(1) Verifying the integrity of a transmitted message. See message integrity, e-mail authentication and MAC.
(2) Verifying the identity of a user logging into a network. Passwords, digital certificates, smart cards and biometrics can be used to prove the identity of the client to the network. Passwords and digital certificates can also be used to identify the network to the client. The latter is important in wireless networks to ensure that the desired network is being accessed. See identity management, identity metasystem, OpenID, human authentication, challenge/response, two-factor authentication, password, digital signature, IP spoofing and biometrics.
Four Levels of Proof
There are four levels of proof that people are indeed who they say they are. None of them are entirely foolproof, but in order of least to most secure, they are:
1 - What You Know
Passwords are widely used to identify a user, but only verify that somebody knows the password.
2 - What You Have
Digital certificates in the user's computer add more security than a password, and smart cards verify that users have a physical token in their possession, but both laptops and smart cards can be stolen.
3 - What You Are
Biometrics such as fingerprints and iris recognition are more difficult to forge, but you have seen such systems fooled in the movies all the time!
4 - What You Do
Dynamic biometrics such as hand writing a signature and voice recognition are the most secure; however, replay attacks can fool the system.
(2) Verifying the identity of a user logging into a network. Passwords, digital certificates, smart cards and biometrics can be used to prove the identity of the client to the network. Passwords and digital certificates can also be used to identify the network to the client. The latter is important in wireless networks to ensure that the desired network is being accessed. See identity management, identity metasystem, OpenID, human authentication, challenge/response, two-factor authentication, password, digital signature, IP spoofing and biometrics.
Four Levels of Proof
There are four levels of proof that people are indeed who they say they are. None of them are entirely foolproof, but in order of least to most secure, they are:
1 - What You Know
Passwords are widely used to identify a user, but only verify that somebody knows the password.
2 - What You Have
Digital certificates in the user's computer add more security than a password, and smart cards verify that users have a physical token in their possession, but both laptops and smart cards can be stolen.
3 - What You Are
Biometrics such as fingerprints and iris recognition are more difficult to forge, but you have seen such systems fooled in the movies all the time!
4 - What You Do
Dynamic biometrics such as hand writing a signature and voice recognition are the most secure; however, replay attacks can fool the system.
 | Reproduced with permission from Computer Desktop Encyclopedia. Copyright (c) 1981-2009 The Computer Language Company Inc. All rights reserved. |
Additional Resources
- Zero-day flaw found in web encryption
- A zero-day flaw in the TLS and SSL protocols, which are commonly used to encrypt web pages, has been made public. Security researchers Marsh Ray and Steve Dispensa unveiled the TLS Transport Layer Security flaw on Wednesday, following the disclosure of separate, but similar, security findings. TLS and its...
- News items 2009-11-05
- cURL 7.19.7 (Windows)
- Curl is a command line tool for transferring files with URL syntax, supporting FTP, FTPS, HTTP, HTTPS, GOPHER, TELNET, DICT, FILE and LDAP. Curl supports HTTPS certificates, HTTP POST, HTTP PUT, FTP uploading, kerberos, HTTP form based upload, proxies, cookies, user+password authentication, file transfer resume, http proxy tunneling and a...
- Software downloads 2009-11-04
- iHacked: jailbroken iPhones compromised, $5 ransom demanded
- ... WHAT?Who in their right mind keep a server running with default usernames/passwords on the default port....I doubt that jailbroken iPhones are alone in this. It's possible, specially if iPhones have a ssh server running, that this could happen on non-jailbroken iPhones also.Just one question...Has this person been remanded yet?...
- Discussion threads 2009-11-03
- SmartCode ViewerX VNC ActiveX Control 2.9.7 (Windows)
- The SmartCode ViewerX VNC control provides developers with full access to the VNC Viewer features using a set of intuitive ActiveX properties and methods. With ViewerX control, developers can easily provide screen sharing and remote control capabilities to their applications. The SmartCode ViewerX can work behind HTTP/SOCKS5 and UltraVNC Repeater...
- Software downloads 2009-11-03
- ADmitMac 5.0 (Mac)
- ADmitMac v3 allows Macintosh users running Mac OS X 10.3 Panther, or Mac OS X 10.4 Tiger with the latest updates, to participate in and take advantage of all the directory services provided by Microsoft's Active Directory, NT, and Apple's Workgroup Manager. As a result, administrators can manage their domain...
- Software downloads 2009-11-03
- StarLink Suite x86 2.3b build 3583 (Windows)
- StarLink Gateway provides support to send SMS by SMTP Mail Server. It also provide send free SMS to mobile network. The system is multi user Client-server system. Server is running and listening specific port (TCP/IP Port). Users sign in to server by providing their authentication information (user id and their...
- Software downloads 2009-10-30
- Long-term Mozy for Mac review
- Sad to read thisI have not found a "cloud" solution to backup either.I tried Backblaze, but the 1 month for the initial backup was not for me. Then, when I UNinstalled it, I was shocked to find a bit of it running on my iMac over 3 months later.The problem...
- Discussion threads 2009-10-28
- Core FTP Server 1.0 build 317 (Windows)
- Core FTP Server is a secure FTP server with SSL/TLS/FTPS, SSH/SFTP, HTTP/S support virtual paths, access rules, and certificate authentication. Quick and easy setup, start sharing files in minutes.
