(1) Verifying the integrity of a transmitted message. See message integrity, e-mail authentication and MAC.
(2) Verifying the identity of a user logging into a network. Passwords, digital certificates, smart cards and biometrics can be used to prove the identity of the client to the network. Passwords and digital certificates can also be used to identify the network to the client. The latter is important in wireless networks to ensure that the desired network is being accessed. See identity management, identity metasystem, OpenID, human authentication, challenge/response, two-factor authentication, password, digital signature, IP spoofing and biometrics.
Four Levels of Proof
There are four levels of proof that people are indeed who they say they are. None of them are entirely foolproof, but in order of least to most secure, they are:
1 - What You Know
Passwords are widely used to identify a user, but only verify that somebody knows the password.
2 - What You Have
Digital certificates in the user's computer add more security than a password, and smart cards verify that users have a physical token in their possession, but both laptops and smart cards can be stolen.
3 - What You Are
Biometrics such as fingerprints and iris recognition are more difficult to forge, but you have seen such systems fooled in the movies all the time!
4 - What You Do
Dynamic biometrics such as hand writing a signature and voice recognition are the most secure; however, replay attacks can fool the system.
(2) Verifying the identity of a user logging into a network. Passwords, digital certificates, smart cards and biometrics can be used to prove the identity of the client to the network. Passwords and digital certificates can also be used to identify the network to the client. The latter is important in wireless networks to ensure that the desired network is being accessed. See identity management, identity metasystem, OpenID, human authentication, challenge/response, two-factor authentication, password, digital signature, IP spoofing and biometrics.
Four Levels of Proof
There are four levels of proof that people are indeed who they say they are. None of them are entirely foolproof, but in order of least to most secure, they are:
1 - What You Know
Passwords are widely used to identify a user, but only verify that somebody knows the password.
2 - What You Have
Digital certificates in the user's computer add more security than a password, and smart cards verify that users have a physical token in their possession, but both laptops and smart cards can be stolen.
3 - What You Are
Biometrics such as fingerprints and iris recognition are more difficult to forge, but you have seen such systems fooled in the movies all the time!
4 - What You Do
Dynamic biometrics such as hand writing a signature and voice recognition are the most secure; however, replay attacks can fool the system.
 | Reproduced with permission from Computer Desktop Encyclopedia. Copyright (c) 1981-2009 The Computer Language Company Inc. All rights reserved. |
Additional Resources
- Xshell 3.0 build 0261 (Windows)
- Xshell is a powerful SSH, TELNET, and RLOGIN terminal emulator for Windows platforms. It allows users to gain access to Unix/Linux hosts easily and securely on a Windows workstation. SSH Secure Shell protocol supports encryption and user authentication for secure connections over the Internet, and it replaces legacy protocols such...
- Software downloads 2009-11-19
- SimpleAuthority 2.6 (Windows)
- SimpleAuthority is a Certification Authority CA that is designed to be very easy to use. It generates and manages keys and certificates for people and/or computer servers that can be used for secure email, VPN access, client/server SSL authentication and other uses. Unlike most CA products, SimpleAuthority is very easy...
- Software downloads 2009-11-18
- MaxBulk Mailer for Windows 7.0 (Windows)
- MaxBulk Mailer is a bulk mailer and mail-merge software that allows you to send out customized press releases, prices lists, newsletters and any kind of text or HTML documents. It handles plain text, HTML and rich text documents and gives full support for attachments. With this product you will create,...
- Software downloads 2009-11-17
- Live Webcast: Get Control over SaaS Application Access
- Software-as-a-Service applications like Google Apps, Salesforce and others offer powerful capabilities at reasonable costs. But relying on web applications can introduce new problems that put your business at risk. Businesses lack visibility into and control over access to applications holding business data. Employees struggle to manage dozens of applications...
- Webcasts 2009-11-17
- Synology Disk Station DS409slim - NAS server
- Synology Disk Station DS409slim is a true miniature powerhouse in the network-attached storage device market. It's the first 2.5-inch hard drive-based NAS server we've reviewed that offers hot-swappable capability. However, that is its least impressive feature. The server did well in our performance tests and, like other Synology products we've...
- Product reviews 2009-11-16
- Fastream IQ Proxy Server 3.0.1R (Windows)
- IQ Proxy Server is a robust and secure content/reverse solution for Windows. Featuring the most scalable server engine with up to 20,000 simultaneous connections for both filtering and caching content proxy and securing and accelerating reverse proxy, could serve more than 10,000 requests/sec in keep-alive mode. Fastream IQ Proxy Server...
- Software downloads 2009-11-15
- CryptoExpert Lite 7.9.14 (Windows)
- CryptoExpert creates encrypted virtual disks and these disks are visible as usual disks with drive letters (for example, G:, H:, Z:, i.e. with any drive letter that is not used by other system devices). The data stored on a CryptoExpert disk is stored in the container file. A container is...
- Software downloads 2009-11-14
- CryptoExpert Professional 7.9.14 (Windows)
- CryptoExpert uses a real-time on-the-fly encryption system to encrypt and decrypt data. Your files are stored in the encrypted form on virtual hard drive with password authentication, but when it is requested by any application, it gets decrypted on-the-fly. Conversely, unencrypted data to be stored is encrypted instantaneously and then...
