Security

From Just Solve the File Format Problem
(Difference between revisions)
Jump to: navigation, search
(References)
(Electronic signatures)
(42 intermediate revisions by 3 users not shown)
Line 5: Line 5:
 
}}
 
}}
  
Formats specific to the storage and transmission of security information. See also [[Encryption]].
+
Formats specific to the storage and transmission of security information.
  
== Digital Certificates ==
+
''See also:''
 +
* [[Encryption]]
 +
* [[E-Mail, newsgroups, and forums#Secure messaging|E-Mail, newsgroups, and forums: Secure messaging]]
 +
 
 +
== App provisioning and DRM ==
 +
Main article: [[Digital Rights Management]]
 +
 
 +
* [[Mobile Provision file]] (.mobileprovision; used for installing iOS apps)
 +
 
 +
== Authentication ==
 +
* [[SAML]] (Security Assertion Markup Language)
 +
 
 +
== Claim representation ==
 +
* [[JSON Web Tokens]] (JWT)
 +
 
 +
== Digital certificates, keys, etc. ==
 
* [[ASCII Armor]] (.arm; old for base64)
 
* [[ASCII Armor]] (.arm; old for base64)
 +
* [[Card Verifiable Certificate]] (CVC)
 
* [[Canonical Encoding Rules]] (.cer)
 
* [[Canonical Encoding Rules]] (.cer)
 
* [[Certificate Revocation List]] (.crl)
 
* [[Certificate Revocation List]] (.crl)
* [[Certificate Signing Request]] (.csr)
+
* [[Certificate Signing Request]]
 
* [[Certificate Trust List]] (.stl)
 
* [[Certificate Trust List]] (.stl)
 
* [[DER]] (Distinguished Encoding Rules)
 
* [[DER]] (Distinguished Encoding Rules)
* [[DER encoded certificate]] (.der, .crt)
+
** [[DER encoded certificate]] (.der, .crt)
* [[DER encoded RSA private key]]
+
** [[DER encoded RSA private key]]
 
* [[Microsoft Serialized Certificate Store]] (.sst)
 
* [[Microsoft Serialized Certificate Store]] (.sst)
 
* [[PEM]]
 
* [[PEM]]
* [[PEM encoded certificate]] (.pem, .crt)
+
** [[PEM encoded certificate]] (.pem, .crt)
* [[PEM encoded RSA private key]] (.key)
+
** [[PEM encoded RSA private key]] (.key)
 
* [[PFX (original format)]]
 
* [[PFX (original format)]]
* [[PKCS7]] (PKCS #7, Cryptographic Message Syntax Standard)
+
* [[PGP public key]]
* [[PKCS7 certificate]] (.p7b, .p7c, .spc)
+
* [[PKCS]]
* [[PKCS12]] (PKCS #12, PFX, Personal Information Exchange, .p12, .pfx)
+
** [[PKCS7]] (PKCS #7, Cryptographic Message Syntax Standard)
 +
** [[PKCS7 certificate]] (.p7b, .p7c, .spc)
 +
** [[PKCS10]] (PKCS #10 Certificate Signing Request, .p10, .csr)
 +
** [[PKCS11]] (PKCS #11 Cryptographic Token Interface Standard; Cryptoki API)
 +
** [[PKCS12]] (PKCS #12, PFX, Personal Information Exchange, .p12, .pfx)
 
* [[PVK]]
 
* [[PVK]]
 
* [[RSA private key]]
 
* [[RSA private key]]
 +
* [[SPKAC]]
 
* [[X.509 certificate]]
 
* [[X.509 certificate]]
  
== App provisioning and DRM ==
+
=== Digital certificate collections ===
* [[Mobile Provision file]] (.mobileprovision; used for installing iOS apps)
+
 
 +
* [[Security Catalog]]
 +
 
 +
== Electronic signatures ==
 +
* [[Authenticode signature]]
 +
* [[Digital watermark]]
 +
* [[FSecure (PaceSoft)]]
 +
* [[HMAC]] (Hash-based message authentication code)
 +
* [[JSON Web Signatures]] (JWS)
 +
 
