A B C D E F G H I L M N O P Q R S T U W
A |
|
| access point (AP) | A stand-alone wireless hub that allows any computer that has a wireless network adapter to communicate with another computer and to connect to the Internet. An access point has at least one interface that connects it to an existing wired network. See also wireless router/AP |
| ad hoc network | In ad hoc mode, wireless clients communicate directly with each other without the use of a wireless router/AP. Also known as a peer-to-peer network or a computer-to-computer network. |
| advanced network | An infrastructure network that uses some form of EAP authentication. |
| AES | Advanced Encryption Standard A replacement for WEP encryption. AES provides better encryption (is more secure) than WEP. |
| associated | The state when a wireless client adapter has made a connection with a chosen wireless router/AP. |
| association | The process by which a wireless client negotiates the use of a logical port with the chosen wireless router/AP. |
| authenticated provisioning | A provisioning mode supported by EAP-FAST Extensible Authentication Protocol in which provisioning is done inside a server-authenticated (TLS) tunnel. |
| AID | An authority identity that identifies an EAP-FAST authenticator. The local authenticator sends its AID to an authenticating wireless client, and the client checks its database for a matching AID. If the client does not recognise the AID, it requests a new PAC. |
| auto-provisioning | A way of managing EAP-FAST Extensible Authentication Protocol networks whereby a Protected Access Credential (PAC) is automatically provided to the wireless client when the user logs on to the network. |
| authentication | The process whereby preapproved wireless clients may join a collision domain. Authentication occurs before association. |
| available network |
|
B |
|
| base station | A stand-alone wireless hub that allows any computer that has a wireless network adapter to communicate with another computer and to connect to the Internet. A base station is usually referred to as an access point (AP). See also access point and wireless router/AP. |
| basic network |
|
| BER | bit error rate The ratio of errors to the total number of bits being sent in a data transmission from one location to another. |
| broadcasting network | A network that is broadcasting its network name. |
C |
|
| CA | Certification Authority An entity responsible for establishing and vouching for the authenticity of public keys belonging to users (end entities) or other certification authorities. Activities of a certification authority can include binding public keys to distinguished names through signed certificates, managing certificate serial numbers, and revoking certificates. |
| CCK | complimentary code keying The modulation technique for high and medium transmit rates. |
| CCKM | Cisco Centralized Key Management An authentication method in which an access point is configured to provide Wireless Domain Services (WDS) to take the place of the RADIUS server and to authenticate the client so quickly that there is no perceptible delay in voice or other time-sensitive applications. |
| CCMP | Counter-Mode/CBC-MAC Protocol An IEEE 802.11i encryption algorithm. In the IEEE 802.11i standard, unlike WPA, key management and message integrity is handled by a single component CCMP built around AES. |
| Cisco Compatible Extensions | A licensing agreement offered by Cisco Systems to enable interoperability of third-party client adapters and mobile devices with Cisco Aironet wireless local area network (LAN) infrastructure. |
| Cisco Compatible Extensions v4 | Version 4 of Cisco Compatible Extensions. |
| certificate | A digital document that is commonly used for authentication and secure exchange of information on open networks, such as the Internet, extranets, and intranets. A certificate securely binds a public key to the entity that holds the corresponding private key. Certificates are digitally signed by the issuing certification authority and can be issued for a user, a computer, or a service. The most widely accepted format for certificates is defined by the ITU-T X.509 version 3 international standard. See also intermediate certificate and root certificate. |
| certificate store |
The storage area on your computer where requested certificates are stored.
