. The
RFC series of documents is unusual in
that the proposed protocols are
forwarded by the Internet research and
development community, acting on their
own behalf, as opposed to the formally
reviewed and standardized protocols that
are promoted by organizations such as
CCITT and ANSI. See also: BCP, FYI,
request-host, ホスト要求, URI要求 The terms request-host and request-URI RFC2965
request-URI refer to the values the client would send
to the server as, respectively, the host
(but not port) and abs_path portions of
the absoluteURI (http_URL) of the HTTP
request line. Note that request-host is a
HN.
request- ホスト要求/URI要求 request-host and request-URI refer to RFC2109
host/request-URI the values the client would send to the
server as, respectively, the host (but not
port) and abs_path portions of the
absoluteURI (http_URL) of the HTTP
request line. Note that request-host
must be a FQHN.
Requesting User 利用者要求 The initiator of a request for service. RFC2848
This role may be distinct from that of the
"party" to any telephone network call
that results from the request.
Requestor リクエスタ An Internet host from which a request RFC2848
for service originates
request-port ポート要求 The term request-port refers to the port RFC2965
portion of the absoluteURI (http_URL) of
the HTTP request line. If the
absoluteURI has no explicit port, the
request-port is the HTTP default, 80.
The request-port of a cookie is the
request-port of the request i
Required Protocol 必要なプロトコル A system must implement the required RFC2300
protocols.
Reseaux IP RIPE A collaboration between European RFC1983
Europeens (RIPE) networks which use the TCP/IP protocol
suite.
Reservation 確保 A declaration that one intends to edit a RFC2291
resource.
Reservation 確保 Reservation is used in this document to RFC2380
refer to an RSVP initiated request for
resources. RSVP initiates requests for
resources based on RESV message
processing. RESV messages that simply
refresh state do not trigger resource
requests. Resource requests may be
made based on RSVP sessions and
RSVP reservation styles. RSVP styles
dictate whether the reserved resources
are used by one sender or shared by
multiple senders. See [8] for details of
each. Each new request is referred to in
this document as an RSVP reservation,
or simply reservation.
Reservation state 確保ステート Information kept in RSVP-capable nodes RFC2205
about successful RSVP reservation
requests.
Reservation style 確保スタイル Describes a set of attributes for a RFC2205
reservation, including the sharing
attributes and sender selection
attributes. See Section 1.3 for details.
Residential Gateway レジデンシァルゲー A gateway that interworks an analogue RFC2885
トウェイ line to a packet network. A residential
gateway typically contains one or two
analogue lines and is located at the
customer premises.
residual risk 残余リスク (I) The risk that remains after RFC2828
countermeasures have been applied.
resolution 解像度 (See "dereference"). RFC2938
Resolver レゾルバ A client of the DNS which seeks RFC2182
information contained in a zone using the
DNS protocols.
Resolvers レゾルバ Programs that extract information from RFC2828
name servers in response to client
requests; typically, system routines
directly accessible to user programs.
Resource 資源 A document, data file or facility which is RFC 2703
accessed or transmitted across a
network. (See also: Data resource)
resource 資源 A network data object or service which RFC1945
can be identified by a URI (Section 3.2).
Resource 資源 A network data object or service that RFC2291
can be identified by a URI.
resource 資源 A network data object or service that RFC2295
can be identified by a URI. Resources
may be available in multiple
representations (e.g. multiple languages,
data formats, size, resolutions) or vary in
resource 資源 A network data object or service that RFC2616
can be identified by a URI, as defined in
section 3.2. Resources may be available
in multiple representations (e.g. multiple
languages, data formats, size, and
resolutions) or vary in other ways.
Resource 資源 Something of value in a network RFC2753
infrastructure to which rules or policy
criteria are first applied before access is
granted. Examples of resources include
the buffers in a router and bandwidth on
an interface.
Resource Manager 資源マネジャ the component of an AAA Server which RFC2904
tracks the state of sessions associated
with the AAA Server or its associated
Service Equipment and provides an
anchor point from which a session can be
controlled, monitored, and coordinated.
Resource Manager 資源マネジャ the component of an AAA Server which RFC2905
tracks the state of sessions associated
with the AAA Server or its associated
Service Equipment and provides an
anchor point from which a session can be
controlled, monitored, and coordinated.
resource-name 資源名 The term "resource-name" is less RFC2355
specific; it may refer to a device-name,
but it may also be the name of a pool of
printer or terminal devices. Such a
named pool could serve to group devices
with similar operational or administrative
characteristics.
response 応答 An HTTP response message (as defined RFC1945
in Section 6).
response 応答 An HTTP response message. RFC2295
Response 応答 An RTSP response. If an HTTP response RFC2326
is meant, that isindicated explicitly.
response 応答 A 'response' is a DTP protocol operation RFC2594
which is returned as a result of a
previous (and associated) request. The
response status indicates if the
requested action was successful or if
errors occurred. A response can have a
document associated with it.
response 応答 An HTTP response message, as defined RFC2616
in section 6.
Response Block 応答ブロック A Response Block is a Trading Block RFC2801
that indicates that a Trading Exchange is
complete. It is sent by the Trading Role
that received a Request Block to the
Trading Role that sent the Request
Block. The Response Block contains a
Status Component that contains
information about the completion of the
Trading Exchange, for example it
indicates whether or not the Trading
Exchange completed successfully. For
some Trading Exchanges the Response
Block contains a Receipt Component
that forms a record of the Trading
Exchange. Receipt Components may be
digitally signed using a Signature Block to
make completion non-refutable.
Examples of Response Blocks include
Offer Response, Payment Response and
Rest レスト The local address portion of an Internet RFC791
Address.
Restart behavior リスタートの振る舞 Reinitialization of system causing data RFC1242
い loss.
RESTART WINDOW リスタートウィンドウ( The restart window is the size of the RFC2581
(RW) RW) congestion window after a TCP restarts
transmission after an idle period (if the
slow start algorithm is used; see section
4.1 for more discussion).
restore 回復 See: card restore. RFC2828
Resv message 確保メッセージ Reservation request RSVP control RFC2205
message.
ResvConf ResvConf Reservation Confirmation RSVP control RFC2205
message, confirms successful installation
of a reservation at some upstream node.
ResvErr ResvErr Reservation Error control message, RFC2205
indicates that a reservation request has
failed or an active reservation has been
preempted.
ResvTear ResvTear Reservation Teardown RSVP control RFC2205
message, deletes reservation state.
retention 保留 Retention is one of the three RFC1301
fundamental parameters that make up
the transport's state (along with
heartbeat and window). Retention is a
number of heartbeats, and though applied
in several different circumstances, is
primarily used as the number of
heartbeats a producing client must
maintain buffered data should it need to
RETF Area RETF領域 A management division within the RETF. RFC2551
An Area consists of Working Groups
related to a general topic such as
routing. An Area is managed by one or
two Area Directors.
Reverse Address 逆ARP(RARP) A protocol, defined in RFC 903, which RFC1983
Resolution Protocol provides the reverse function of ARP.
(RARP) RARP maps a hardware (MAC) address
to an internet address. It is used
primarily by diskless nodes when they
first initialize to find their internet
address. See also: Address Resolution
Protocol, BOOTP, internet address, MAC
Reverse Tunnel 逆トンネル A tunnel that starts at the mobile node's RFC2344
care-of address andterminates at the
home agent.
Reverse Zone 逆ゾーン A zone containing data used to map RFC2182
addresses to names.
revocation 廃止 See: certificate revocation. RFC2828
revocation date 廃止日付 (N) In an X.509 CRL entry, a date-time RFC2828
field that states when the certificate
revocation occurred, i.e., when the CA
declared the digital certificate to be
invalid. (See: invalidity date.)
(C) The revocation date may not resolve
some disputes because, in the worst
case, all signatures made during the
validity period of the certificate may
have to be considered invalid. However, it
may be desirable to treat a digital
signature as valid even though the
private key used to sign was
compromised after the signing. If more is
known about when the compromise
actually occurred, a second date-time,
an "invalidity date", can be included in an
revocation list 廃止リスト See: certificate revocation list. RFC2828
revoke 廃止 See: certificate revocation. RFC2828
RF RF Radio Frequency. RFC2669
RF RF Radio Frequency. RFC2670
RFC RFC Request For Comments. The document RFC1208
series, begun in 1969, which describes
the Internet suite of protocols and
related experiments. Not all (in fact very
few) RFCs describe Internet standards,
but all Internet standards are written up
as RFCs.
RFC RFC Request for Comments. The RFC's are RFC1330
documents used to propose or specify
internet community standards.
RFC RFC Request For Comments; Internet series RFC1943
publications
RFC RFC See: Request For Comments RFC1983
RFC RFC See: Request for Comment. RFC2828
RFC RFC Request For Comments, the archival RFC2860
document series of the IETF, also used
by the IRTF and by third parties.
