Identification and Authentication

next up previous contents
Next: Distributed System Authentication Up: Robust Authentication Procedures Previous: Robust Authentication Procedures

Identification and Authentication

With few exceptions, there is a need in modern network environments to:

  1. control access to the network itself.
  2. control access to the resources and services provided by the network.
  3. be able to verify that the mechanisms used to control that access are providing proper protection.
Controlling access to the network is provided by the network's identification and authentication service. This service is pivotal in providing for (2) and (3) above. If network users are not properly identified, and if that identification is not proven through authentication, there can be no trust that access to network resources and services is being properly controlled and executed.

Authentication is the verification of the entity's identification. That is the host, to whom the entity must prove his identity, trusts (through an authentication process) that the entity is in fact who he claims to be. The threat to the network that the identification and authentication service must protect against is impersonation. According to [TA91], impersonation can be achieved by:

John Barkley
Fri Oct 7 16:17:21 EDT 1994