---

Index

A number represents a single reference to a topic.

A number with a "+" sign represents a longer discussion of a topic.

A   B   C   D   E   F   H   I   K   L   M   N   O   P   Q   R   S   T   U   W   X   

A
access control entries. See ACEs
access control lists. See ACLs
access rights. See permissions
access
	self-restricted 1
	system-restricted 1
Accounts system preferences 1
ACEs 1
ACLs 1+
	in AFP 1
Active Directory 1
admin group 1 2
AFP 1 2
allow ACE 1
Apple Filing Protocol. See AFP
AppleCSP 1
AppleCSP/DL 1
AppleFileDL 1
AppleX509CL 1
asymmetric key cryptography 1
authentication 1+
	APIs 1
	definition 1
	digital certificate 1
	Kerberos 1
	one-time pad 1
	public key 1 2
	shared secret 1
	single signon 1
	time-based 1
authentication server 1
authorization 1 2+
	definition 1
	Kerberos 1
Authorization Computation Services 1
Authorization Services 1 2

B
bibliography 1+
BSD 1+
	admin group 1 2
	definition 1
	file system security policy 1 2
	in security architecture 1
	nobody 1 2
	owner-or-root security policy 1
	root EUID security policy 1
	root user 1 2 3
	wheel group 1
buffer overflow 1

C
CA. See certification authority
Caesar cipher 1
CDSA 1+
	in security architecture 1
	plug-in 1
CDSA plug-in 1+
certificate chain 1
certificate extensions 1
certificate library 1
Certificate, Key, and Trust Services 1 2
certificate. See digital certificate
certification authority 1 2
CFFTP 1
CFHTTP 1
CFHTTPAuthentication 1
CFNetwork 1 2 3
CFReadStream 1
CFStream Socket Additions 1
CFWriteStream 1
ciphertext 1
CL module 1
code execution, restrictions 1
code signing 1
Common Crypto 1
Common Data Security Architecture. See CDSA
Common Internet File System. See SMB/CIFS
Common Security Services Manager. See CSSM
cryptographic hash 1 2
Cryptographic Message Syntax Services 1
cryptographic service provider 1
Cryptographic Services 1
Cryptographic Services Manager 1
cryptography
	APIs 1
	asymmetric key 1
	private key 1
	public key 1
	secret key 1
	symmetric key 1
CSP 1
CSSM 1 2 3 4
CSSM services 1+

D
data storage library 1
decryption 1
deny ACE 1
Diffie-Hellman Key Exchange 1
digital certificate 1+
	authentication 1
	certificate chain 1
	certification authority 1 2
	contents 1
	displaying contents 1
	identity 1
	keychain access 1
	root 1
	Secure Transport API 1
	verifying 1
	X509TP Module 1
digital signature
	AppleX509CL module 1
digital signatures 1+
	code signing 1
	creation 1
	S/MIME messages 1
	verification 1 2
DL module 1

E
effective user ID 1
encryption 1
	of messages 1
	RSA 1
	strength of 1
execution of code, restrictions 1

F

file system ACLs. See ACLs

FileVault 1

FTP 1 2

H

HTTP 1 2 3

HTTPS 1

https 1

I

identification 1 2

identity 1

inheritance of permissions 1+

K
KDC. See Key Distribution Center
kerberized 1
Kerberos 1+ 2
	authentication 1
	authentication server 1
	authorization 1
	Key Distribution Center 1 2
	realm 1
	ticket-granting server 1
Key Distribution Center 1 2
key
	asymmetric 1
	cryptographic 1 2
	Diffie-Hellman 1
	private 1 2 3
	public 1 2 3
	secret 1
	session 1
	symmetric 1
keychain 1 2 3
Keychain Access 1
Keychain Manager 1
Keychain Services 1 2 3

L

LDAP 1 2

level of trust 1

libSystem 1

local security 1 2

M

MAC framework. See Mandatory Acccess Control framework

Mach 1

Mach port rights 1

man-in-the-middle attack 1

Mandatory Acccess Control framework 1

message digest 1

message encryption 1

Movie Toolbox Access Keys 1

N
Network File System. See NFS
networking. See also secure communication
networking
	file systems 1+
NFS 1
nobody 1 2

O

one-time pad 1

P
permissions 1+
	ACL file permission bits 1
	AFP 1
	BSD 1 2
	BSD file system security policy 1 2
	BSD owner-or-root security policy 1
	BSD root EUID security policy 1
	definition 1
	evaluating 1
	inheritance 1 2
	Mach port rights 1
PKI. See public key infrastructure
plaintext 1
policy, trust 1
port rights, Mach 1
private key
	cryptography 1
	identity 1
privileged operations 1
public key authentication 1+
public key cryptography 1
public key infrastructure 1

Q

quarantine 1

QuickTime 1

R

random numbers 1

Randomization Services 1

real user ID 1

realm 1

references 1 2

remote transport security 1 2

root certificate 1 2

root certification authority 1

root user 1 2 3

RSA encryption 1

running as root 1

S
sandboxing 1
saved user ID 1
secret key cryptography 1
secure communication 1+
	CFNetwork 1
	protocols 1
	Secure Transport 1 2
	SSL/TLS 1 2 3 4
	URL Loading System 1
Secure Socket Layer. See SSL
secure storage 1 2
Secure Transport 1 2 3 4 5
Security Agent 1
security contexts 1
Security Objective-C API 1
Security Server 1 2 3
Security system preferences 1
security
	local 1 2
	remote transport 1 2
self-restricted access 1
Server Message Block. See SMB/CIFS
setgid bit 1
setuid bit 1
SFAuthorization 1
SFAuthorizationView 1 2
SFCertificatePanel 1
SFCertificateTrustPanel 1
SFCertificateView 1
SFChooseIdentityPanel 1
SFKeychainSavePanel 1
SFKeychainSettingsPanel 1
shared secret 1
signatures, digital. See digital signatures
signing code 1
single signon 1 2
Smart Card Services 1
SMB/CIFS 1
SSL 1 2 3 4 5
sticky bit 1
superuser 1
symmetric key cryptography 1
system-restricted access 1

T
ticket-granting server 1
ticket-granting ticket 1
ticket
	Kerberos 1
	ticket-granting 1
time-based authentication 1
TLS 1 2 3 4 5
TP module 1
Transport Layer Security. See TLS
trust policy 1 2
trust policy plug-in 1

U

URL Loading System 1 2

user ID 1 2

USS Pueblo 1

UUIDs 1

W

Web-based Distributed Authoring and Versioning. See WebDAV

WebDAV 1

wheel group 1

X

X.509 ITU standard 1

---