RFC 822 RFC 822 The Internet standard format for RFC1983
electronic mail message headers. Mail
experts often refer to "822 messages."
The name comes from RFC 822, which
contains the specification. 822 format
was previously known as 733 format.
See also: Electronic Mail. [Source:
COMER]
RFC2967 RFC2967
RFC2978 RFC2978
RFS RFS Remote File System. A distributed file RFC1208
system, similar to NFS, developed by
AT&T and distributed with their UNIX
System V operating system. See NFS.
RFU RFU Reserved for Future Use RFC2351
RID RID Remote Identifier: ASCU identifier in RFC2351
P1024C protocol.
Ring リング a tool for controlling or monitoring RFC1470
network components on Token Ring
Ringback リングバック Ringback is the signaling tone produced RFC2543
by the calling client's application
indicating that a called party is being
RIP RIP Routing Information Protocol. An Interior RFC1208
Gateway Protocol (IGP) supplied with
Berkeley UNIX.
RIP RIP See: Routing Information Protocol RFC1983
RIPE RIPE Reseaux IP Europeenne. European RFC1208
continental TCP/IP network operated by
EUnet. See EUnet.
RIPE RIPE See: Reseaux IP Europeenne RFC1983
risk リスク (I) An expectation of loss expressed as RFC2828
the probability that a particular threat
will exploit a particular vulnerability with
a particular harmful result.
(O) SET usage: "The possibility of loss
because of one or more threats to
information (not to be confused with
financial or business risk)." [SET2]
risk analysis, risk リスク分析, (I) A process that systematically RFC2828
assessment リスク評価 identifies valuable system resources and
threats to those resources, quantifies
loss exposures (i.e., loss potential) based
on estimated frequencies and costs of
occurrence, and (optionally) recommends
how to allocate resources to
countermeasures so as to minimize total
exposure.
(C) The analysis lists risks in order of
cost and criticality, thereby determining
where countermeasures should be
applied first. It is usually financially and
technically infeasible to counteract all
aspects of risk, and so some residual risk
will remain, even after all available
countermeasures have been deployed.
[FP031, R2196]
risk management リスク管理 (I) The process of identifying, controlling, RFC2828
and eliminating or minimizing uncertain
events that may affect system
resources. (See: risk analysis.)
Rivest Cipher #2 RC2 (N) A proprietary, variable-key-length RFC2828
(RC2) block cipher invented by Ron Rivest for
RSA Data Security, Inc. (now a wholly-
owned subsidiary of Security Dynamics,
Inc.).
Rivest Cipher #4 RC4 (N) A proprietary, variable-key-length RFC2828
(RC4) stream cipher invented by Ron Rivest for
RSA Data Security, Inc. (now a wholly-
owned subsidiary of Security Dynamics,
Inc.).
Rivest-Shamir- RSA (N) An algorithm for asymmetric RFC2828
Adleman (RSA) cryptography, invented in 1977 by Ron
Rivest, Adi Shamir, and Leonard Adleman
[RSA78, Schn].
(C) RSA uses exponentiation modulo the
rlogin rlogin A service offered by Berkeley UNIX RFC1208
which allows users of one machine to log
into other UNIX systems (for which they
are authorized) and interact as if their
RMON RMON a tool which employs the RMON RFC1470
extensions to SNMP.
Roamer ローマ A mobile station operating in a cellular RFC2636
system or network other than the one
from which service was subscribed.
Roamer ローマ A mobile station operating in a cellular RFC2637
system or network other than the one
from which service was subscribed.
Roaming ローミング An authorization transaction in which the RFC2904
Service Provider and the User Home
Organization are two different
organizations. (Note that the dialin
application is one for which roaming has
been actively considered, but this
definition encompasses other appli
Roaming ローミング An authorization transaction in which the RFC2905
Service Provider and the User Home
Organization are two different
organizations. (Note that the dialin
application is one for which roaming has
been actively considered, but this
definition encompasses other appli
Roaming Capability ローミング機能 Roaming capability can be loosely defined RFC2486
as the ability to use any one of multiple
Internet service providers (ISPs), while
maintaining a formal, customer-vendor
relationship with only one. Examples of
cases where roaming capability might be
required include ISP "confederations"
and ISP-provided corporate network
access support.
Roaming ローミング関係 Roaming relationships include RFC2607
relationships relationships between companies and
ISPs, relationships among peer ISPs
within a roaming association, and
relationships between an ISP and a
roaming consortia. Together, the set of
relationships forming a path between a
local ISP's authentication proxy and the
home authentication server is known as
the roaming relationship path.
role-based access ロールベースアクセ (I) A form of identity-based access RFC2828
control (RBAC) ス制御 control where the system entities that
are identified and controlled are
functional positions in an organization or
process.
Roman Architecture RAB An appointed group that assists in the RFC2551
Board (RAB) management of the RETF standards
process.
Roman Engineering RESG A group comprised of the RETF Area RFC2551
Steering Group Directors and the RETF Chair. The RESG
(RESG) is responsible for the management, along
with the RAB, of the RETF and is the
standards approval board for the RETF.
ROOT ルート The vertex that is not the final vertex of RFC1330
any arc is referred to as the root vertex
(or informally as the root) of the tree.
root ルート (I) A CA that is directly trusted by an RFC2828
end entity. Acquiring the value of a root
CA's public key involves an out-of-band
procedure.
(I) Hierarchical PKI usage: The CA that is
the highest level (most trusted) CA in a
certification hierarchy; i.e., the authority
upon whose public key all certificate
users base their trust. (See: top CA.)
(C) In a hierarchical PKI, a root issues
public-key certificates to one or more
additional CAs that form the second
highest level. Each of these CAs may
issue certificates to more CAs at the
third highest level, and so on. To initialize
operation of a hierarchical PKI, the root's
initial public key is securely distributed to
all certificate users in a way that does
not depend on the PKI's certification
relationships. The root's public key may
be distributed simply as a numerical
value, but typically is distributed in a self-
signed certificate in which the root is the
subject. The root's certificate is signed
by the root itself because there is no
higher authority in a certification
hierarchy. The root's certificate is then
the first certificate in every certification
path.
root certificate ルート証明 (I) A certificate for which the subject is a RFC2828
root.
(I) Hierarchical PKI usage: The self-
signed public-key certificate at the top
of a certification hierarchy.
root key ルート鍵 (I) A public key for which the matching RFC2828
private key is held by a root.
root registry ルートリジストリ (O) MISSI usage: A name previously used RFC2828
for a MISSI policy approving authority.
ROSE ROSE Remote Operations Service Element. A RFC1208
lightweight RPC protocol, used in OSI
Message Handling, Directory, and
Network Management application
Round-Robin ラウンドロビンアルゴ Round-Robin algorithm is the simplest RFC2391
algorithm リズム scheme, where a host is selected simply
on a round robin basis, without regard to
load on the host.
Round-Trip Time ラウンドトリップ時間( A measure of the current delay on a RFC1983
(RTT) RTT) network. [Source: MALAMUD]
route 方路 The path that network traffic takes from RFC1983
its source to its destination. Also, a
possible path from a given host to
route leaking 方路リーク another host or destination.
advertisement of network layer RFC2185
reachability information across routing
region boundaries.
Route pinning 方路ピニング A mechanism to keep a flow path fixed RFC2386
for a durationof time.
Route Server (RS) 方路サーバ a process that collects routing RFC1862
information from border routers and
distributes this information to 'client
routers'.
routed ルーテド Route Daemon. A program which runs RFC1983
under 4.2BSD/4.3BSD UNIX systems
(and derived operating systems) to
propagate routes among machines on a
local area network, using the RIP
protocol. Pronounced "route-dee". See
also: Routing Information Protocol, gated.
Routeing ルーティング as defined in ISO 7498 RFC1142
Routeing Domain ルーティングドメイン as defined in ISO/TR 9575 RFC1142
Routeing Subdomain ルーティングサブドメ a set of Intermediate systems and End RFC1142
イン systems located within the same
Routeing domain.
router ルータ A system responsible for making RFC1208
decisions about which of several paths
network (or Internet) traffic will follow.
To do this it uses a routing protocol to
gain information about the network, and
algorithms to choose the best route
based on several criteria known as
"routing metrics." In OSI terminology, a
router is a Network Layer intermediate
system. See gateway, bridge and
Router ルータ A system which forwards data frames RFC1242
based on information in the network layer.
router ルータ a system that forwards IP datagrams, as RFC1256
specified in [2]. This does not include
systems that, though capable of IP
forwarding, have that capability turned
off. Nor does it include systems that do
IP forwarding only insofar as required to
router ルータ Allows packets to pass through, usually RFC1552
from one ethernet segment to another.
