Network, Computer and Programming Resources

Network - Authentication

In network security and other operations, authentication is the process of determining the identity and legitimacy of a user, node, or process. Various authentication strategies have been developed. Among the simplest are the use of user IDs and passwords. A relatively new authentication scheme, called digital signatures, is very effective and almost impossible to fool (unless one has access to the private encryption key of one party). In digital signatures, a user (user A) uses another user's (user B's) public key to encrypt the transmission, and uses A's private key to "sign" it. At the receiving end, user B uses A's public key to validate the signature, and user B's private key to decrypt the transmission. The CCITT distinguishes two levels of authentication for directory access in its X.509 recommendations: n Simple authentication, which uses just a password and works only for limited directory domains. n Strong authentication, which uses a public key encryption method to ensure the security of a communication. BROADER CATEGORY Network Security