Difference between revisions of "Authentication"

From Clinfowiki
Jump to: navigation, search
Line 9: Line 9:
 
Finally, access control is a much more general way of talking about controlling access to a web resource. Access can be granted or denied based on a wide variety of criteria, such as the network address of the client, the time of day, the phase of the moon, or the browser which the visitor is using. Access control is analogous to locking the gate at closing time, or only letting people onto the ride who are more than 48 inches tall - it's controlling entrance by some arbitrary condition which may or may not have anything to do with the attributes of the particular visitor.
 
Finally, access control is a much more general way of talking about controlling access to a web resource. Access can be granted or denied based on a wide variety of criteria, such as the network address of the client, the time of day, the phase of the moon, or the browser which the visitor is using. Access control is analogous to locking the gate at closing time, or only letting people onto the ride who are more than 48 inches tall - it's controlling entrance by some arbitrary condition which may or may not have anything to do with the attributes of the particular visitor.
  
As the name implies, basic authentication is the simplest method of authentication, and for a long time was the most common authentication method used, but there some other methods for authentication. Go to the web links below for a detailed information.  
+
As the name implies, basic authentication is the simplest method of authentication, and for a long time was the most common authentication method used, but there are some other methods for authentication. Go to the web links below for a detailed information.  
  
 
Sources:
 
Sources:

Revision as of 16:01, 29 March 2009

Authentication – Validation of a user, a computer, or some digital object to ensure that it is what it claims to be. In the specific context of the Future Digital System, the assurance that an object is as the author or issuer intended it.

Authentication is the act of confirming someone as authentic. This act implies to have the security that the person is really who he or she is, that means confirming the identity of a person by the system.

Authentication is any process by which you verify that someone is who they claim they are. This usually involves a username and a password, but can include any other method of demonstrating identity, such as a smart card, retina scan, voice recognition, or fingerprints.

Authorization is finding out if the person, once identified, is permitted to have the resource. This is usually determined by finding out if that person is a part of a particular group, if that person has paid admission, or has a particular level of security clearance. Authorization is equivalent to checking the guest list at an exclusive party, or checking for your ticket when you go to the opera.

Finally, access control is a much more general way of talking about controlling access to a web resource. Access can be granted or denied based on a wide variety of criteria, such as the network address of the client, the time of day, the phase of the moon, or the browser which the visitor is using. Access control is analogous to locking the gate at closing time, or only letting people onto the ride who are more than 48 inches tall - it's controlling entrance by some arbitrary condition which may or may not have anything to do with the attributes of the particular visitor.

As the name implies, basic authentication is the simplest method of authentication, and for a long time was the most common authentication method used, but there are some other methods for authentication. Go to the web links below for a detailed information.

Sources:

1.- Authentication, Authorization, and Access Control. Apache Documentation. http://httpd.apache.org/docs/1.3/howto/auth.html#intro

2.- Roger S. Pressman. Ingenieria de Software. Cuarta Edición. McGraw-Hill. 1997

3.- Wikipedia http://en.wikipedia.org/wiki/Authentication

4.- GPO. U.S. Government Printing Office. Office of Information Dissemination Program Development Service. Authentication Document at http://www.gpoaccess.gov/authentication/authenticationwhitepaperfinal.pdf