Sometimes these are called
"intermediate-systems".
router ルータ A special-purpose dedicated computer RFC1812
that connects several networks. Routers
router ルータ a node that forwards IP packets not RFC1971
explicitly addressed to itself.
router ルータ a node that forwards IPv6 packets not RFC1981
router ルータ A device addressed to itself.
explicitly which forwards traffic between RFC1983
networks. The forwarding decision is
based on network layer information and
router ルータ Allows tables, to pass through, by
routing packetsoften constructedusually RFC2097
from one ethernet segment to another.
Sometimes these are called
"intermediate-systems".
router ルータ router refers to any system forwarding RFC2101
IPv4 packets from one host or router to
another.
router ルータ a node that forwards packets not RFC2185
explicitly addressed to itself.
router ルータ A host which facilitates network-level RFC2330
router ルータ communication betweenhosts by not
a node that forwards IP packets RFC2461
explicitly addressed to itself.
router ルータ a node that forwards IP packets not RFC2462
explicitly addressed to itself.
Router ルータ A specialized computer that connects RFC2664
router ルータ networks together andaguides information
(I) A computer that is gateway between RFC2828
two networks at OSI layer 3 and that
Routing ルーティング relays and directs data packets through
a packet route discovery tool. RFC1470
routing ルーティング The process of selecting the correct RFC1983
interface and next hop for a packet being
forwarded. See also: hop, router,
Exterior Gateway Protocol, Interior
Gateway Protocol.
Routing ルーティング If the network to which access is being RFC2881
granted is a routed network, then a NAS
will typically include routing functionality.
Routing Domain ルーティングドメイン a collection of routers with the same set RFC1862
of routing policies. For IPv4 it can be
identified with an Autonomous System
Number, for IPv6 it can be identified with
a Routing Domain Identifier.
routing domain ルーティングドメイン A set of routers exchanging routing RFC1983
information within an administrative
domain. See also: Administrative
Domain, router.
routing domain ルーティングドメイン a collection of routers which coordinate RFC2185
routing knowledge using a single routing
protocol.
Routing Domain ルーティングドメイン( A set of End Systems and Intermediate RFC1136
(RD) RD) Systems which operate according to the
same routeing procedures and which is
wholly contained within a single
Administrative Domain [1].
A Routeing Domain is a set of ISs and
ESs bound by a common routeing
procedure; namely: they are using the
same set of routeing metrics, they use
compatible metric measurement
techniques, they use the same
information distribution protocol, and
they use the same path computation
algorithm [1]. The "OSI Routeing
Framework" further provides a formal
definition of a Routing Domain, specifying
that all ISs within a Routing Domain can
determine whether an ES within the
domain is reachable, and if so can derive
a path to it.
Routing Domains may be divided into
subdomains, not unlike subnetting in the
Internet. This allows a hierarchical
structuring of the domain, permitting
containment of the topological details of
a subdomain with the resultant reduction
in distributed routing information.
An intra-Routing Domain routing protocol
is equivalent to an Internet Interior
Gateway Protocol (IGP).
routing information ルーティング情報 An Administrative Domain may contain
same as reachability information. RFC2185
Routing Information ルーティング情報プ A distance vector, as opposed to link RFC1983
Protocol (RIP) ロトコル(RIP) state, routing protocol. It is an Internet
standard IGP defined in RFC 1058. See
also: Interior Gateway Protocol, Open
Shortest-Path First.
routing prefix ルーティング接頭辞 address prefix that expresses RFC2185
destinations which have addresses with
the matching address prefixes. It is used
by routers to advertise what systems
they are capable of reaching.
routing region (or ルーティング領域(又 a collection of routers interconnected by RFC2185
just "region") は単に"領域") a single internet protocol (e.g. IPv6) and
coordinating their routing knowledge
using routing protocols from a single
internet protocol stack. A routing region
may be a superset of a routing domain.
RPC RPC Remote Procedure Call. An easy and RFC1208
popular paradigm for implementing the
client-server model of distributed
computing. A request is sent to a
remote system to execute a designated
procedure, using arguments supplied, and
the result returned to the caller. There
are many variations and subtleties,
resulting in a variety of different RPC
protocols.
RPC RPC See: Remote Procedure Call RFC1983
RPF RPF Reverse Path Forwarding - A method RFC1812
used to deduce the next hops for
broadcast and multicast packets.
RS Client (RC) RSクライアント(RC) a router than peers with an RS in order RFC1862
to acquire routing information. A
server's client can be a router or another
route server.
RS Cluster (RSC) RSクラスタ(RSC) two or more of route servers that share RFC1862
the same subset of clients. A RS
Cluster provides redundancy of routing
information to its clients, i.e. routing
information is provided to all RS Cluster
clients as long as there is at least one
functional route server in the RS Cluster.
RSA RSA The Rivest-Shamir-Adelman public key RFC1507
cryptosystem based on modular
exponentiation where the modulus is the
product of two large primes. When the
term RSA key is used, it should be clear
from context whether the public key, the
private key, or the public/private pair is
intended.
RSA RSA A public-key cryptographic system which RFC1983
may be used for encryption and
authentication. It was invented in 1977
and named for its inventors: Ron Rivest,
Adi Shamir, and Leonard Adleman. See
also: encryption, Data Encryption
Standard, Pretty Good Privacy.
RSA RSA A very widely used public-key algorithm RFC2246
that can be used for either encryption or
digital signing. [RSA]
RSA RSA The RSA public-key cryptosystem, as RFC2313
defined in [RSA78].
RSA RSA See: Rivest-Shamir-Adleman. RFC2828
Rspec Rspec The component of a flowspec that RFC2205
defines a desired QoS. The Rspec
format is opaque to RSVP and is defined
by the Integrated Services Working
Group of the IETF.
RST RST A control bit (reset), occupying no RFC793
sequence space, indicating that the
receiver should delete the connection
without further interaction. The receiver
can determine, based on the sequence
number and acknowledgment fields of the
incoming segment, whether it should
honor the reset command or ignore it. In
no case does receipt of a segment
containing RST give rise to a RST in
response.
RSVP RSVP The ReSerVation Protocol. A QoS RFC2386
signaling protocolfor the Internet.
RSVP_HOP RSVP_HOP Object of an RSVP control message that RFC2205
carries the PHOP or NHOP address of
the source of the message.
RTCP packet RTCPパケット A control packet consisting of a fixed RFC1889
header part similar to that of RTP data
packets, followed by structured elements
that vary depending upon the RTCP
packet type. The formats are defined in
Section 6. Typically, multiple RTCP
packets are sent together as a
compound RTCP packet in a single
packet of the underlying protocol; this is
enabled by the length field in the fixed
header of each RTCP packet.
RTFM RTFM See: Read The F*cking Manual RFC1983
RTP RTP Real Time Protocol: A host-to-host RFC793
protocol for communication of time
critical information.
RTP packet RTPパケット A data packet consisting of the fixed RFC1889
RTP header, a possibly empty list of
contributing sources (see below), and the
payload data. Some underlying protocols
may require an encapsulation of the RTP
packet to be defined. Typically one
packet of the underlying protocol
contains a single RTP packet, but several
RTP packets may be contained if
permitted by the encapsulation method
(see Section 10).
RTP payload RTPペイロード The data transported by RTP in a RFC1889
packet, for example audio samples or
compressed video data. The payload
format and interpretation are beyond the
scope of this document.
RTP session RTPセション The association among a set of RFC1889
participants communicating with RTP.
For each participant, the session is
defined by a particular pair of destination
transport addresses (one network
address plus a port pair for RTP and
RTCP). The destination transport
address pair may be common for all
participants, as in the case of IP
multicast, or may be different for each,
as in the case of individual unicast
network addresses plus a common port
pair. In a multimedia session, each
medium is carried in a separate RTP
session with its own RTCP packets. The
multiple RTP sessions are distinguished
by different port number pairs and/or
RTSC RTSC See: Read The Source Code RFC1983
RTSE RTSE Reliable Transfer Service Element. A RFC1208
lightweight OSI application service used
above X.25 networks to handshake
application PDUs across the Session
Service and TP0. Not needed with TP4,
and not recommended for use in the U.S.
except when talking to X.400 ADMDs.
RTSP session RTSPセション A complete RTSP "transaction", e.g., the RFC2326
viewing of a movie.A session typically
consists of a client setting up atransport
mechanism for the continuous media
stream (SETUP),starting the stream with
PLAY or RECORD, and closing thestream
with TEARDOWN.
RTT RTT See: Round-Trip Time RFC1983
Rule set ルール集 The collection of access control rules RFC2647
that determines which packets the
DUT/SUT will forward and which it will
reject.
rule-based security ルールベースセキュ (I) "A security policy based on global RFC2828
policy リティ方針 rules imposed for all users. These rules
usually rely on comparison of the
sensitivity of the resource being
accessed and the possession of
corresponding attributes of users, a
group of users, or entities acting on
behalf of users." [I7498 Part 2] (See:
identity-based security policy.)
