Dictionary Home » Computer Definitions » authentication

authentication - technical definition

Security measures designed to verify or validate the identity of a user or station prior to granting access to resources. Authentication mechanisms include passwords and intelligent tokens. See also intelligent token NAS, password, RADIUS, and RAS.

See authentication in Webster''s New World Hacker Dictionary

The process of identifying an individual, message, file, and other data. The two major roles for authentication, therefore, are as follows: (1) confirming that the user is who he or she claims to be; and (2) that the message is authentic and not altered or forged. The term authentication should not be confused with a closely related term, authorization, which means determining what a user is allowed to do or see.

In recent years, a number of products have been developed to assist in the authentication process, including biometrics (assessing usersÂ’ signatures, facial features, and other biological identifiers); smart cards (having microprocessor chips that run cryptographic algorithms and store a private key); digital certificates containing public or private keys; and SecureID, a commercialized product using a key and the current time to generate a random numbers stream that is verifiable by a serverÂ—thus ensuring that a potential user puts in the number on the card within a set amount of time (typically 5 or 10 seconds).

See Also: AAA; Algorithm; Authorization; Key; SecureID.

Graham, R. Hacking Lexicon. Robert Graham Website. http://www .linuxsecurity.com/resource_files/documentation/hacking-dict.html.

See authentication in Computer

(1) Verifying the integrity of a transmitted message. See message integrity, e-mail authentication and MAC.

(2) Verifying the identity of a user logging into a network. Passwords, digital certificates, smart cards and biometrics can be used to prove the identity of the client to the network. Passwords and digital certificates can also be used to identify the network to the client. The latter is important in wireless networks to ensure that the desired network is being accessed. See identity management, identity metasystem, OpenID, human authentication, challenge/response, two-factor authentication, password, digital signature, IP spoofing and biometrics.

Four Levels of Proof

There are four levels of proof that people are indeed who they say they are. None of them are entirely foolproof, but in order of least to most secure, they are:

1 - What You Know
Passwords are widely used to identify a user, but only verify that somebody knows the password.

2 - What You Have
Digital certificates in the user's computer add more security than a password, and smart cards verify that users have a physical token in their possession, but both laptops and smart cards can be stolen.

3 - What You Are
Biometrics such as fingerprints and iris recognition are more difficult to forge, but you have seen such systems fooled in the movies all the time!

4 - What You Do
Dynamic biometrics such as hand writing a signature and voice recognition are the most secure; however, replay attacks can fool the system.

Learn more about authentication

» authentication synonyms

» authentication investment & finance

link/cite print suggestion box

authentication - technical definition

Four Levels of Proof

More from YD