AUTHENTICATION
Authentication is the process which allows a sender and receiver of information to validate each other. If the sender and receiver of information cannot properly authenticate each other, there is no trust in the activities or information provided by either party. Authentication can involve highly complex and secure methods or can be very simple. The simplest form of authentication is the transmission of a shared password between entities wishing to authenticate each other. Today’s authentication methods uses some of the below factors.
1) What you know:
An example of this type of Authentication is a "Password". The simple logic here is that if you know the secret password for an account, then you must be the owner of that account. The problems associated with this type of Authentication is that the password can be stolen, someone might read it if you wrote it somewhere. If anyone came to know your password, he might tell someone else. If you have a simple dictionary password, it is easy to crack it by using password cracking software.
2) What you have:
Examples of this type of Authentication are smart cards, tokens etc. The logic here is if you have the smart card with you, you must be the owner of the account. The problems associated with this type of authentication are you might lose the smart card, it can be stolen, or someone canduplicate the smart card etc.
3) What you are:
Examples of this type of authentication are your fingerprint, handprint, retina pattern, voice,keystroke pattern etc. Problems associated with this type of authentication are that there is a chance of false positives and false negatives. Chances are there that a valid user is rejected and an invalid user is accepted. Often people are not comfortable with this type of authentication.
Network Authentication are usually based on Authentication protocols, Digital Certificates,Username/Password, smart card etc. Some of the most important authentication protocols which are used today are Kerberos, Challenge Handshake Authentication Protocol (CHAP), Microsoft Challenge Handshake Authentication Protocol (MSCHAP) etc
No comments:
Post a Comment