The user store is the Personal folder in the certificate store. The root store is in the Trusted Root Certification Authorities folder in the certificate store. The machine store is on the authentication server of the certification authority. |
| CKIP | Cisco Key Integrity Protocol A Cisco proprietary security protocol for encryption in IEEE 802.11 media. CKIP uses key permutation, message integrity check and message sequence number to improve IEEE 802.11 security in infrastructure mode. |
| CHAP | Challenge Handshake Authentication Protocol An authentication scheme used by Point-to-Point-Protocol servers to validate the identity of the originator of a connection, upon connection or any time later. |
| CSP | cryptographic service provider A cryptographic service provider contains implementations of cryptographic standards and algorithms. A smart card is an example of a hardware-based CSP. |
| CSMA/CA | carrier sense multiple access with collision avoidance An IEEE 802.11 protocol that ensures that the number of collisions within a domain are kept to a minimum. |
D |
|
| dBm | A unit of expression of power level in decibels with reference to a power of 1 milliwatt. |
| DBPSK | differential binary phase shift keying The modulation technique used for low transmit rate. |
| DHCP | Dynamic Host Configuration Protocol A mechanism for allocating IP addresses dynamically so that addresses can be reused when hosts no longer need them. |
| DQPSK | differential quadrature phase shift keying The modulation technique used for standard transmit rate. |
| DSSS | direct sequence spread spectrum A spreading technique in which various data, voice, and/or video signals are transmitted over a specific set of frequencies in a sequential manner from lowest to highest frequency, or highest to lowest frequency. |
E |
|
| EAP | Extensible Authentication Protocol EAP ensures mutual authentication between a wireless client and a server that resides at the network operations center. |
| EAP-FAST | Extensible Authentication Protocol-Flexible Authentication via Secure Tunneling AuthenticationA standards-based extensible framework developed by Cisco Systems that uses symmetric key algorithms to achieve a tunneled authentication process. |
| EIRP | effective isotropic radiated power Expresses the performance of a transmitting system in a given direction. EIRP is the sum of the power at the antenna input plus antenna gain. |
F |
|
| file and printer sharing | A capability that allows a number of people to view, modify, and print the same file(s) from different computers. |
| fragmentation threshold | The threshold at which the breaks the packet into multiple frames. This determines the packet size and affects the throughput of the transmission. |
G |
|
| GHz | gigahertz A unit of frequency equal to 1 000 000 000 cycles per second. |
| GINA | Graphical Identification and Authentication A dynamic link library (DLL) file that is part of the Windows operating system. GINA is loaded early in the boot process and handles the user identification and authorization logon process. |
| GTC | Generic Token Card A type of tunneled authentication protocol used in conjunction with PEAP authentication in which the user types the data displayed by a token card device when logging on to the wireless network. |
H |
|
| host computer | The computer that is directly connected to the Internet via a modem or network adapter. |
I |
|
| IEEE | Institute of Electrical and Electronics Engineers, Inc. |
| IEEE 802.1X-2001 | The IEEE standard for Port Based Network Access Control. The IEEE 802.1X standard enforces authentication of a network node before it can begin to exchange data with the network. |
| IEEE 802.11a | The 54 Mbit/s, 5 GHz standard (1999) |
| IEEE 802.11b | The 11 Mbit/s, 2.4 GHz standard. |
| IEEE 802.11d | International (country-to-country) roaming extensions. |
| IEEE 802.11e | IEEE 802.11e (as of July 2005) is a draft standard that defines a set of Quality of Service enhancements for LAN applications, in particular the IEEE 802.11 Wi-Fi® standard. The standard is considered of critical importance for delay-sensitive applications, such as Voice over Wireless IP and Streaming Multimedia. |
| IEEE 802.11g | The 54 Mbit/s, 2.4 GHz standard (backwards compatible with IEEE 802.11b) (2003) |
| IEEE 802.11h | A supplementary standard to IEEE 802.11 to comply with European regulations. It adds transmission power control and dynamic frequency selection. |
| IEEE 802.11i | IEEE 802.11i (also known as WPA2™) is an amendment to the IEEE 802.11 standard specifying security mechanisms for wireless networks. The draft standard was ratified on 24 June 2004, and supersedes the previous security specification, Wired Equivalent Privacy (WEP), which was shown to have severe security weaknesses. |
| IETF | Internet Engineering Task Force A large open international community of network designers, operators, vendors, and researchers concerned with the evolution of the Internet architecture and the smooth operation of the Internet. |
| infrastructure network | A network in which there is at least one wireless router/AP and one wireless client. The wireless client uses the wireless router/AP to access the resources of a traditional wired network. The wired network can be an organization intranet or the Internet, depending on the placement of the wireless AP. |
| Initiator ID | The peer identity bound to a PAC. |
| intermediate certificate | A certificate issued by an intermediate certification authority (CA). See also root certificate. |
| Internet Protocol (IP) address | The address of a computer that is attached to a network. Part of the address designates which network the computer is on, and the other part represents the host identification. |
| IPv6 | Internet Protocol Version 6 IPv6 is the next generation protocol designed by the IETF to replace the current version Internet Protocol, IP Version 4 (IPv4). |
