MongoDB Notes
Access Control List
|
|
The process of confirm the identity of a user.
|
|
The process of determining what assets and processes the user is entitled to access.
|
|
|
|
|
An entity that issues digital certificates.
|
|
The entire set of components of an instance of MongoDB, including shards, replica sets, and the mongos instance.
|
|
Certificate Signing request is a block of encoded text that is given to a Certificate Authority when applying for an SSL Certificate. It contains the public key that will be included in the certificate.
|
|
A file that certifies the ownership of a public key by the named subject of the certificate. The format of certificates is specified by X.509.
|
|
Distinguished Name, a sequence of relative distinguished names connected by commas. A relative distinguished name is an attribute with an associated value in the form: attribute=value.
|
|
Directory Service Agent, the technical term for a LDAP server
|
|
DSA-Specific Entry
|
|
Internet Protocol
|
|
Key Distribution Center, a component of Kerberos which acts as its trusted third-party authentication service.
|
|
A network protocol that uses secret-key cryptography to authenticate client-server applications.
|
|
A keytab is a file containing pairs of Kerberos principals and an encrypted copy of that principal's key. his file is used to authenticate a principal on a host to Kerberos without human interaction or storing a password in a plain text file.
|
|
Key Management Interoperability Protocol, an extensible communication protocol that defines message formats for the manipulation of cryptographic keys on a key management server. KMIP is an OASIS standard.
|
|
Lightweight Directory Access Protocol, a client/server protocol used to access and manage directory information.
|
|
LDAP Data Interchange Format is a standard plain text data interchange format for representing LDAP directory content and update requests.
|
|
The ability in MongoDB to create the first user in the instance without authenticating, provided the database is accessed from the same computer as the one where the mongod is running. Only one user can be created this way. After that, you can add users only after authenticating.
|
|
MongoDB is an open source, non-SQL database database that uses a document-oriented data model.
|
|
A term that describes databases that use data models other than the relational database model.
|
|
OpenSSL is a cryptography library that provides an open source implementation of Secure Socket Layer (SSL) and TransportLayer Security (TLS) protocol.
|
|
In an LDAP directory, attributes that are intended for internal use.
|
|
The oplog (operations log) is a special capped collection that keeps a rolling record of all operations that modify the data stored in your databases. MongoDB applies database operations on the primary and then records the operations on the primary'soplog.
|
|
A Kerberos principal is a unique identity to which Kerberos can assign tickets. Principals can have an arbitrary number of components. Each component is separated by a component separator, generally `/'. The last component is the realm, separated from the rest of the principal by the realm separator, generally `@'. If there is no realm component in the principal, then it will be assumed that the principal is in the default realm for the context in which it is being used.
|
|
In MongoDB, a set of mongod instances, consisting of a primary server and two or more secondary servers. The primary server copies its data to the secondaries. If the primary server should fail, the secondaries will elect a new primary.
|
|
In an LDAP server, is a special entry that provides information about the server itself. It has a distinguished name of "".
|
|
Simple Authentication and Security Layer, a framework for authentication and data security in Internet protocols.
|
|
Salted Challenge Response Authentication Mechanism using the SHA-1 has function.
|
|
In MongoDB, sharding is a method of distributing data across multiple servers. Each instance is called a shard.
|
|
Secure Socket Layer, a standard security protocol for establishing an encrypted link between a two programs, for example a web server and a browser.
|
|
Subject Alternative Name (SAN) is an extension to X.509 that allows various values to be associated with a security certificate using a subjectAltName field. These values are called "Subject Alternative Names" (SANs). SANs are used to IP addresses, DNS names, and other information about a server.
|
|
In MongoDB, certain collections in the admin database that have a name beginning with "system.". An example is the system.roles collections.
|
|
Ticket Granting Ticket
|
|
Transport Layer Security, a cryptography protocol that provides communications security over a computer network.
|
|
A version of the Linux operating system.
|
|
Uniform Resource Identifier, a string used to identify a resource such as a file or service.
|
|
A command line utility for managing the lifecycle of virtual machines.
|
|
A plugin for Vagrant that keeps guest additions up to date.
|
|
A standard that defines the format of public key certificates.
|
