Tricryption
Tricryption is a three-step encryption process in which data is encrypted using a unique cryptographic key, the key is then encrypted, and finally the link between the data and the key is encrypted. The data, key and link are then stored, remaining encrypted while in storage.
Decrypting the encrypted data, so that it can be read, involves decrypting the link, matching the key to the data, decrypting the key and then decrypting the data using the key. Protected data can only be decrypted and read by authorized users performing authorized transactions. As a result, stored data accessed by unauthorized users cannot be decrypted.

Tricryption Engine
In the Encryption Framework, the Tricryption Engine performs all cryptographic key management functions (key generation, key exchange, and the encryption and decryption of keys and links). The Tricryption Engine also performs data encryption and decryption.
These functions are performed in response to transaction requests received from the Remote Engines. Data can be encrypted via requests from the Tricryption agent. 
The Tricryption Engine is also used to perform some administrative functions, such as the maintenance of backup user authentication information.

Tricryption Agent
The Tricryption Agent is an integration component that transmits cryptographic transaction requests from an application to the Tricryption Engine or Remote Engine. Available in COM, Java, C++ and C versions, the Tricryption Agent integrates seamlessly with various Windows, Solaris, AIX, Linux and HP-UX client applications.

Remote Engine
The Remote Engine transmits cryptographic key requests from a computer to the Tricryption Engine, and uses the keys to encrypt and decrypt data stored on the client computer. Use of the Remote Engine is optional and will offload data encryption/decryption from the Tricryption Engine.

Key ID
A Key ID is an identifier assigned to an encrypted key.

Hidden Link
Tricryption requires a link between the data and the cryptographic key used to encrypt it. A Hidden Link is formed when the Key ID is encrypted. Hidden Links are stored with encrypted data.

Key Database
The Key Database stores encrypted keys and the Key IDs assigned to the encrypted keys.

Workstation and Application Server
An individual computer containing the Tricryption Agent, optional Remote Engine, various client applications, unencrypted data and encrypted data with their associated Hidden Links.

Certificate Authority
As part of a public key infrastructure, a certificate authority governs the issuance, management and verification of digital certificates, which are used to authenticate the identity of the certificate holder. A certificate authority is optional and used only to provide a trust between Tricryption Engines.

Domain Controller
In a network using a Windows operating system, a domain controller is a server that manages access to specific network resources through the use of logon processes. The domain controller performs all user authentication processes, and stores user and network authentication information. Use of a domain controller is required to use Windows-based authentication with this product.