| ISM frequency bands | Industrial, Scientific, and Medical frequency bands in the range of 902–928 MHz, 2.4–2.485 GHz, 5.15–5.35 GHz, and 5.75–5.825 GHz. |
| ITU-T X.509 | In cryptography, ITU-T X.509 is an International Telecommunication Union Telecommunication Standardization Sector (ITU-T) standard for public key infrastructure (PKI). Among other things, ITU-T X.509 specifies standard formats for public key certificates and a certification path validation algorithm. |
L |
|
| LAN | local area network A high-speed, low-error data network covering a relatively small geographic area. |
| LEAP | Light Extensible Authentication Protocol A version of Extensible Authentication Protocol (EAP). EAP ensures mutual authentication between a wireless client and a server that resides at the network operations center. |
M |
|
| m | meter |
| MD5 | Message Digest 5 An algorithm that takes an input message of arbitrary length and produces an output in the form of a 128-bit fingerprint or message digest. It is intended for digital signature applications where a large file must be compressed in a secure manner before being encrypted with a private key under a public-key algorithm such as RSA. |
| MHz | megahertz A unit of frequency equal to 1 000 000 cycles per second. |
| Mbit/s | megabits per second Transmission speed of 1 000 000 bits per second. |
| MS-CHAP | Microsoft Challenge Handshake Authentication Protocol MS-CHAP uses the Message Digest 4 (MD4) hashing algorithm and the Data Encryption Standard (DES) encryption algorithm to generate the challenge and response and provides mechanisms for reporting connection errors and for changing the user's password. |
| MS-CHAPv2 | Microsoft Challenge Handshake Authentication Protocol version 2 This protocol provides mutual authentication, stronger initial data encryption keys, and different encryption keys for sending and receiving. To minimise the risk of password compromise during MS-CHAP exchanges, MS-CHAPv2 supports only a newer, more secure, version of the MS-CHAP password change process. |
N |
|
| network key | A string of characters that the user must type when creating a wireless network connection profile that uses WEP, TKIP, or AES encryption. Small office/home office users can obtain this string from the wireless router/AP installer. Enterprise users can obtain this string from the network administrator. |
| nonbroadcasting network | A network that is not broadcasting its network name. To connect to a nonbroadcasting network, you must know the network name (SSID) and search for the network name. |
| ns | nanosecond 1 billionth (1/1 000 000 000) of a second. |
O |
|
| OFDM | orthogonal frequency division multiplexing A frequency division modulation technique for transmitting signals by splitting the radio signal into various frequencies that are then transmitted simultaneously, rather than sequentially. |
P |
|
| PAC | Protected Access Credential Credentials distributed to a peer for future optimised network authentication. The PAC comprises, at most, three components: a shared secret, an opaque element, and optionally, other information. The shared secret part contains the preshared key between the peer and authentication server. The opaque part is provided to the peer and is presented to the authentication server when the peer wishes to obtain access to network resources. Finally, a PAC may optionally include other information that may be useful to the client. |
| PAP | Password Authentication Protocol A method for verifying the identity of a user attempting to log on to a Point-to-Point server. |
| PEAP | Protected Extensible Authentication Protocol A version of Extensible Authentication Protocol (EAP). EAP ensures mutual authentication between a wireless client and a server that resides at the network operations center. |
| PKI | public key infrastructure In cryptography, a public key infrastructure (PKI) is an arrangement that provides for third-party vetting of, and vouching for, user identities. It also allows binding of public keys to users. This is usually carried by software at a central location together with other coordinated software at distributed locations. The public keys are typically in certificates. |
| Power Save mode | The state in which the radio is periodically powered down to conserve power. When the radio is in Power Save mode, receive packets are stored in the AP until the radio comes on. |
| preferred network | A network connection profile created using Windows WZC. Such profiles are listed under Preferred networks on the Wireless Networks tab in Windows Wireless Network Connection Properties. |
| preferred network connection | A network connection profile created using the USRobotics Wireless Utility. |
| provisioning | Providing a peer with a trust anchor, shared secret, or other appropriate information necessary for establishing a security association. |
Q |
|
| QAM | quadrature amplitude modulation A modulation technique that uses variations in signal amplitude and phase to represent data-encoded symbols as a number of states. |
| Quality of Service | Quality of Service (QoS) refers to the capability of a network to provide better service to selected network traffic over various technologies. See IEEE 802.11e. |
R |
|
| RADIUS | Remote Access Dial-In User Service |
| residential gateway | A stand-alone wireless hub that allows any computer that has a wireless network adapter to communicate with another computer and to connect to the Internet. A residential gateway is also referred to as an access point (AP). |
| RF | radio frequency |
| roaming | A feature of the that enables wireless clients to move through a facility while maintaining an unbroken connection to the wireless network. |
| root certificate | Internet Explorer divides certification authorities (CAs) into two categories, root certification authorities and intermediate certification authorities. Root certificates are self-signed, meaning that the subject of the certificate is also the signer of the certificate. Root CAs have the ability to assign certificates for intermediate CAs. An intermediate CA has the ability to issue server certificates, personal certificates, publisher certificates, or certificates for other intermediate CAs. |
