
RSA RADIUS Server 6.1 Administrator’s Guide Glossary 101
IETF Internet Engineering Task Force. Technical subdivision of the Internet
Architecture Board that coordinates the development of Internet standards.
MIB Management Information Base.
NAS Network Access Server. Network device that accepts connection requests from
remote users, authenticates users through RADIUS, and routes users onto the
network. Identical in meaning to RAS.
New Pin mode Status assigned to a user’s token when its PIN has been compromised or when
the authorized user has forgotten the PIN. If the administrator clears the PIN, the
old PIN can no longer be used for authentication, and the next authentication
attempt with the token initiates the New PIN procedure. If the administrator
does not clear the PIN, the old PIN can be used one more time.
Next Tokencode
Status assigned to a user’s token if the token has drifted out of synch with the
RSA Authentication Manager’s system clock or if there has been a series of
unsuccessful authentication attempts. Requiring that the user enter two
consecutive tokencodes ensures that the user has possession of the token.
node secret Symmetric key used to encrypt communication between RSA RADIUS Server
and RSA Authentication Manager.
PAP Password Authentication Protocol.
passcode A one-time authentication string consisting of a user’s PIN followed by the user’s
PEAP Protected Extensible Authentication Protocol. A two-phase authentication
protocol where (1) an authentication server is authenticated to a supplicant using
a digital certificate and a secure channel is established; and (2) the supplicant is
authenticated to the authentication server through the secure channel.
PIN Personal Identification Number. The numeric or alphanumeric string that
identifies a user as being authorized for a specific RSA SecurID token.
A RADIUS server that acts as the hub for database replication. Compare Replica
RADIUS Server.
profile A record in the RADIUS database describing the checklist attributes and return list
attributes that should be associated with a user or group of users.
RADIUS Remote Authentication Dial-In User Service. A security administration standard
that functions as an information clearinghouse, storing authentication