Authentication cisco

Authentication

Authentication is the action of anecdotic and acceptance a user.This process

typically relies on one or added of the afterward accepted methods:

 Article the user knows This admission is affidavit by

knowledge, area the character is absolute by article accepted alone by

the user.This is the best accepted and the weakest admission acclimated for

authentication today. Examples accommodate both the UNIX and Windows

NT/2000 login process, in which the user is about prompted to enter

a password.The candor of this affidavit action depends on the

“something” actuality both a abstruse and additionally adamantine to guess—a bifold ambition that

is not calmly ensured. Some organizations accept continued the UNIX and

Windows NT/2000 login action to crave tokens or acute cards

(something you have), or biometrics (something you are), added authentication

methods discussed in the credibility that follow.

 Article the user possesses This admission is affidavit by

possession, area the character is absolute by article bedevilled alone by

the user.This affidavit admission is acceptable added accepted and is

used in best people’s circadian lives in the anatomy of keys and aegis badges.

The candor of this affidavit action depends on the “something”

being different and bedevilled alone by the user, such as a acute card. If this

object is absent or stolen, the affidavit action is compromised.

www.syngress.com

222 Chapter 5 • Authentication, Authorization, and Accounting

 Article the user is This admission is affidavit by user characteristic,

where the character is absolute by article that is different about

the user.This is accepted as the acreage of biometrics. Many articles are

currently actuality developed and produced that use techniques such as fingerprint

scans, retina scans, and articulation analysis.ATMs are alpha to be

deployed with biometric authentication.This is the arch admission to

authentication and avoids the accepted problems with the other

approaches (such as a countersign actuality estimated or a agenda actuality absent or

stolen). However, this admission is additionally the best difficult to implement.

Two-factor affidavit uses a aggregate of two of the preceding

approaches to accredit user identities.Typically, two-factor affidavit is a

combination of article the user possesses and article the user knows.A

common archetype is the use of an ATM agenda (something possessed) and an associated

PIN (something known) to admission an annual via an ATM machine. In the

computer world, you can acquisition two-factor affidavit in the anatomy of tokens,

where a aggregate of a PIN additional a alteration amount on the badge is acclimated for

authentication.

Within the AAA framework, affidavit occurs back an AAA client

passes adapted user accreditation to the AAA server and requests that the server

authenticate the user.The AAA server attempts to validate the credentials, and

responds with either an “accept” or a “deny” message. AAA affidavit is typically

used in the afterward scenarios:

 To ascendancy admission to a arrangement accessory such as a router, NAS, or firewall

 To ascendancy admission to arrangement assets through a arrangement accessory such as

a router, NAS, or firewall