 +
== Malware/spyware ==
 +
* [[Pegasus]]
 +
* [[Regin]]
 +
* [[Superfish]]
 +
 
 +
== Passwords ==
 +
* [[eWallet]]
 +
* [[passwd]] (/etc/passwd)
 +
 
 +
See also [[Encryption#Password hashes]].
 +
 
 +
== Protocols ==
 +
* [[TLS]] (including SSL)
 +
 
 +
== Security policies ==
 +
* [[Adobe Cross Domain Policy File]]
 +
* [[Content Security Policy]]
 +
* [[Label Encodings]] (files determining information classification labels for multi-level security environments)
 +
* [[PAM configuration file]]
 +
* [[Security.txt]]
 +
* [[Sudoers]] (module and file determining user privileges)
 +
 
 +
== Software ==
 +
* [[OpenSSL]]
 +
 
 +
== Verification ==
 +
* [[Verifpal]] (.vp) (language for modeling aspects of security protocols to test for soundness)
  
== References ==
+
== Links and references ==
 
* [http://blogs.msdn.com/b/kaushal/archive/2010/11/05/ssl-certificates.aspx Various SSL/TLS Certificate File Types/Extensions (MSDN article)]
 
* [http://blogs.msdn.com/b/kaushal/archive/2010/11/05/ssl-certificates.aspx Various SSL/TLS Certificate File Types/Extensions (MSDN article)]
 
* [https://hashcat.net/oclhashcat-plus/ Hashcat: password cracking program]
 
* [https://hashcat.net/oclhashcat-plus/ Hashcat: password cracking program]
 +
* [http://7habitsofhighlyeffectivehackers.blogspot.com/2013/11/can-someone-be-targeted-using-adobe.html Can someone be targeted using the Adobe breach?]
 +
* [http://xkcd.com/1286/ xkcd comic about Adobe password breach situation]
 +
* [http://pardydba.wordpress.com/2013/11/08/improving-security-in-your-web-browsers-firefox/ Improving security in Firefox]
 +
* [http://www.dustbury.com/archives/17867 2014 Super Bowl security (picture)]
 +
* [http://www.washingtonpost.com/business/technology/senate-cybersecurity-report-finds-agencies-often-fail-to-take-basic-preventive-measures/2014/02/03/493390c2-8ab6-11e3-833c-33098f9e5267_story.html Senate cybersecurity report finds agencies often fail to take basic preventive measures]
 +
* [http://www.bbc.com/news/technology-26879185 Xbox password flaw exposed by five-year-old boy] (And Microsoft thanked the kid instead of getting him arrested, imagine that.)
 +
* [http://dankaminsky.com/2014/04/10/heartbleed/ Be Still My Breaking Heart]
 +
* [http://blog.fastmail.fm/2014/04/10/when-two-factor-authentication-is-not-enough/ When two-factor authentication is not enough]
 +
* [http://www.tedunangst.com/flak/post/origins-of-libressl origins of libressl]
 +
* [http://dheera.net/projects/blur Why blurring sensitive information is a bad idea]
 +
* [http://arstechnica.com/security/2015/04/28/how-to-crack-any-master-lock-combination-in-8-tries-or-less/ How to crack many Master Lock combinations in eight tries or less]

Revision as of 17:21, 4 June 2022

File Format
Name Security
Ontology

{{{caption}}}

Formats specific to the storage and transmission of security information.

See also:

Contents

App provisioning and DRM

Main article: Digital Rights Management

Authentication

  • SAML (Security Assertion Markup Language)

Claim representation

Digital certificates, keys, etc.

Digital certificate collections

Electronic signatures

Malware/spyware

Passwords

See also Encryption#Password hashes.

Protocols

  • TLS (including SSL)

Security policies

Software

Verification

  • Verifpal (.vp) (language for modeling aspects of security protocols to test for soundness)

Links and references

Personal tools
Namespaces

Variants
Actions
Navigation
Toolbox