S/Key S/鍵 (I) A security mechanism that uses a RFC2828
cryptographic hash function to generate
a sequence of 64-bit, one-time
passwords for remote user login. [R1760]
(C) The client generates a one-time
password by applying the MD4
cryptographic hash function multiple
times to the user's secret key. For each
successive authentication of the user,
the number of hash applications is
reduced by one. (Thus, an intruder using
wiretapping cannot compute a valid
password from knowledge of one
previously used.) The server verifies a
password by hashing the currently
presented password (or initialization
value) one time and comparing the hash
result with the previously presented
password.
S/MIME S/MIME See: Secure/MIME. RFC2828
S/MIME agent S/MIMEエージェント user software that is a receiving agent, a RFC2632
sending agent, or both.
S/MIME agent S/MIMEエージェント user software that is a receiving agent, a RFC2633
sending agent, or both.
SA Server SAサーバ Many operating system platforms only RFC2614
allow a single process to listen on a
particular port number. Since SAs are
required to listen on a multicast address
for SLP service requests,
implementations of the SLP framework
on such platforms that want to support
multiple SAs on one machine need to
arrange for a single process to do the
listening while the advertising SAs
communicate with that process through
another mechanism. The single listening
process is called an SA server. SA
servers share many characteristics with
DAs, but they are not the same.
safety 安全性 (I) The property of a system being free RFC2828
from risk of causing harmto system
entities and outside entities.
SAID SAID See: security association identifier. RFC2828
salt salt Non-secret random data used to make RFC2246
export encryption keys resist
precomputation attacks.
salt salt (I) A random value that is concatenated RFC2828
with a password before applying the one-
way encryption function used to protect
passwords that are stored in the
database of an access control system.
(See: initialization value.)
(C) Salt protects a password-based
access control system against a
dictionary attack.
sanitize 消毒 (I) Delete sensitive data from a file, a RFC2828
device, or a system; or modify data so as
to be able to downgrade its classification
level.
SAP SAP Service Access Point. The point at RFC1208
which the services of an OSI layer are
made available to the next higher layer.
The SAP is named according to the layer
providing the services: e.g., Transport
services are provided at a Transport
SAP (TSAP) at the top of the Transport
SAP SAP Session Announcement Protocol RFC2974
SAP announcer SAPアナウンサ A SAP announcer periodically multicasts RFC2974
an announcement packet to a well known
multicast address and port. The
announcement is multicast with the same
scope as the session it is announcing,
ensuring that the recipients of the
announcement are within the
SAP listener SAPリスナ A SAP listener learns of the multicast RFC2974
scopes it is within (for example, using the
Multicast-Scope Zone Announcement
Protocol [5]) and listens on the well
known SAP address and port for those
scopes. In this manner, it will eventually
learn of all the ses
SASL SASL Simple Authentication and Security RFC2244
Layer [SASL].
SASL SASL See: Simple Authentication and Security RFC2828
Layer.
SBM SBM the SBM is a protocol entity that resides RFC2814
in a L2 or L3 device and is capable of
managing resources on a segment.
However, only a DSBM manages the
resources for a managed segment. When
more than one SBM exists on a segment,
one of the SBMs is elected to be the
DSBM.
SC SC Session Close (MATIP command) RFC2351
SCA SCA See: subordinate certification authority. RFC2828
Scaled Group SGFM A table that demonstrates Forwarding RFC2432
Forwarding Matrix Rate as a function of tested multicast
(SGFM) groups for a fixed number of tested
DUT/SUT ports.
scavenging 掃除 See: (secondary definition under) threat RFC2828
consequence.
SCHEMA SCHEMA The Directory Schema is the set of rules RFC1330
and constraints concerning the Directory
Information Tree (DIT) structure, object
class definitions, attribute types, and
syntaxes which characterize the
Directory Information base (DIB).
SCN FAS Signalling SCN This function contains the SCN Signalling RFC2885
Gateway FASシグナリングゲ Interface that terminates SS7, ISDN or
ートウェイ other signalling links where the call
control channel and bearer channels are
collocated in the same physical span.
SCN NFAS SCN This function contains the SCN Signalling RFC2885
Signalling Gateway FASシグナリングゲ Interface that terminates SS7 or other
ートウェイ signalling links where the call control
channels are separated from bearer
channels.
Scope スコープ A collection of services that make up a RFC2165
logical group. See sections 3.7 and 16.
Scope スコープ The set of sender hosts to which a given RFC2205
reservation request is to be propagated.
Scope スコープ A set of services, typically making up a RFC2608
logical administrative group.
Scope スコープ A string used to control the availability of RFC2614
service advertisements. Every SLP Agent
is configured with one or more scope
strings. Scopes are assigned by site
administrators to group services for
many purposes, but chiefly as a means of
scalability. DAs store only services
advertised having a scope string
matching the scopes with which they are
configured.
SCR SCR System and Communication Reference. RFC2351
(IATA document)
screening router スクリーニングルー (I) A synonym for "filtering router". RFC2828
script スクリプト A particular instance of a CPL, RFC2824
describing a particular set of services
SCTP association SCTPアソシエーショ A protocol relationship between SCTP RFC2960
ン endpoints, composed of the two SCTP
endpoints and protocol state information
including Verification Tags and the
currently active set of Transmission
Sequence Numbers (TSNs), etc. An
association can be uniquely identi
SCTP endpoint SCTP端点 The logical sender/receiver of SCTP RFC2960
packets. On a multi-homed host, an
SCTP endpoint is represented to its
peers as a combination of a set of
eligible destination transport addresses
to which SCTP packets can be sent and
a set of eligible source transpor
SCTP packet (or SCTPパケット(又は The unit of data delivery across the RFC2960
packet) パケット) interface between SCTP and the
connectionless packet network (e.g., IP).
An SCTP packet includes the common
SCTP header, possible SCTP control
chunks, and user data encapsulated
within SCTP DATA chunks.
SCTP user SCTP利用者アプリ The logical higher-layer application entity RFC2960
application (SCTP ケーション(SCTP利which uses the services of SCTP, also
user) 用者) called the Upper-layer Protocol (ULP).
SDE SDE See SUBMISSION AND DELIVERY RFC1330
ENTITY.
SDE SDE See: Secure Data Exchange. RFC2828
SDH SDH See: Synchronous Digital Hierarchy RFC1983
SDNS SDNS See: Secure Data Network System. RFC2828
SE style SEスタイル Shared Explicit reservation style, which RFC2205
has explicit sender selection and shared
attributes.
Seal シール To encipher a record containing several RFC1510
fields in such a way that the fields
cannot be individually replaced without
either knowledge of the encryption key
or leaving evidence of tampering.
seal シール (O) To use cryptography to provide data RFC2828
integrity service for a data object. (See:
sign, wrap.)
(D) ISDs SHOULD NOT use this
definition; instead, use language that is
more specific with regard to the
mechanism(s) used, such as "sign" when
the mechanism is digital signature.
secondary link 二次リンクスターショ The link station instance on a link RFC1747
station ン connection that receives commands from
the primary link station and issues
responses to it.
Secondary Server 二次サーバ An authoritative server that obtains RFC2182
information about a zone from a Primary
Server via a zone transfer mechanism.
Sometimes known as a Slave Server.
secret 秘密 (I) (1.) Adjective: The condition of RFC2828
information being protected from being
known by any system entities except
those who are intended to know it. (2.)
Noun: An item of information that is
protected thusly.
(C) This term applies to symmetric keys,
private keys, and passwords.
secret key 秘密鍵 Cryptographic key used in symmetric RFC1507
cryptography to encrypt, sign, decrypt
and verify messages. In symmetric
cryptography, knowledge of the
decryption key implies knowledge of the
encryption key, and vice-versa.
Secret key 秘密鍵 An encryption key shared by a principal RFC1510
and the KDC, distributed outside the
bounds of the system, with a long
lifetime. In the case of a human user's
principal, the secret key is derived from a
password.
secret-key 秘密鍵 A symmetric key that is not publically RFC2522
distributable. As used in this document,
this is distinguished from an asymmetric
public/private key-pair. An example is a
user password.
secret-key 秘密鍵暗号化 (I) A synonym for "symmetric RFC2828
cryptography cryptography".
Secure Data セキュアデータ交換( (N) A local area network security RFC2828
Exchange (SDE) SDE) protocol defined by the IEEE 802.10
Secure Data セキュアデータ網シ (N) An NSA program that developed RFC2828
Network System ステム(SDNS) security protocols for electronic mail
(SDNS) (Message Security Protocol), OSI layer 3
(SP3), OSI layer 4 (SP4), and key
management (KMP).
Secure Hash セキュアハッシュ規 (N) The U.S. Government standard RFC2828
Standard (SHS) 格(SHS) [FP180] that specifies the Secure Hash
Algorithm (SHA-1), a cryptographic hash
function that produces a 160-bit output
(hash result) for input data of any length
is
subordinate to the DN .
subpath サブパス Given a path, a subpath is any RFC2330
subsequence of the given pathwhich is
itself a path. (Thus, the first and last
element of asubpath is a host.)
