(1) Verifying the integrity of a transmitted message. See message integrity, e-mail authentication and MAC.
(2) Verifying the identity of a user logging into a network. Passwords, digital certificates, smart cards and biometrics can be used to prove the identity of the client to the network. Passwords and digital certificates can also be used to identify the network to the client. The latter is important in wireless networks to ensure that the desired network is being accessed. See identity management, identity metasystem, OpenID, human authentication, challenge/response, two-factor authentication, password, digital signature, IP spoofing and biometrics.
Four Levels of Proof
There are four levels of proof that people are indeed who they say they are. None of them are entirely foolproof, but in order of least to most secure, they are:
1 - What You Know
Passwords are widely used to identify a user, but only verify that somebody knows the password.
2 - What You Have
Digital certificates in the user's computer add more security than a password, and smart cards verify that users have a physical token in their possession, but both laptops and smart cards can be stolen.
3 - What You Are
Biometrics such as fingerprints and iris recognition are more difficult to forge, but you have seen such systems fooled in the movies all the time!
4 - What You Do
Dynamic biometrics such as hand writing a signature and voice recognition are the most secure; however, replay attacks can fool the system.
(2) Verifying the identity of a user logging into a network. Passwords, digital certificates, smart cards and biometrics can be used to prove the identity of the client to the network. Passwords and digital certificates can also be used to identify the network to the client. The latter is important in wireless networks to ensure that the desired network is being accessed. See identity management, identity metasystem, OpenID, human authentication, challenge/response, two-factor authentication, password, digital signature, IP spoofing and biometrics.
Four Levels of Proof
There are four levels of proof that people are indeed who they say they are. None of them are entirely foolproof, but in order of least to most secure, they are:
1 - What You Know
Passwords are widely used to identify a user, but only verify that somebody knows the password.
2 - What You Have
Digital certificates in the user's computer add more security than a password, and smart cards verify that users have a physical token in their possession, but both laptops and smart cards can be stolen.
3 - What You Are
Biometrics such as fingerprints and iris recognition are more difficult to forge, but you have seen such systems fooled in the movies all the time!
4 - What You Do
Dynamic biometrics such as hand writing a signature and voice recognition are the most secure; however, replay attacks can fool the system.
 | Reproduced with permission from Computer Desktop Encyclopedia. Copyright (c) 1981-2009 The Computer Language Company Inc. All rights reserved. |
Additional Resources
- Core FTP Server 1.0 build 319 (Windows)
- Core FTP Server is a secure FTP server with SSL/TLS/FTPS, SSH/SFTP, HTTP/S support virtual paths, access rules, and certificate authentication. Quick and easy setup, start sharing files in minutes. Free version supports one domain and two users.
- Software downloads 2009-11-26
- WebDrive 2.01.203 (Mac)
- WebDrive for Mac integrates FTP, FTPS, WebDAV, SFTP, or GroupDrive servers into OS/X Finder by mounting the server as a local device. This allows you to use your favorite Macintosh applications to edit files and save them directly to the server. The WebDrive for Mac client includes many advanced features...
- Software downloads 2009-11-25
- Fastream IQ Proxy Server 3.1.4R (Windows)
- IQ Proxy Server is a robust and secure content/reverse solution for Windows. Featuring the most scalable server engine with up to 20,000 simultaneous connections for both filtering and caching content proxy and securing and accelerating reverse proxy, could serve more than 10,000 requests/sec in keep-alive mode. Fastream IQ Proxy Server...
- Software downloads 2009-11-24
- Zimbra Collaboration Suite 6.0.3 (Mac)
- Zimbra Collaboration Suite ZCS is modern, innovative messaging and collaboration.-Zimbra is the leading open source solution for enterprise, service provider, academic, and government environments; offering administrators and their end-users unmatched benefits and TCO. Zimbra is popular choice for today's growing-Linux email server base. ZCS features an award-winning Ajax web client...
- Software downloads 2009-11-24
- Enigmail 0.96.0 (Windows)
- Enigmail adds OpenPGP message encryption and authentication to your email client. It features automatic encryption, decryption and integrated key management functionality. Enigmail requires GnuPG (www.gnupg.org) for the cryptographic functions, which is not included in the installation.
- Software downloads 2009-11-23
- AT&T Communication Manager 7.0 (Windows)
- AT&T Communication Manager is an easy-to-use software that allows you to manage your connection to the AT&T mobile data network and to Wi-Fi networks. The key features are: Simple installation and intuitive user interface, Access to our EDGE and 3G networks and roaming partners' networks, where applicable, Provides easy authentication...
- Software downloads 2009-11-23
- PeaZip 2.8 (Windows)
- PeaZip is a free, open source file and archive manager for 32 and 64 bit Windows and Linux. It is available either as installable and portable application not needing installation. Full support: 7Z, 7Z-sfx, ARC/WRC, BZ2/TBZ2, Custom user defined, GZ/TGZ, PAQ/ZPAQ, PEA, QUAD/BALZ, split, TAR, UPX, ZIP. Open, browse, extract,...
- Software downloads 2009-11-21
- Xshell 3.0 build 0261 (Windows)
- Xshell is a powerful SSH, TELNET, and RLOGIN terminal emulator for Windows platforms. It allows users to gain access to Unix/Linux hosts easily and securely on a Windows workstation. SSH Secure Shell protocol supports encryption and user authentication for secure connections over the Internet, and it replaces legacy protocols such...
