Connect to the Purdue Home Page

Purdue University

Identity and Access Management


This page contains a glossary of terms used in I2A2 documentation


The C language escape code for the ASCII new line character, NL, decimal 10; NL ends I2A2 external protocol messages.


The C language escape code for the ASCII carriage return character, CR, decimal 13; CR is an additional, but optional, I2A2 external protocol message ending character.


The C language escape code for the ASCII TAB character, VT, decimal 11; TAB is the field terminator character in the I2A2 external protocol.


Access Control List, a resource access limiting facility based on identity


A two to eight character token, containing lower case alphabetic characters and numbers. The alias is currently borrowed from login names in the Purdue University career account database.


The Active Server Pages feature of Microsoft Internet Information Services. I2A2 support for ASP may be found in the I2A2 PUIDCL Client Access Library


The abbreviation for the authorizer DBM

Apache Web Server

A UNIX web server, more correctly named The Apache HTTP Server, made available by the Apache Software Foundation at Apache HTTP Server Project. The I2A2 link describes packages for installing the Apache Web server on UNIX systems.

Authentication Realm

An I2A2 concept, defining a specific organizational administration unit for authentication token, both passwords and certificates. Also see the Purdue Realm.

Boolean Expression

A Boolean expression is a logical statement in a mathematical form named after its inventor, George Boole. Boolean expressions are used in I2A2 to express authorization characteristics queries; they evaluate to a true or false answer.


Certificate Authority, an organization that manufactures, distributes and manages certificates.

Career Account

A computer login assigned to each student and staff member on the Purdue West Lafayette campus. A career account is called coordinated when its name matches the person's Email address.

Carriage Return

See \r.


ColdFusion is a Macromedia software package containing a web scripting language that can be used to perform authentication (binding) via the I2A2 LDAP protocol converter.

Coordinated Purdue Career Account

See Career Account.


A Public Key Infrastructure (PKI) entity for authentication. Also see PKI and X.509 Certificate.


An authorization association for a PUID. Also see Boolean Expression.

Characteristic Expression

See Boolean Expression.


The LDAP Common Name attribute.


See \r


Data Base Manager, I2A2 fast access maintainers of identification, authentication, and authorization information.


The LDAP distinguished name.


Entropy Gathering Daemon, a facility for generating PRNG seeding information for OpenSSL; see it's man page.

Entropy Gathering Daemon

A freeware daemon that generates random information, suitable for seeding OpenSSL's PRNG; also see EGD and OpenSSL

Ethical Use

A statement about the ethical use of I2A2 authentication credentials by web servers and applications.


A human resources identification number, currently the Social Security Number (SSN). A new system (see HRIS), scheduled for deployment in early 2003, will use a number other than the SSN.


Human Resource Information System


The infrastructure for identification, authentication and authorization.


The Internet Engineering Task Force


The Lightweight Directory Access Protocol, described in RFC 2241 and the "LDAP bible"

Luhn Check Digit

A base ten check digit, appearing in the last position of a number, computed from the initial digits of the number, used to detect errors of transcription in the digits of the number. The algorithm is described in ANSI/ISO/IEC 7812-1:1993 and is derived from the Luhn formula.


Modules for the Apache web server that implement SSL transactions. Also see Apache Web Server and SSL.


A Network Access Server, sometimes called a terminal server; both can get authentication and authorization services from a RADIUS protocol server.

New Line

See \n.


See \n.


The Oracle Application Server, a web based interface to an Oracle database.


The X.500 Object IDentifier, described in ITU-T Rec. X.500, "The Directory: Overview pf Concepts, Models and Service." 1993


A UNIX SSL library, produced by the OpenSSL Project. Also see SSL.


A UNIX Pluggable Authentication Module, an API that supports flexible implementation of authentication access policies.


The UNIX process identifier, an integer that uniquely identifies each process running on the computer.


A public key infrastructure, supporting the use of public keys. See also CA, Certificate Authority and X.509 Certificate.


A pseudo-random number generator -- e.g.,as used by OpenSSL.


The Purdue University identifier, a ten digit public number with Luhn check digit.

Purdue Realm Password

An X.509 certificate issued by the Purdue Certificate Authority. Also see CA, X.509 Certificate, and Purdue Certificates.

Purdue Realm

The authentication realm that contains the Purdue password, also the career account password. Also see Career Account.


The Remote Authentication Dial In User Service (RADIUS), described in RFC 2865.


The LDAP Relative Distinguished Name.


An I2A2 authentication organization, responsible for the maintenance of a particular set of authentication tokens.


The abbreviation for the reflector DBM.


A Request for Comments, an Internet standards document.


The Purdue student identification number; it often is the Social Security Number.


The LDAP surname attribute.


The Secure Sockets Layer, a protocol for encrypting the TCP/IP channel between a client and a server, designed by NetScape.


See \t.

Vertical Tab

See \t.


See \t.

X.509 Certificate

A private key, public key certificate, conforming to the ANSI X.509 standard .

Feedback | Contact Purdue
Maintained by: IAMO Team

Purdue University, West Lafayette, IN 47907, (765) 494-4600
© 2010 - 2013 Purdue University | An equal access/equal opportunity university | Copyright Complaints
If you have trouble accessing this page because of a disability, please contact the CSC at or (765) 494-4000.