- It is a process of identifying an individual and ensuring that the individual is the same who she/he claims to be.
- User authentication is the basis for most types of access control and for user accountability.
Access Control: It is the selective restriction of access to a place or other resource.
TYPES OF AUTHENTICATION
- In the context of an HTTP transaction,basic access authentication is a method for an HTTP user agent (eg:a web browser) to provide a username and password when making a request.
- In basic HTTP authentication,a request contains a header field in the form of Authorization:Basic < credentials >,where credentials is the Base64 encoding of ID and password joined by a single colon:
2.CERTIFICATE BASED AUTHENTICATION
- It is the use of a Digital Certificate to identify a user,machine,or device before granting access to a resource,network,application,etc.
- It is stronger compared to password authentication.
- Digital certificates can then be reused for user authentication
- A process which uses the distinct biological or physiological characteristics of users to verify their requests.
- It is based on human characteristics like fingerprint,voice,patterns of lines in iris.
It is based on two parameters:
(i) False Accept Ratio: Measure of a chance that a user who should be rejected is accepted by the system.
(ii) False Reject Ratio:Measure of a chance that a user who should be accepted is rejected by the system.
4.E-token based authentication
- An authentication token is a small device that generates a new random value every time it is used.This random value becomes the basis of authentication.
- It is an alternative to passwords.
- It can be implemented on a USB key or a smart card.