Authentication

From Clinfowiki
Revision as of 15:38, 13 October 2011 by Annathehybrid (Talk | contribs)

Jump to: navigation, search

Authentication – Validation of a user, a computer, or some digital object to ensure that it is what it claims to be. In the specific context of the Future Digital System, the assurance that an object is as the author or issuer intended it.

Authentication is the act of confirming someone as authentic. This act implies to have the security that the person is really who he or she is, that means confirming the identity of a person by the system.

Authentication is any process by which you verify that someone is who they claim they are. This usually involves a username and a password, but can include any other method of demonstrating identity, such as a smart card, retina scan, voice recognition, or fingerprints.

Authorization is finding out if the person, once identified, is permitted to have the resource. This is usually determined by finding out if that person is a part of a particular group, if that person has paid admission, or has a particular level of security clearance. Authorization is equivalent to checking the guest list at an exclusive party, or checking for your ticket when you go to the opera.

Finally, access control is a much more general way of talking about controlling access to a web resource. Access can be granted or denied based on a wide variety of criteria, such as the network address of the client, the time of day, the phase of the moon, or the browser which the visitor is using. Access control is analogous to locking the gate at closing time, or only letting people onto the ride who are more than 48 inches tall - it's controlling entrance by some arbitrary condition which may or may not have anything to do with the attributes of the particular visitor.

As the name implies, basic authentication is the simplest method of authentication, and for a long time was the most common authentication method used, but there are some other methods for authentication. Go to the web links below for a detailed information.

Two factor authentication (T-FA) or (2FA)

a security process in which the user provides two means of identification in conjunction, one of which is typically a physical token, such as a card, and the other of which is typically something memorized, such as a security code. Two-factor authentication typically is a signing-on process where a person proves his or her identity with two of three methods: "something you know" (ex.: password or PIN), "something you have" (ex.: smartcard or token), or "something you are" (ex.: fingerprint or voiceprint analysis).Using two factors as opposed to one factor generally delivers a higher level of authentication assurance.(1)

Fingerprint authentication

is one of the methods of biometric authentication currently used in some organizations.  Fingerprint id has been used for centuries and is quite reliable. There are two technologies used to capture the image of a fingerprint one is optical using light refracted from a prism and the other is capacitive based that is to say that it detects voltage changes in the skin between ridges and valleys.  There are also several sensors that detect fake fingerprints,  for example latent print residue will be ignored also some technologies make it impossible to use a cutoff finger because they are dependent on temperature, pulse and blood flow.  

Everyone has a unique fingerprint even twins. Scanner technology has become more sophisticated and user friendly. Disadvantages are that some prints are difficult to obtain especially in those that sweat excessively. Also it requires clean hands so cuts and bruises may affect the results.

There have been significant advances in fingerprint authentication. For example, there is a sensor called FPC1011F1 that purports superior image quality, with 256 gray scale values in every single pixel. The reflective measurement method sends an electrical signal via the frame directly into the finger. This technique enables the use of an unbeatably hard and thick protective surface coating. The sensor with its 3D pixel sensing technology can read virtually any finger; dry or wet.

Also, fingerprint authentication can be used in concert with other technologies like retina scanning or facial recognition in an attempt to provide more security.

References

Sheuh, Calvin “Biometrics: Fingerprint Technology” ppt presentation for CS265

Aboalsamh, Hatim , Proceedings of the 9th WSEAS International Conference on TELECOMMUNICATIONS and INFORMATICS, www.wseas.us/e-library/conferences/2010/Catania/.../TELE-INFO-28.pdf

Submitted by David Gutglass


Sources:

1.- Authentication, Authorization, and Access Control. Apache Documentation. http://httpd.apache.org/docs/1.3/howto/auth.html#intro

2.- Roger S. Pressman. Ingenieria de Software. Cuarta Edición. McGraw-Hill. 1997

3.- Wikipedia http://en.wikipedia.org/wiki/Authentication

4.- U.S. Government Printing Office. Office of Information Dissemination Program Development Service. Authentication Document at http://www.gpoaccess.gov/authentication/authenticationwhitepaperfinal.pdf

Authentication: You are who you say you are