Sub-QCIF サブQCIF picture source format with 128 x 96 RFC2190
pixels for luminance and 64 x 48 pixels
for chrominance.
Sub-session key サブセッションキー A temporary encryption key used RFC1510
between two principals, selected and
exchanged by the principals using the
session key, and with a lifetime limited to
the duration of a single association.
Sub-unit サブユニット a part of the printer which may be a RFC1759
physical part, such as one of the input
sources or a logical part such as an
interpreter.
Sun Sun a tool that runs on Sun Microsystems RFC1470
platforms. (binary distribution built for
use on a Sun.)
superencryption 上位暗号化 (I) An encryption operation for which the RFC2828
plaintext input to be transformed is the
ciphertext output of a previous
encryption operation.
supernet 上位ネット An aggregation of IP network addresses RFC1983
advertised as a single classless network
address. For example, given four Class C
IP networks: 192.0.8.0, 192.0.9.0,
192.0.10.0 and 192.0.11.0, each having the
intrinsic network mask of 255.255.255.0;
one can advertise the address 192.0.8.0
with a subnet mask of 255.255.252.0.
See also: IP address, network address,
network mask, Classless Inter-domain
Routing.
supports 透過コンテント交渉 From the viewpoint of an origin server or RFC2295
transparent content 支援 proxy, a user agent supports transparent
negotiation content negotiation if and only if it sends
a Negotiate header (section 8.4) which
indicates such support.
survivability 生き残り性 (I) The ability of a system to remain in RFC2828
operation or existence despite adverse
conditions, including both natural
occurrences, accidental actions, and
attacks on the system. (See: availability,
reliability.)
Switch Address スイッチアドレス A value used as the address of a node on RFC2067,
a HIPPI-SC network. It is transmitted in RFC2834
the I-field. HIPPI-SC switches may map
Switch Addresses to physical port
numbers.
Switch flood path スイッチにおける洪 The path used to send undirected RFC2643
水型流れパス messages throughout the switch fabric.
The switch flood path is formed using a
spanning tree algorithm that provides a
single path through the switch fabric that
guarantees loop-free delivery to every
other SFVLAN switch in the fabric.
Switch ID スイッチID A 10-octet value that uniquely identifies RFC2642,
the switch within the switch fabric. The RFC2643
value consists of the 6-octet base MAC
address of the switch, followed by 4
octets of zeroes.
Switched Circuit 回線交換網(SCN) The term SCN is used to refer to a RFC2719
Network (SCN) network that carries traffic within
channelized bearers of pre-defined sizes.
Examples include Public Switched
Telephone Networks (PSTNs) and Public
Land Mobile Networks (PLMNs).
Examples of signaling protocols used in
SCN include Q.931, SS7 MTP Level 3
and SS7 Application/User parts. The
following are terms for functional entities
relating to signaling transport in a
distributed gateway model.
switched line スイッチ化された線 A telecommunications line in which the RFC1747
connection is established by dialing. For
switched lines, the SDLC startup
sequence typically begins with a null
exchange identifier (null XID).
Switched スイッチ化されたマ An emerging high-speed datagram-based RFC1983
Multimegabit Data ルチメガデータサー public data network service developed by
Service (SMDS) ビス(SMDS) Bellcore and expected to be widely used
by telephone companies as the basis for
their data networks. See also:
Metropolitan Area Network. [Source:
RFC1208]
Symbol-times シンボルタイム See [16]. A characteristic of the RF RFC2670
modulation scheme.
symmetric cipher 対称型暗号 See bulk cipher. RFC2246
Symmetric 対称型暗号化 An encryption system that uses the RFC1704,
Cryptography same key for encryption and decryption. RFC2828
Sometimes referred to as
Secret~Key~Cryptography.
symmetric key 対称型キー (I) A cryptographic key that is used in a RFC2828
symmetric cryptographic algorithm.
SYN 初期同期信号 A control bit in the incoming segment, RFC793
occupying one sequence number, used at
the initiation of a connection, to indicate
where the sequence numbering will start.
SYN flood SYNによるアタック (I) A denial of service attack that sends a RFC2828
host more TCP SYN packets (request to
synchronize sequence numbers, used
when opening a connection) than the
protocol implementation can handle.
(See: flooding.)
Synchronization 同期ソース The source of a stream of RTP packets, RFC1889
source (SSRC) identified by a 32-bit numeric SSRC
identifier carried in the RTP header so as
not to be dependent upon the network
address. All packets from a
synchronization source form part of the
same timing and sequence number
Synchronous Digital 同期デジタル階層(S The European standard for high-speed RFC1983
Hierarchy (SDH) DH) data communications over fiber-optic
media. The transmission rates range
from 155.52Mbps to 2.5Gbps.
Synchronous 同期光ネットワーク( SONET is an international standard for RFC1983
Optical NETwork SONET) high-speed data communications over
(SONET) fiber-optic media. The transmission
rates range from 51.84Mbps to 2.5Gbps.
Syntax 構文 The form used to express some value; RFC 2703
especially the format used to express a
media feature value, or a feature set.
(See also: feature value, feature set,
system システム a device that implements the Internet RFC1256,
Protocol, IP [9]. RFC2828,
RFC2970
System システム管理者権限 System administrators have more rights RFC2504
Administrator (greater permissions) astheir work
Privileges involve the maintenance of system files.
system entity システム実体 (I) An active element of a system--e.g., RFC2828
an automated process, a subsystem, a
person or group of persons--that
incorporates a specific set of capabilities.
System Files システムファイル The set of files on a system that do not RFC2504
belong to end-users,which govern the
functionality of the system. System
files havea great impact on the security
of the system.
system high システムハイ (I) The highest security level supported RFC2828
by a system at a particular time or in a
particular environment. (See: system high
security mode.)
system high システム高度セキュ (I) A mode of operation of an information RFC2828
security mode リティモード system, wherein all users having access
to the system possess a security
clearance or authorization, but not
necessarily a need-to-know, for all data
handled by the system. (See: mode of
operation.)
(C) This mode is defined formally in U.S.
Department of Defense policy regarding
system accreditation [DOD2], but the
term is widely used outside the Defense
Department and outside the Government.
system integrity システム完全性 (I) "The quality that a system has when RFC2828
it can perform its intended function in a
unimpaired manner, free from deliberate
or inadvertent unauthorized
manipulation." [NCS04] (See: system
integrity service.)
system integrity システム完全性サー (I) A security service that protects RFC2828
service ビス system resources in a verifiable manner
against unauthorized or accidental
change, loss, or destruction. (See:
system integrity.)
system low システムロー (I) The lowest security level supported by RFC2828
a system at a particular time or in a
particular environment. (See: system
system resource システム資源 (I) Data contained in an information RFC2828
system; or a service provided by a
system; or a system capability, such as
processing power or communication
bandwidth; or an item of system
equipment (i.e., a system component--
hardware, firmware, software, or
documentation); or a facility that houses
system operations and equipment.
system security システムセキュリティ (I) A person responsible for enforcement RFC2828
officer (SSO) 管理者 or administration of the security policy
that applies to the system.
System Under Test 単一テストを構成す The collective set of network devices to RFC2285
(SUT) for
specifications and details.
Wireless Application 無線アプリケーショ A set of network and application RFC2637
Protocol (WAP) ンプロトコル(WAP) protocols including a datagram protocol
(WDP), Transport Layer Security (WTLS),
Transaction Protocol (WTP), Session
Protocol (WSP), and Application
Environment (WAE), which use carrier-
based gateways to enable wireless
devices to access Web resources. See
for
specifications and details.
wiretapping 盗聴 The various legal statutes defining RFC2804
wiretapping do not give adequate
definitions to distinguish between
wiretapping and various other activities
at the technical level. For the purposes
of this memo, the following definition of
wiretapping is used: Wiretapping is what
occurs when information passed across
the Internet from one party to one or
more other parties is delivered to a third
party: 1. Without the sending party
knowing about the third party, 2. Without
any of the recipient parties knowing
about the delivery to the third party, 3.
When the normal expectation of the
sender is that the transmitted
information will only be seen by the
recipient parties or parties obliged to
keep the information in confidence, 4.
When the third party acts deliberately to
target the transmission of the first party,
either because he is of interest, or
because the second party's reception is
of interest. The term "party", as used
here, can refer to one person, a group of
persons, or equipment acting on behalf of
persons; the term "party" is used for
wiretapping 盗聴 (I) An attack that intercepts and RFC2828
accesses data and other information
contained in a flow in a communication
system.
(C) Although the term originally referred
to making a mechanical connection to an
electrical conductor that links two nodes,
it is now used to refer to reading
information from any sort of medium
used for a link or even directly from a
node, such as gateway or subnetwork
switch.