| RTS threshold | The number of frames in the data packet at or above which an RTS/CTS (request to send/clear to send) handshake is turned on before the packet is sent. The default value is 2347. |
S |
|
| scanning | An active process in which the sends Probe-Request frames on all channels of the ISM frequency range and listens for the Probe-Response frames sent by wireless routers/APs and other wireless clients. |
| single sign-on | A process that allows a user with a domain account to log on to a network once, using a password or smart card, and to gain access to any computer in the domain. |
| smart card | Smart cards are small portable credit-card shaped devices with internal integrated circuits (ICs). The combination of the small size and IC make them valuable tools for security, data storage, and special applications. The use of smart cards can improve user security by combining something a user has (the smart card) with something only the user should know (a PIN) to provide two-factor security that is more secure than passwords alone. |
| SSID | service set identifier A value that controls access to a wireless network. The SSID for your must match the SSID for any access point that you want to connect with. If the value does not match, you are not granted access to the network. You can have up to three SSIDs. Each SSID can be up to 32 characters long and is case-sensitive. Also referred to as the network name. |
| STA | Station A computer that is equipped with a wireless LAN network adapter (see also wireless client). A station can be stationary or mobile. |
T |
|
| TKIP | Temporal Key Integrity Protocol An enhanced wireless security protocol that is part of the IEEE 802.11i encryption standard for wireless LANs. TKIP provides per-packet key mixing, a message integrity check (MIC), and a rekeying mechanism. |
| TLS | Transport Layer Security The successor to Secure Sockets Layer (SSL) protocol for ensuring privacy and data integrity between two communicating applications. |
| TTLS | Tunneled Transport Layer Security These settings define the protocol and the credentials used to authenticate a user. In TTLS, the client uses EAP-TLS to validate the server and create a TLS-encrypted channel between the client and server. The client can use another authentication protocol (typically password-based protocols, such as MD5 Challenge) over this encrypted channel to enable server validation. The challenge and response packets are sent over a nonexposed TLS encrypted channel. |
| TPM |
Trusted Platform Module A security hardware device on
the system board that holds computer-generated keys for encryption. It is
a hardware based solution that can help avoid attacks by hackers looking
to capture passwords and encryption keys to sensitive data.
The security features provided by the TPM are internally supported by the following cryptographic capabilities of each TPM: hashing, random number generation, asymmetric key generation, and asymmetric encryption/decryption. Each individual TPM on each individual computer system has a unique signature initialized during the silicon manufacturing process that further enhances its trust/security effectiveness. Each individual TPM must have an owner before it is useful as a security device. |
U |
|
| UAPSD | Unscheduled Automatic Power Save Delivery An enhanced power-save mode for IEEE 802.11e networks. |
W |
|
| WEP | Wired Equivalent Privacy A form of data encryption. WEP is defined by the IEEE 802.11 standard and is intended to provide a level of data confidentiality and integrity that is equivalent to a wired network. Wireless networks that use WEP are more vulnerable to various types of attacks than those that use WPA. |
| wireless client | A personal computer equipped with a wireless LAN network adapter such as the . |
| wireless router/AP | A stand-alone wireless hub that allows any computer that has a wireless network adapter to communicate with another computer and to connect to the Internet. The wireless router/AP has at least one interface that connects it to an existing wired network. See also access point. |
| WLAN | wireless local area network A local area network (LAN) that sends and receives data by way of radio. |
| WMM™ | Wi-Fi Multimedia WMM™ improves user experience for audio, video, and voice applications over a wireless network by prioritizing streams of content and optimizing the way the network allocates bandwidth among competing applications. |
| WPA2 | Wi-Fi Protected Access Wi-Fi Protected Access™ (WPA2™) is a specification of standards-based, interoperable security enhancements that strongly increase the level of data protection and access control for existing and future wirelessLAN systems. Designed to run on existing hardware as a software upgrade, Wi-Fi Protected Access is based on the final IEEE 802.11i amendment to the IEEE 802.11 standard. WPA2 provides government grade security by implementing the National Institute of Standards and Technology (NIST) FIPS 140-2 compliant AES encryption algorithm. WPA2 is backward compatible with WPA. |
| WPA-PSK | Wi-Fi Protected Access Preshared Key. A network authentication mode that does not use an authentication server. It can be used with AES or TKIP data encryption types. WPA-Personal (PSK) requires configuration of a preshared key (PSK). You must type a text phrase from 8 to 63 characters long, or a hexadecimal key 64 characters long for a preshared key 256 bits in length. The data encryption key is derived from the PSK. WPA2-PSK is a more recent version of this authentication mode based on IEEE 802.11i. |
| WPN | The file name extension of a wireless preferred network connection profiles file. |
| WZC | Wireless Zero Configuration Service The Windows service for connecting to a wireless network. |