Two types of X.509 certificates exist: The X.509 public key certificate (most commonly used) and The X.509 attribute certificate (less commonly used). The X.509 public key certificate is created with the public key for a user (or device) and a name for the user (or device), together with optional information, is rendered unforgeable by the digital signature of the certification authority (CA) that issued the certificate, and is encoded and formatted according to the X.509 standard. The X.509 public key certificate contains three nested elements: (1) the tamper-evident envelope, which is digitally signed by the source, (2) the basic certificate content (e.g., identifying information about a user or device and public key), and (3) extensions that contain optional certificate information.
Extensible access control markup language (XACML) combined with extensible markup language (XML) access control policy is a framework that provides a general-purpose language for specifying distributed access control policies.
Digital subscriber line is a group of broadband technology connecting home/business telephone lines to an Internet service provider’s (ISP’s) central office. Several variations of XDSL exist such as SDSL, ADSL, IDSL, and HDSL.
Extended hypertext markup language (XHTML) is a unifying standard that brings the benefits of XML to those of HTML. XHTML is the new Web standard and should be used for all new Web pages to achieve maximum portability across platforms and browsers.
Extensible markup language, which is a meta-language, is a flexible text format designed to describe data for electronic publishing. The Web browser interprets the XML, and the XML is taking over the HTML for creating dynamic Web documents.
A process/mechanism for encrypting and decrypting XML documents or parts of documents.
XML gateways provide sophisticated authentication and authorization services, potentially improving the security of the Web service by having all simple object access protocol (SOAP) messages pass through a hardened gateway before reaching any of the custom-developed code. XML gateways can restrict access based on source, destination, or WS-Security authentication tokens.
A language for describing and defining the structure, content, and semantics of XML documents.
A mechanism for ensuring the origin and integrity of XML documents. XML signatures provide integrity, message authentication, or signer authentication services for data of any type, whether located within the XML that includes the signature or elsewhere.
Exclusive OR, which is a Boolean operation, dealing with true or false condition (that is, something is either true or false but not both). It is the bitwise addition, modulo2, of two bit strings of equal length. For example, XOR is central to how parity data in RAID levels is created and used within a disk array (that is, yes parity or no parity). It is used for the protection of data and for the recovery of missing data.
X.25 over transmission control protocol (TCP).
Used to define the parts of an XML document, using path expressions.
Provides functionality to query an XML document.
Extensible style language (XSL) file is used in dynamic content generation where Web pages can be written in XML and then converted to HTML.
Z
A zero-day attack or threat is a computer threat that tries to exploit computer application vulnerabilities that are unknown to others, undisclosed to the software vendor, or for which no security fix is available. Zero-day attacks, exploits, and incidents are the same.
Similar to normal or full backup where it archives all selected files and marks each as having been backed up. An advantage of this method is the fastest restore operation because it contains the most recent files. A disadvantage is that it takes the longest time to perform the backup.
Zero-day exploits (actual code that can use a security vulnerability to carry out an attack) are used or shared by attackers before the software vendor knows about the vulnerability. Zero-day attacks, exploits, and incidents are the same.
Zero-day incidents are attacks through previously unknown weaknesses in computer networks. Zero-day attacks, exploits, and incidents are the same.
Zero day warez (negative day) refers to software, games, videos, music, or data unlawfully released or obtained on the day of public release. Either a hacker or an employee of the releasing company is involved in copying on the day of the official release.
To fill unused storage locations in an information system with the representation of the character denoting “0.”