(C) "Active wiretapping" attempts to
alter the data or otherwise affect the
flow; "passive wiretapping" only attempts
to observe the flow and gain knowledge
of information it contains. (See: active
attack, end-to-end encryption, passive
word 語/ワード a 32-bit quantity. RFC1186
word 語/ワード a 32-bit quantity. RFC1320
word 語/ワード a 32-bit quantity. RFC1321
word 語/ワード a string of bits of a particular length that RFC2040
can be operated on as either an unsigned
integer or as a bit vector. For example a
"word" might be 32 or 64 bits long
depending on the desired block size for
the RC5 cipher. A 32 bit word will
produce a 64 bit block size. For best
performance the RC5 word size should
match the register size of the CPU.
word 語/ワード A sequence of printing characters. RFC821
word 語/ワード A word is a sixteen-bit quantity. RFC909
work factor 作業因子 (I) General security usage: The estimated RFC2828
amount of effort or time that can be
expected to be expended by a potential
intruder to penetrate a system, or defeat
a particular countermeasure, when using
specified amounts of expertise and
resources.
(I) Cryptography usage: The estimated
amount of computing time and power
needed to break a cryptographic system.
Working Group 作業グループ A group chartered by the IESG and IAB RFC2026
to work on a specific specification, set of
specifications or topic.
Working Group 作業グループ A group chartered by the RESG and RAB RFC2551
to work on a specific specification, set of
specifications or topic.
Working Group (WG) 作業グループ A working group, within the IETF, is a RFC1983
group of people who work under a
charter to achieve a certain goal. That
goal may be the creation of an
Informational document, the creation of a
protocol specification, or the resolution
of problems in the Internet. Most working
groups have a finite lifetime. That is,
once a working group has achieved its
goal, it disbands. There is no official
membership for a working group.
Unofficially, a working group member is
somebody who is on that working group's
mailing list; however, anyone may attend
a working group meeting. See also:
Internet Engineering Task Force, Birds Of
a Feather.
World Wide ワールドワイドノード Fibre Channel identifies each Node with a RFC2625
Node_Name 名(WW_NN) unchangeable WW_NN. In a single port
(WW_NN) Node, the WW_NN and the WW_PN may
be identical.
World Wide ワールドワイドポート Fibre Channel requires each Port to have RFC2625
Port_Name (WW_PN) 名(WW_PN) an unchangeable WW_PN. Fibre Channel
specifies a Network Address Authority
(NAA) to distinguish between the various
name registration authorities that may be
used to identify the WW_PN. A 4-bit NAA
identifier, 12-bit field set to 0x0 and an
IEEE 48-bit MAC address together make
this a 64-bit field.
World Wide Web ワールドワイドウェブ (N) The global, hypermedia-based RFC2828
("the Web", WWW, collection of information and services
W3) that is available on Internet servers and
is accessed by browsers using Hypertext
Transfer Protocol and other information
retrieval mechanisms. (See: web vs. Web,
[R2084].)
World Wide Web ワールドワイドウェブ The 'World Wide Web' (WWW) is a world RFC2594
(WWW) wide information system which is based
on the concept of documents that are
linked together by embedding references
(links) to other local or remote
documents.
World Wide Web ワールドワイドウェブ A hypertext-based, distributed RFC1983
(WWW, W3) information system created by
researchers at CERN in Switzerland.
Users may create, edit or browse
hypertext documents. The clients and
worm ワーム/寄生虫 A computer program which replicates RFC1983
itself and is self-propagating. Worms, as
opposed to viruses, are meant to spawn
in network environments. Network
worms were first defined by Shoch &
Hupp of Xerox in ACM Communications
(March 1982). The Internet worm of
November 1988 is perhaps the most
famous; it successfully propagated itself
on over 6,000 systems across the
Internet. See also: Trojan Horse, virus.
Worm ワーム/寄生虫 A computer program which replicates RFC2504
itself and is self-propogating. Worms, as
opposed to viruses, are meant to spawn
innetwork environments.
worm ワーム/寄生虫 (I) A computer program that can run RFC2828
independently, can propagate a complete
working version of itself onto other hosts
on a network, and may consume
computer resources destructively. (See:
Morris Worm, virus.)
wrap 折り返す (O) To use cryptography to provide data RFC2828
confidentiality service for a data object.
(See: encrypt, seal.)
(D) ISDs SHOULD NOT use this term
with this definition because it duplicates
the meaning of other, standard terms.
Instead, use "encrypt" or use a term
that is specific with regard to the
mechanism used.
Wrapper ラッパー Part of cryptoplugin that provides RFC2628
interfaces translation between Crypto
API and OS-specific interface.
Write Lock 書込みロック A lock that prevents anyone except its RFC2291
owner from modifying the resource it
applies to.
WRT に関して With Respect To RFC1983
WWW WWW See: World Wide Web RFC1983
WWW WWW See: World Wide Web. RFC2828
WWW service WWWサービス A 'WWW service' is a set of actions that RFC2594
can be invoked on a document. Typical
actions are the transfer of documents or
the retrieval of administrative information
about documents. WWW services are
provided by means of a DTP. A WWW
service can be identified by the DTP
protocol used to invoke services and the
transport endpoint used by that protocol.
WYSIWYG WYSIWYG What You See is What You Get RFC1983
X X a tool that uses X-Windows. RFC1470
X X X is the name for TCP/IP based network- RFC1983
oriented window systems. Network
window systems allow a program to use a
display on a different computer. The
most widely-implemented window system
is X11 - a component of MIT's Project
Athena.
X Recommendations Xシリーズ勧告 The CCITT documents that describe RFC1208
data communication network standards.
Well-known ones include: X.25 Packet
Switching standard, X.400 Message
Handling System, and X.500 Directory
Services.
X.25 X.25 The Network Access protocols specified RFC1210
by CCITT/OSI as standard.
X.25 X.25 A packet switched network standard RFC1330
often used by public providers and
optional in GOSIP.
X.25 X.25 A data communications interface RFC1983
specification developed to describe how
data passes into and out of public data
communications networks. The CCITT
and ISO approved protocol suite defines
protocol layers 1 through 3.
X.400 X.400 The set of protocols for message RFC1210
services specified by CCITT/ISO.
X.400 X.400 The CCITT and ISO standard for RFC1983
electronic mail. It is widely used in
Europe and Canada.
X.400 X.400 (N) An ITU-T Recommendation [X400] RFC2828
that is one part of a joint ITU-T/ISO
multi-part standard (X.400-X.421) that
defines the Message Handling Systems.
(The ISO equivalent is IS 10021, parts 1-
7.) (See: Message Handling Systems.)
X.500 X.500 The set of protocols for directory RFC1210
services specified by CCITT/ISO.
X.500 X.500 A series of recommendations as defined RFC1943
by the ITU, that specify a Directory
Services protocol.
X.500 X.500 The CCITT and ISO standard for RFC1983
electronic directory services. See also:
white pages, Knowbot, whois.
X.500 X.500 RFC2828
X.500 Directory X.500ディレクトリ N) An ITU-T Recommendation [X500] RFC2828
that is one part of a joint ITU-T/ISO
multi-part standard (X.500-X.525) that
defines the X.500
Directory, a conceptual collection of
systems that provide distributed
directory capabilities for OSI entities,
processes, applications, and services.
(The ISO equivalent is IS 9594-1 and
related standards, IS 9594-x.) (See:
directory vs. Directory, X.509.)
(C) The X.500 Directory is structured as
a tree (the Directory Information Tree),
and information is stored in directory
entries. Each entry is a collection of
information about one object, and each
object has a DN. A directory entry is
composed of attributes, each with a type
and one or more values. For example, if a
PKI uses the Directory to distribute
certificates, then the X.509 public-key
certificate of an end user is normally
stored as a value of an attribute of type
"userCertificate" in the Directory entry
that has the DN that is the subject of
the certificate.
X.509 X.509 (N) An ITU-T Recommendation [X509] RFC2828
that defines a framework to provide and
support data origin authentication and
peer entity authentication services,
including formats for X.509 public-key
certificates, X.509 attribute certificates,
and X.509 CRLs. (The ISO equivalent is
IS 9498-4.) (See: X.500.)
(C) X.509 describes two levels of
authentication: simple authentication
based on a password, and strong
authentication based on a public-key
certificate.
X.509 attribute X.509属性証明証 (N) An attribute certificate in the version RFC2828
certificate 1 (v1) format defined by X.509. (The v1
designation for an X.509 attribute
certificate is disjoint from the v1
designation for an X.509 public-key
certificate, and from the v1 designation
for an X.509 CRL.)
(C) An X.509 attribute certificate has a
subject field, but the attribute certificate
is a separate data structure from that
subject's public-key certificate. A
subject may have multiple attribute
certificates associated with each of its
public-key certificates, and an attribute
certificate may be issued by a different
CA than the one that issued the
associated public-key certificate.
(C) An X.509 attribute certificate
contains a sequence of data items and
has a digital signature that is computed
from that sequence. In addition to the
signature, an attribute certificate
contains items 1 through 9 listed below:
1. version Identifies v1.
