Authentication may sound like a very complicated concept, but it’s quite simple: a way of showing that you are who you say you are. In the offline world this process is simple and universal. Most countries have well-documented procedures by which you can get a passport that demonstrates your identity wherever you go in the world. In the world of computers, there is no single document you can use to prove your identity wherever you go. As a result, most websites and services use slightly different techniques.
In my previous post about the four “A”s of Account Management, we discussed Authentication as it relates to Authorization, Access Control and Audit Logging. Establishing good authentication is an essential first step before you can perform the other three functions of account management; if you don’t know who someone is, you cannot know what resources or services they are entitled to access, or identify what actions they have taken.
Authentication 101
No comments:
Post a Comment
Note: Only a member of this blog may post a comment.