Chapter 2 - Identification and Authentication Flashcards
What is identification?
The claim of what someone or something is.
What is authentication?
Establishes whether this claim is true. We can see such processes taking place on a daily basis in a wide variety of ways.
What is identity verification?
Is a step between identification and authentication, in which the identity is verified in some way. This is a step better than just a claim, but not an authentication. For example, a driver’s license is an identity verification, to help in showing the name given is true.
What else is identity verification used in, besides in personal interactions?
Computer systems. In many cases, such as when we send an email, the identity we provide is taken to be true, without any additional steps taken to authenticate us.
What are authentication factors?
There are several methods we can use, with each category referred to as a factor. Within each factor, there are a number of possible methods we can use.
What is the benefit of using more factors?
When attemting to authenticate a claim, the more we use, the more positive our results will be.
What are the five factors?
Something you know
Something you are
Something you have
Something you do
Where you are
This factor is very common.
It can include passwords, PINS, passphrases, etc.
Which one is it?
Something you know
This factor includes an item or device, although this factor can extend into some logical concepts as well. We can see such factors in general use in the form of ATM cards, state of federally issued identity cards, or software based security tokens.
Which is it?
Something you have: A factor generally based on the physical possession of an item or device.
This factor can be based on simple attributes, such as height, weight, hair color, or eye color.
More reliable methods include fingerprints, iris or retina patterns, or facial characteristics.
Something you are: A factor based on the relatively unique physical attributes of an individual.
What are biometrics?
Another name for “something you are”.
What factor is based on physical presence at a location or locations?
Where you are: A geographically based authentication factor. This factor operates differently than the other factors, as its method of authentication depends on the person being authenticated being present at a particular location.
What method is based on actions or behaviours of an individual?
Something you do, sometimes considered a variation of something you are, is a factor based on actions or behaviours.
This includes a person’s gait, measurement of multiple factors in his or her handwriting, the time delay between keystrokes as he or she types a pass phrase, or similar factors.
What is multifactor authentication?
Uses one or more of the factors we discussed in the preceding section. This practice is also referred to in some cases, as two-factor authentication.
What is mutual authentication?
Refers to an authentication mechanism in which both parties authenticate each other.
in the standard process, which is a one-way authentication, the client authenticates to the server to prove that it is the party that should be accessing the resources the server provides.
In mutual authentication, not only does the client authenticate to the server, but the server authenticates to the client as well.
Digital certificates are often used to accomplish mutual authentication.