2. subject Is one of the
following:
2a. baseCertificateID - Issuer and
serial number of an X.509 public-key
certificate.
2b. subjectName - DN of the
X.509 authority subject.
X.509オーソリティー (N) An ARL in one of the formats defined RFC2828
revocation list リボケーションリスト by X.509--version 1 (v1) or version 2
(v2). A specialized kind of certificate
revocation list.
X.509 certificate X.509証明証 (N) Either an X.509 public-key certificate RFC2828
or an X.509 attribute certificate.
(C) This Glossary uses the term with the
precise meaning recommended here.
However, some who use the term may
not be aware that X.509 specifies
attribute certificates that do not contain
a public key. Even among those who are
aware, this term is commonly used as an
abbreviation to mean "X.509 public-key
certificate". ISDs MAY use the term as
an abbreviation for "X.509 public-key
certificate", but only after using the full
term at the first instance.
(D) ISDs SHOULD NOT use this term as
an abbreviation to mean "X.509 attribute
certificate".
X.509 certificate X.509証明証リボケ (N) A CRL in one of the formats defined RFC2828
revocation list (CRL) ーションリスト (CRL) by X.509--version 1 (v1) or version 2
(v2). (The v1 and v2 designations for an
X.509 CRL are disjoint from the v1 and
v2 designations for an X.509 public-key
certificate, and from the v1 designation
for an X.509 attribute certificate.) (See:
certificate revocation.)
(C) ISDs SHOULD NOT refer to an X.509
CRL as a digital certificate, but note that
an X.509 CRL does meet this Glossary's
definition of "digital certificate". Like a
digital certificate, an X.509 CRL makes
an assertion and is signed by a CA. But
instead of binding a key or other
attributes to a subject, an X.509 CRL
asserts that certain previously-issued
X.509 certificates have been revoked.
(C) An X.509 CRL contains a sequence
of data items and has a digital signature
computed on that sequence. In addition
to the signature, both v1 and v2 contain
items 2 through 6b listed below. Version
2 contains item 1 and may optionally
contain 6c and 7.
1. version Optional. If
present, identifies v2.
2. signature OID of the
algorithm that signed CRL.
3. issuer DN of the
issuer (the CA who signed).
X.509 public-key X.509公開鍵証明証 (N) A public-key certificate in one of the RFC2828
certificate formats defined by X.509--version 1 (v1),
version 2 (v2), or version 3 (v3). (The v1
and v2 designations for an X.509 public-
key certificate are disjoint from the v1
and v2 designations for an X.509 CRL,
and from the v1 designation for an X.509
attribute certificate.)
(C) An X.509 public-key certificate
contains a sequence of data items and
has a digital signature computed on that
sequence. In addition to the signature, all
three versions contain items 1 through 7
listed below. Only v2 and v3 certificates
may also contain items 8 and 9, and only
v3 may contain item 10.
1. version Identifies v1, v2,
or v3.
2. serialNumber Certificate
serial number; an integer assigned by the
issuer.
3. signature OID of
algorithm that was used to sign the
certificate.
4. issuer DN of the
issuer (the CA who signed).
5. validity Validity period;
a pair of UTCTime values: "not before"
and "not after".
6. subject DN of entity
X/Open X/Open who owns the public key.
A group of computer manufacturers that RFC1208
promotes the development of portable
applications based on UNIX. They
publish a document called the X/Open
Portability Guide.
XDR XDR eXternal Data Representation. A RFC1208
standard for machine-independent data
structures developed by Sun
Microsystems. Similar to ASN.1.
XDR XDR See: eXternal Data Representation RFC1983
Xerox Network ゼロックスネットワー A protocol suite developed by Xerox RFC1983
System (XNS) クシステム (XNS) Corporation to run on LAN and WAN
networks, where the LANs are typically
Ethernet. Implementations exist for both
Xerox's workstations and 4.3BSD, and
4.3BSD-derived, systems. XNS denotes
not only the protocol stack, but also an
architecture of standard programming
interfaces, conventions, and service
functions for authentication, directory,
filing, email, and remote procedure call.
XNS is also the name of Xerox's
implementation. See also: Ethernet,
Berkeley Software Distribution, Local
Area Network, Wide Area Network.
[Source: Jeff Hodges]
XNS XNS See: Xerox Network System RFC1983
XTACACS XTACACS See: (secondary definition under) RFC2828
Terminal Access Controller (TAC)
Access Control System.
Yahoo! Yahoo! Yahoo! is a hierarchical subject-oriented RFC1983
guide for the World Wide Web and
Internet. Yahoo! lists sites and
categorizes them into appropriate
subject categories. Yahoo! may be
reached at "http://www.yahoo.com/".
[Source: Yahoo's "What is Yahoo?"]
Yellow Book イエローブック (D) ISDs SHOULD NOT use this term as RFC2828
a synonym for "Computer Security
Requirements: Guidance for Applying the
Department of Defense Trusted
Computer System Evaluation Criteria in
Specific Environments" [CSC3]. Instead,
use the full proper name of the document
or, in subsequent references, a
conventional abbreviation. (See: (usage
note under) Green Book, Rainbow Series.)
Yellow Pages (YP) イエローページ (YP) A historic (i.e., no longer in use) service RFC1983
used by UNIX administrators to manage
databases distributed across a network.
YP YP See: Yellow Pages RFC1983
zeroize 無効化 (I) Use erasure or other means to render RFC2828
stored data unusable and unrecoverable,
particularly a key stored in a
cryptographic module or other device.
(O) Erase electronically stored data by
altering the contents of the data storage
so as to prevent the recovery of the
data. [FP140]
Zero-Length Body 本体ゼロ長 (ZLB) A control packet with only an L2TP RFC2661
(ZLB) Message メッセージ header. ZLB messages are used for
explicitly acknowledging packets on the
reliable control channel.
zone ゾーン A logical group of network devices. RFC1983
Zone ゾーン A part of the DNS tree, that is treated as RFC2182
a unit.
備考 短縮形
ABR
ASN.1
ASN.1
ACC
AUP
ACK
ACK
ACK
ACL
ACL
ACL
ACL
ACSE
AES
ARPA
ARPANE
T
AE
AH
ALC
RFC2314 Obsoleted
RFC2314 Obsoleted
or以降が切れている
。
ANSI
ANSI
ASCII
ANSI
ANSI
AOW
AP
API
API
定義が途中で切れ
ている。
ACAP
ACAP
ARP
ARP
ARPA
ARPA
ASCU
ASE
ASN.1
ASN.1
ASN.1
ASN.1
ASN.1
ASN.1
ASN.1
ASN.1
ASN.1
ASN.1
RFC2314 Obsoleted ASN.1
ATM
ATM
RFC2314 Obsoleted
RFC2314 Obsoleted
A-Key
A-Key
定義が途中で切れ
ている。
AX.25
BIN
BATAP
BBS
Bc
Be
BER
RFC2314 Obsoleted
BIND
BSD
BGP
BIDI
BOF
BOC
BOF
CSIRT
CSMA/C
D
固有名詞 CSNET
CSOR
TSN
固有名詞
固有名詞
CWIS
CRC
CRC
D_ID
DAC
DAG/IP
DAG-
CAP
DAG-
SAP
DAG
固有名詞 DANTE
DAP
DAP
固有名詞(組織)
固有名詞 DARPA
DASS
DAC
DAC
???
DEA
DEA
DEK
DEK
DES
DES
DES
DLSw
X5911
X009
DSI
単位 dBmV
固有名詞(組織) DCA
固有名詞(組織) DCA
DCE
DCE
DCE
固有名詞 DDN
DDN
DDN
DDN NIC
DEA
???
???
???
DT
???