- Software downloads 2009-11-14
- wodSSHServer 2.2 (Windows)
- wodSSHServer is an SSH Server ActiveX component but also Telnet Server ActiveX as well that will give you ability to easily add SSH2 and SFTP server capabilities to your application, as well as old TELNET server protocol. SSH protocol provides strong encryption of data, and authentication of users over insecure...
- Software downloads 2009-11-14
- Groklaw suggests Microsoft sue, do over authentication
- Are you in any way trying to legitimize patent trolling?You are well aware that what Microsoft is doing is what we all used to call patent trolling aren't you?My guess...Nothing will happen... this is just MS trying to protect UAC and runas from paten lawsuits.Besides MS would be idiot... well...
- Discussion threads 2009-11-13
- Groklaw suggests Microsoft sue, do over authentication
- Microsoft has won a patent that seems to cover an old Unix authentication scheme known as Sudo. by Dana Blankenhorn
- Blog posts 2009-11-13
- Psystar: Cocaine, car crashes and a chance to beat Apple
- Monopoly Much?How has apple been able to get away with this? Microsoft gets sued for sending their browser with their operating system while not blocking anyone else's browsers on their systems. Apple does not allow anyone else to use their operating system on other hardware, not sure how...
- Discussion threads 2009-11-12
- SimpleAuthority 2.6 (Mac)
- SimpleAuthority is a Certification Authority CA that is designed to be very easy to use. It generates and manages keys and certificates that provide cryptographic digital identities for people and/or computer servers. These identities are designed to be used in other applications such as for: secure email - for...
- Software downloads 2009-11-12
- GlobalSCAPE EFT Server 6.1.0.48 (Windows)
- EFT Server formerly Secure FTP Server is a secure file transfer solution for growing companies facing the challenges that come with an increasing network of business partners and processes. The core EFT Server platform provides secure transport protocols, extensive user account control, and post processing workflow. Utilize all the essential...
- Software downloads 2009-11-12
- LinkByLink 1.0.14 (Mac)
- Even when using a CMS Content Management System checking websites for broken links is an issue. By far not everybody uses a CMS, and for finding broken links to external web pages or for identifying invalid e-mail addresses more specialized tools are needed. LinkByLink addresses this and other tasks. The...
- Software downloads 2009-11-12
- Passwordstate 4.0 (Windows)
- Passwordstate 4.0 is a web-based solution for secure management of passwords, for both individuals and teams of people. 256bit AES data encryption, code obfuscation and enterprise scalability makes it the Enterprise Password Manager of choice. Track Personal and Shared Password Lists -Track passwords for individuals, or create Shared Password Lists...
- Software downloads 2009-11-11
- Nofeel FTP Server (32-bit) 3.6.3812 (Windows)
- Powerful, secure, and easy-to-use FTP server specially written for Windows 2000/XP/2003/Vista/2008. Enable users to have real-time interaction with server, including current and past connections full details, server current and permanent stat, ability to stop file transferring or disconnect any connection. Rich server settings are provided, including but not limited to...
- Software downloads 2009-11-10
- Nofeel FTP Server 64-bit 3.6.3812 (Windows)
- Nofeel FTP Server 64-bit is a secure and easy-to-use FTP server specially written for Windows platform. Enable users to have real-time interaction with server, including current and past connections full details, server current and permanent stat, ability to stop file transferring, or disconnect any connection. Rich server settings are provided,...
- Software downloads 2009-11-10
- Winmail Mail Server 4.7 build 0217 (Windows)
- Winmail Server is an enterprise class mail server software system offering a robust feature set, including extensive security measures. Winmail Server supports SMTP, POP3, IMAP, Webmail, LDAP, multiple domains, SMTP authentication, spam protection, anti-virus protection, SSL/TLS security, Network Storage, remote access, Web-based administration, and a wide array of standard email...
- Software downloads 2009-11-08
- cURL 7.19.7 (Mac)
- curl is a command line tool for transferring files with URL syntax, supporting FTP, FTPS, TFTP, HTTP, HTTPS, TELNET, DICT, FILE and LDAP. curl supports SSL certificates, HTTP POST, HTTP PUT, FTP uploading, HTTP form based upload, proxies, cookies, user+password authentication (Basic, Digest, NTLM, Negotiate, kerberos...), file transfer resume, proxy...
- Software downloads 2009-11-06
Neighboring Terms
Premier Vendor Content Whitepapers, webcasts & resources from our Power Center Sponsors
- The best support in the Linux business
-
If Linux is going to power your mission-critical applications, you'd better have the best support known to business. Novell was rated the top provider of Linux technical support.
- Learn more >>
- The best support in the Linux business
-
If Linux is going to power your mission-critical applications, you'd better have the best support known to business. Novell was rated the top provider of Linux technical support.
- Learn more >>
- The more you simplify, the more you save
-
When you transition from your existing Red Hat environment to SUSE Linux Enterprise from Novell, you can recognize dramatic cost savings, perhaps as much 50%
- Learn more >>
- Learn more about tools to grow your business
-
The Business Essentials Guide provides you useful tools and templates to help grow your business and save you time with automated shipping solutions.
- Save time with the UPS Business Essentials Guide
SmartPlanet
- Thought-provoking progressive ideas on diverse topics that intersect with technology, business, and life, and matter to the world at large. Visit SmartPlanet
- More from IBM
-
- Can your business work smarter? Learn more about Lotus Symphony
- Learn how to work smarter and optimize cost using the IBM Smart SOA approach Download the eBook
- Smarter ways to make smarter products Read the brief from IBM