- Software downloads 2009-10-28
- Amazon launches relational database service: Think MySQL in the cloud
- Three reasons this is a bad paradigm...Security, security and...let's see, what was that other thing...oh yeah, security. The comment "enterprise customers are likely to take their time moving sensitive data into Amazon?s RDS effort" should be nominated for the understatement of the year award. What's more likely is...
- Discussion threads 2009-10-27
- ProjectForum 6.4.2 (Mac)
- ProjectForum is a commercially supported, high quality wiki collaboration server for small and medium workgroups. It runs securely on an organization's own network, keeping important information safely in-house and protected. Supporting multiple workgroups from a single server, it features full version control, secure authentication options, document management, full branding support...
- Software downloads 2009-10-26
- iWebGet Professional Version 1.4 (Windows)
- iWebGet for Windows is a multifunction offline browser designed to run under Windows 2000/XP/2003/Vista. GUI languages for iWebGet: English, Japanese. Downloading up to 50 files simultaneously. Downloading up to 200,000 files in one project on iWebGet Standard Version. Downloading up to 1,000,000 files in one project on iWebGet Professional Version....
- Software downloads 2009-10-26
- iWebGet Standard Version 1.4 (Windows)
- iWebGet for Windows is a multifunction offline browser designed to run under Windows 2000/XP/2003/Vista. GUI languages for iWebGet: English, Japanese. Downloading up to 50 files simultaneously. Downloading up to 200,000 files in one project on iWebGet Standard Version. Downloading up to 1,000,000 files in one project on iWebGet Professional Version....
- Software downloads 2009-10-26
- ProjectForum 6.4.2 (Windows)
- ProjectForum is software that makes it easy for a team of people to collaborate. Whether your team members are across the room or across the globe, ProjectForum lets you share ideas, documents, schedules and status. Share and discuss your work online, privately and securely. ProjectForum is workgroup wiki server...
- Software downloads 2009-10-26
- CryptoExpert Lite 7.9.13 (Windows)
- CryptoExpert creates encrypted virtual disks and these disks are visible as usual disks with drive letters (for example, G:, H:, Z:, i.e. with any drive letter that is not used by other system devices). The data stored on a CryptoExpert disk is stored in the container file. A container is...
- Software downloads 2009-10-25
- CryptoExpert Professional 7.9.13 (Windows)
- CryptoExpert uses a real-time on-the-fly encryption system to encrypt and decrypt data. Your files are stored in the encrypted form on virtual hard drive with password authentication, but when it is requested by any application, it gets decrypted on-the-fly. Conversely, unencrypted data to be stored is encrypted instantaneously and then...
- Software downloads 2009-10-25
- InterMapper DataCenter 5.1.6 (Windows)
- InterMapper DataCenter IMDC is a stand-alone collection of services used alongside InterMapper. Currently, this includes the InterMapper Authentication Server IMAuth. IMAuth allows you to authenticate users against a wide variety of directory servers, including LDAP, Active Directory, Open Directory, Radius, IAS, Kerberos and others. Read the InterMapper Authentication Server Tech...
- Software downloads 2009-10-22
- Zimbra Collaboration Suite 6.0.2 (Mac)
- Zimbra Collaboration Suite ZCS is modern, innovative messaging and collaboration.-Zimbra is the leading open source solution for enterprise, service provider, academic, and government environments; offering administrators and their end-users unmatched benefits and TCO. Zimbra is popular choice for today's growing-Linux email server base. ZCS features an award-winning Ajax web client...
- Software downloads 2009-10-22
- Looking beyond Windows 7 and Office; Pondering the alternatives
- No reason to look beyond Microsoft Windows 7 and Microsoft Office, its a complete solution out of the box for every business need. Pondering the alternatives will take all of 5 seconds before realizing the alternatives won't live up to what Microsoft has to offer.Preceding message brought to you...
- Discussion threads 2009-10-20
- Application performance can't be maximized in the dark
- When optimizing and managing how applications perform ? from the eyes of the user ? IT teams need light shed onto the actual trouble spots says OpTier's Motti Tal. Commentary - Sometimes, when end users experience application trouble, response times degrade slowly. Other times, applications seem to turn off...
- News items 2009-10-20
- Electronic voting: Changing the world faster than a Windows upgrade
- no encryption is good enough...Considering the power the US President has to shape US and World Policy, I think EVERYONE will be gunning to crack that nut.Enemies will try to get the worst/weakest candidate. Allies will try to get the guy who most loves them into power. Business...
- Discussion threads 2009-10-20
Neighboring Terms
Premier Vendor Content Whitepapers, webcasts & resources from our Power Center Sponsors
Meet Doc
-
-
Here to help you with your Document Management Needs
- Doc is an enigma. Born to a Russian ballerina and a German electrical engineer, he grew up in various locations in the United States. He’s seen the insides of more brands, versions, and generations of printer and printer-related hardware than almost anyone.
- To learn more about this mysterious figure check out his blog on ZDNet and his Workspace on TechRepublic. You’ll be glad you did.
-
Produced by
ZDNet and -