- Software downloads 2009-11-19
- SimpleAuthority 2.6 (Windows)
- SimpleAuthority is a Certification Authority CA that is designed to be very easy to use. It generates and manages keys and certificates for people and/or computer servers that can be used for secure email, VPN access, client/server SSL authentication and other uses. Unlike most CA products, SimpleAuthority is very easy...
- Software downloads 2009-11-18
- MaxBulk Mailer for Windows 7.0 (Windows)
- MaxBulk Mailer is a bulk mailer and mail-merge software that allows you to send out customized press releases, prices lists, newsletters and any kind of text or HTML documents. It handles plain text, HTML and rich text documents and gives full support for attachments. With this product you will create,...
- Software downloads 2009-11-17
- Live Webcast: Get Control over SaaS Application Access
- Software-as-a-Service applications like Google Apps, Salesforce and others offer powerful capabilities at reasonable costs. But relying on web applications can introduce new problems that put your business at risk. Businesses lack visibility into and control over access to applications holding business data. Employees struggle to manage dozens of applications...
- Webcasts 2009-11-17
- Synology Disk Station DS409slim - NAS server
- Synology Disk Station DS409slim is a true miniature powerhouse in the network-attached storage device market. It's the first 2.5-inch hard drive-based NAS server we've reviewed that offers hot-swappable capability. However, that is its least impressive feature. The server did well in our performance tests and, like other Synology products we've...
- Product reviews 2009-11-16
- CryptoExpert Lite 7.9.14 (Windows)
- CryptoExpert creates encrypted virtual disks and these disks are visible as usual disks with drive letters (for example, G:, H:, Z:, i.e. with any drive letter that is not used by other system devices). The data stored on a CryptoExpert disk is stored in the container file. A container is...
- Software downloads 2009-11-14
- CryptoExpert Professional 7.9.14 (Windows)
- CryptoExpert uses a real-time on-the-fly encryption system to encrypt and decrypt data. Your files are stored in the encrypted form on virtual hard drive with password authentication, but when it is requested by any application, it gets decrypted on-the-fly. Conversely, unencrypted data to be stored is encrypted instantaneously and then...
- Software downloads 2009-11-14
- wodSSHServer 2.2 (Windows)
- wodSSHServer is an SSH Server ActiveX component but also Telnet Server ActiveX as well that will give you ability to easily add SSH2 and SFTP server capabilities to your application, as well as old TELNET server protocol. SSH protocol provides strong encryption of data, and authentication of users over insecure...
- Software downloads 2009-11-14
- Groklaw suggests Microsoft sue, do over authentication
- Are you in any way trying to legitimize patent trolling?You are well aware that what Microsoft is doing is what we all used to call patent trolling aren't you?My guess...Nothing will happen... this is just MS trying to protect UAC and runas from paten lawsuits.Besides MS would be idiot... well...
- Discussion threads 2009-11-13
- Groklaw suggests Microsoft sue, do over authentication
- Microsoft has won a patent that seems to cover an old Unix authentication scheme known as Sudo. by Dana Blankenhorn
- Blog posts 2009-11-13
- Psystar: Cocaine, car crashes and a chance to beat Apple
- Monopoly Much?How has apple been able to get away with this? Microsoft gets sued for sending their browser with their operating system while not blocking anyone else's browsers on their systems. Apple does not allow anyone else to use their operating system on other hardware, not sure how...
- Discussion threads 2009-11-12
- SimpleAuthority 2.6 (Mac)
- SimpleAuthority is a Certification Authority CA that is designed to be very easy to use. It generates and manages keys and certificates that provide cryptographic digital identities for people and/or computer servers. These identities are designed to be used in other applications such as for: secure email - for...
- Software downloads 2009-11-12
- GlobalSCAPE EFT Server 6.1.0.48 (Windows)
- EFT Server formerly Secure FTP Server is a secure file transfer solution for growing companies facing the challenges that come with an increasing network of business partners and processes. The core EFT Server platform provides secure transport protocols, extensive user account control, and post processing workflow. Utilize all the essential...
- Software downloads 2009-11-12
Neighboring Terms
Premier Vendor Content Whitepapers, webcasts & resources from our Power Center Sponsors
- Reduce risk. Reduce complexity. Increase reliability.
-
A simplified IT environment isn't just less complex. It's also more reliable. Standardize on a single Linux platform with SUSE Linux Enterprise from Novell, and get the world's most interoperable Linux
- Learn more >>
- Keep Up With The Latest In Document Management with The DocuMentor.
-
Doc delivers the scoop on today's enterprise content management, printer maintenance, and all other issues related to document management. It's the DocuMentor Blog.
- Learn more >>
- Microsoft Dynamics CRM Online - Free Six-Month Trial for Eligible Organizations
-
Microsoft Dynamics CRM Online provides fast online access, simple contact management and better sales performance for a low monthly cost - the best value on the market today.
- Learn more about the free, six-month trial offer>>
SmartPlanet
- Thought-provoking progressive ideas on diverse topics that intersect with technology, business, and life, and matter to the world at large. Visit SmartPlanet
- More from IBM
-
- How to Drive Better Business Outcomes with Exceptional Web Experiences Download the eBook
- Driving Business Agility through SOA Connectivity & Integration Read the White Paper from IBM
- Linking Decisions and Information for Organizational Performance Read the Tom Davenport study
