Ver:
Método
mediante el cual dos o más entidades separadas poseen componentes de una clave,
pero que, de forma individual, no pueden descifrar la clave criptográfica
resultante.
http://es.pcisecuritystandards.org
1. Condición
bajo la cual dos o más partes, separada y confidencialmente, custodian los
componentes de una clave criptográfica. Dichos componentes, aisladamente, no
permiten conocer esta última (ISO-8732)
2. Propiedad
de un sistema o procedimiento de seguridad que impide el acceso a los recursos
si no median dos o más entidades diferentes autorizadas.
Según esta
última definición es término sinónimo de: Control dual y Separación de
funciones.
[Ribagorda:1997]
Sistema de
protección de funciones o información sensible, por el cual dos o más entidades
diferentes cuando actúan separadamente no pueden acceder o utilizar los
recursos de un sistema pero sí cuando lo hacen concertadamente. [CESID:1997]
1. Separation of data or
information into two or more parts, each part constantly kept under control of
separate authorized individuals or teams so that no one individual or team will
know the whole data.
2. A process by which a
cryptographic key is split into multiple key components, individually sharing
no knowledge of the original key, which can be subsequently input into, or
output from, a cryptographic module by separate entities and combined to recreate
the original cryptographic key.
[CNSSI_4009:2010]
1. (I) A security technique
in which two or more entities separately hold data items that individually do
not convey knowledge of the information that results from combining the items.
(See: dual control, split key.)
2. (O) "A condition
under which two or more entities separately have key components [that]
individually convey no knowledge of the plaintext key [that] will be produced
when the key components are combined in the cryptographic module." [FP140]
[RFC4949:2007]
A process by which a
cryptographic key is split into n multiple key components, individually
providing no knowledge of the original key, which can be subsequently combined
to recreate the original cryptographic key. If knowledge of k (where k is less
than or equal to n) components is required to construct the original key, then
knowledge of any k-1 key components provides no information about the original
key other than, possibility, its length. [NIST-SP800-57:2007]
a process by which a
cryptographic key is split into multiple key components, individually sharing
no knowledge of the original key, that can be subsequently input into, or
output from, a cryptographic module by separate entities and combined to
recreate the original cryptographic key. [ISO-19790:2006]
a process by which a
cryptographic key is split into multiple key components, individually sharing
no knowledge of the original key, that can be subsequently input into, or
output from, a cryptographic module by separate entities and combined to
recreate the original cryptographic key. [FIPS-140-2:2001]
Condition in which two or
more entities separately have key components that individually convey no
knowledge of the resultant cryptographic key.
https://www.pcisecuritystandards.org/security_standards/glossary.php
Une méthode par
laquelle deux ou plusieurs entités détiennent séparément des composants de la
clé qui, à eux seuls, ne leur permettent pas d’avoir connaissance de la clé
cryptographique qui en résulte.
http://fr.pcisecuritystandards.org/