Identification, Authentication, and Authorization Techniques
ITT TECHNICAL INSITITUTE
Access Security / IS3230T
Unit 1 Assignment 1.1 Identification, Authentication, and Authorization Techniques.
Access Security / IS3230T
There are numerous techniques that the Information Technology industry can use in order to substantiate an entities identity, have the ability to authenticate that entity and provide the appropriate authorization for that entity to have access to a networks resource. There are many diverse techniques that are obtainable to accomplish this task.
First of all we need to define what authentication accurately is. Authentication is the ability to verify the identity of a user or a computer system on a computer network. (Barker, 2013) There are many forms or variations that authentication can manifest itself depending on the requirements as outlined in the Security Policy published by the business. Most commonly these would include one, two, or three factor configurations to verify the identity of the person requesting access to a resource. If everything associated with the authentication factors are valid and correct for the claimed identity, it is then assumed that the accessing person is who they claim to be. (Stewart, 2011) Some of the most common authentication factors would be something you know such as a password, something you have such as a smart card, and something you are such as a fingerprint.
Identification is the act of claiming an identity using just one authentication factor and authentication is the act of proving a claimed identity using one or more authentication factors. Identification in its simplest form can be related to the requestor of a resource to input user identification such as an e-mail or some other form of user ID. Two-factor authentication is when two different authentication factors are used to prove ones identity. Multi-factor is just as it sounds meaning that two or more authentication factors must be used to verify a person’s
Access Security / IS3230T
Unit 1 Assignment 1.1 Identification, Authentication, and Authorization Techniques.
Access Security / IS3230T
There are numerous techniques that the Information Technology industry can use in order to substantiate an entities identity, have the ability to authenticate that entity and provide the appropriate authorization for that entity to have access to a networks resource. There are many diverse techniques that are obtainable to accomplish this task.
First of all we need to define what authentication accurately is. Authentication is the ability to verify the identity of a user or a computer system on a computer network. (Barker, 2013) There are many forms or variations that authentication can manifest itself depending on the requirements as outlined in the Security Policy published by the business. Most commonly these would include one, two, or three factor configurations to verify the identity of the person requesting access to a resource. If everything associated with the authentication factors are valid and correct for the claimed identity, it is then assumed that the accessing person is who they claim to be. (Stewart, 2011) Some of the most common authentication factors would be something you know such as a password, something you have such as a smart card, and something you are such as a fingerprint.
Identification is the act of claiming an identity using just one authentication factor and authentication is the act of proving a claimed identity using one or more authentication factors. Identification in its simplest form can be related to the requestor of a resource to input user identification such as an e-mail or some other form of user ID. Two-factor authentication is when two different authentication factors are used to prove ones identity. Multi-factor is just as it sounds meaning that two or more authentication factors must be used to verify a person’s
Cited: Ballad, B. B. (2011). Access Control, Authentication, and Public Key Infrastructure. Burlington: Jones & Bartlett Learning. Barker, K. (2013). CISCO Official Certification Guide. Indanapolis, Indiana, USA: Cisco Press. Stewart, J. M. (2011). CompTIA Security+. Indanapolis: Sybex.