VC
固有名詞 DDN
固有名詞 DDN NIC
固有名詞 DISA
DEK
DEK
***
***
単にエンベロープの
方が判り易いのでは
。X0027,X5801では
封筒
DER
DER
DER
規格名称 DES
規格名称 DES
DES
DES
CBC
X4101
X5005
分類networking DUT
device
DF
DIB
DIB
DSA
DSS
DSS
DAP
DAP
DA
DA
DA
X5731 DIT
DIB
DMD
DSA
DSA
DSP
DUA
DUA
DUA
固有名詞 DISA
復興計画か
DAC
DAC
DAC
DER
DER
DN
DN
DN
DASS
DCE
DIT
DIT
Digital,Intel,Xerox
DLCI
DMD
DN
DNS
DNS
DNS
DOCSIS
DTP
DOI
DNS
DNS
DNS
DNS
DOI
DOI
DOS
DSN
DPA
RFC
DS
DS
DS
DS
DS
DS
DS
DS
DS
DS
DSA
DSA
DSA
DSA
DSA
DSA
DSBM
DS
DS
DSI
DSI
DSLAM
DSP
DSS
DTE
DTP
DUA
DUA
DUA
DUA
DUA
E1
E3
EAP
固有名詞 EARN
固有名詞 EARN
EBCDIC
ECB
ECDSA
EDI
EDIFACT
EE
EES
EFF
EGP
EGP
EGP-2
ECB
EDI
EDI
ESN
英文が電子署名と
いう用語をさけるの
なら訳語も修正して
は。
ECC
ECC
ECDSA
電磁、音響その他の
信号が放射若しくは
伝導によって放出さ
れること
EMSEC
EMSEC
EMV
ESP
ESP
ET
ES
EOF
EOR
ES
EES
EES
DES-IS
ESP
EBCDIC
EGP
XDR
FAN
FAQ
FIX
FIPS
FIPS
FNC
FPKI
FDDI
FTP
FTP
FTP
FTP
FIPS
FIPS
FIPS
FW
インシデント対応セキ FIRST
ュリティチームのフォ
FIX
FLEA
FLOGI
FAC
FNC
FNC
FA
FA
FIRST
FIRST
FBGJD
FBML
FIB
FR
FRMOL
FLEA
FPKI
FQDN
FRICC
FSM
FTAM
FTP
FTP
FTP
FTP
FTP
FQDN
FQHN
FYI
FYI
GCA
GSS-API
GSS-API
GCA
GGP
GLB
GOB
GOSIP
GOSIP
GOSIP
GOSIP
GRIP
GRIP
GC
GSS-API
GSTN
GUI
GULS
HARP
HARP
HPCC
HIPPI
HIPPI
HLD
HMAC
HMAC
HMAC
HA
HLR
HLR
HN
HP
HPCC
HRAL
HRAL
THT
HTML
HTML
HTML
HTML
HTTP
HTTP
https
HTML
HTML
HTTP
HTTP
I18N
IA
IAB
IAB
IAB
IAB
IAB
IANA
IANA
IANA
IANA
IATA
ICANN
ICANN
ICMP
ICMP
ICMP
ICMP
ICMP
ICRL
I-D
IDEA
IDEA
IEEE
IEEE 802
IEEE
802.10
IEEE
P1363
IEN
IEPG
IESG
IESG
IESG
IETF
IETF
IETF
IETF
IETF
IETF
IGP
IGP
IGP
IGRP
IHL
IINREN
IKE
IMAP4
IMHO
IMP
IMR
要確認
要確認
ICRL
ITSEC
ITSEC
INFOSEC
IW
IV
IV
IV
IEEE
IEEE
INTAP
ISDN
分類load Iload
IINREN
分類burst IBG
IGP
(IS)
(IS)
IS
IS
IS-IS
IDEA
ISO
ITU
ITAR
ITAR
IAB
IAB
IANA
IANA
ICMP
ICMP
ICANN
ICANN
ICANN
IEPG
IESG
IESG
IESG
IETF
IETF
IEN
IMAP4
IMR
IPRA
IP
IP
IP, IPv4
Ipsec
Ipsec
Ipsec
IPSO
IPSO
IPng, IPv6
IR
IRC
IRSG
IRTF
ISAKMP
ISAKMP
ISOC
ISPPP
ISD
ISD
ITAD
IPX
IPM
IPMS
ISMP
IONL
IP
IP
IP
IP
IP
IP
IP
IP
IP
IP
IPARS
IPM
IPMS
IPng, IPv6
IPRA
Ipsec,
IPsec
IKE
IPC-NAT
IPSC
IPX
IR
IRC
IRS
IRSG
IRSG
IRTF
IRTF
IRTF
IS
ISAKMP
ISD
ISDN
ISDN
IS-IS
IS-IS
ISN
ISO
ISO
ISO
ISO
ISO
ISO
ISO
ISODE
ISOC
ISOC
ISODE
ISODE
ISODE
ISP
ISS
ISSUER
ITAR
ITSEC
ITU
ITU
ITU-T
ITU-T
ITU-T
ITU-TSS
IV
IXI
JANET
JKREY
JUNET
KA9Q
KA9Q
KDC
KDC
KEA
KEK
KDC
KDC
KEA
KEA
KEA
XMP
XMP
KMID
KMID
KEK
L2
L2
L2F
L2TP
LAC
LNS
L3
L3
LAN
LOTOS
LOTOS
LEAF
L2F
L2F
L2TP
L2TP
L2TP
LDAP
LDAP
LF
LDAP
LDAP
LDAP
LIH
LIP
LLC
LAN
LS
LLC
LOGO
LW
LOTOS
LPM
LR
LS
LSA
LSB
LUB
MAAS
MAC
MAC
MAN
MD
MIB
MAC
MATIP
MFR
MOR
MTU
MTU
MB
MCA
MCNS
MCNS
MD
MD2
MD2
md2
MD2
MD4
MD4
MD5
MD5
MD5
md5
MD5
MAC
MG
MG
MGCU
MGC
MGC
MGC
MGU
MGU
MCA
利用者メッセージ
MAC
MAC
MAC
MD5
MD5
MHS
MSA
MTA
MTA
MTA
MTAE
MTS
MTS
MAN
MF
MHS
MHS
MHS
MIB
MIB
MIB
MIC
MNP
MIME
MIME
MIME
MIME
MISPC
MISPC
MISSI
MNP
MIN
MIN
MN
MN
MN
MN
MS
MS
MSC
MSC
MTAS
MTAS
MOSPF
MOSS
MSB
MSL
MSP
MTA
MTA
MTAE
MTL
MTS
MTU
MTU
MTU
MTU
MTU
MUA
MUD
MARS
MEG
ML
MCS
MLS
MCU
MIME
MUD
RFC2314 Obsoleted
NA
NAS
NCSC
NIAP
NIST
NIST
NREN
NSF
NSA
NAK
NAS
NAS
NAT
NFS
NFS
NIC
NIS
NIS
NNTP
NOC
NOC
NSAP
NTP
NHP
NHP
NFB
NFS
NFS
NFS®
NHOP
NIOP
NIC
NIC
NIC.DDN.
MIL
NIL
NIS
NIST
NIST
NIST
NIST
NLP
NLSP
NMS
NMS
NNI
NNTP
NOC
NOC
NSS
NBMA
NBMA
NAM
NAM
OID
Oload
OTP
OTP
OCSP
OSPF
OSI
OSIRM
OSIE
OPSEC
ORA
OTAPA
OTAPA
OTASP
OTASP
OTAF
OTAF
PCA
PCI
PCMCIA
PD
PDF
PDISC
PDU
PDU
PDU
PEM
PEM
PEM
PEM
PEM
PHB
PHB
PVC
PIN
PGP
PGP
PGP
PHOP
PI
PIBES
PIBES
PIN
PING
PINT
PIU
PKCS
PKCS
#10
PKCS
#11
PKCS #7
PKI
PKIX
PLOGI
PMTU
POP
PPP
PPP
PPP
PPTP
jj
PAA
MISSIPC
A
PDP
PDP
PDP
PEPs
PEP
PEP
PIN
POP
POP3
POP3
APOP
POP3
AUTH
POSI
POSIX
POP
PTT
PPP
PPP
PPP
PPTP
PRDMD
PGP
PGP
PAN
PEM
PEM
PRMD
PRMD
PDU
PT
SA
SC
SLA
SLP
SET
SGML
SGMP
SHA
SHA-1
SSD
S-HTTP
SI
SID
SIG
STP
SEP
SG
SG
SGU
SIG
SILS
SASL
SMTP
SNMP
STP
SITA
SKIA
SKIP
SKIP
JACK
SLIP
SLP
SMDS
SMI
SNA
SOCKS
TEMPES
T
SONET
SORA
SP3
SP4
SPAG
SPAM
SPC
SPI
SQL
SSH
SSL
SSO
SGML
STD
SN
Sun
SCN
SMDS
SDH
SONET
SSO
SUT
TA
TAC
TACACS,
TACACS
+
TCB
TCB
TCP
TCP/IP
TOSEC
TRIB
TERENA
TESS
TFTP
TH
TLA
CA参照
TOS
TOS
TOS
TP0
TP0
TP4
TP4
TCA
TERENA
TCB
TCP
TCP
TSN
TLS
TLS
TLSP
TRIP
TCSEC
(TCB
TSIG
TSAP
TSIG
TTFN
TTL
TTL
TTL
UA
UA
UAE
UAL
UBR
UCS
UCS-2
UCS-4
UDP
UDP
UDP
UDP
UID
UNI
URI
URL
URL
URN
ULA
ULA
UTC
UUCP
URI
URI
URL
URL
URL
URL
URL
URL
URN
UA
UA
UA
UA
UAC
UAS
UDP
UDP
UHO
UHO
UHO
UTC
UTC
UTF-16
UTF-8
UUCP
UUCP
VAN
VAN
VCID
VPN
VMS
VNS
VPN
VRML
W3
W3
WAIS
WAN
WG
WW_NN
WW_PN
WWW, W3
WWW
WWW, W3
WWW
WWW
XNS
XNS
XTACAC
S
YP
YP