With words terming as access control, There are few things catching up the mind.
-> Identification
-> Authentication
-> Authorization
-> Accountability
Identification could be defined as a public identity as may be EMPID which is publicly known to all in an organization but identification itself does not guarantee that the user is authenticated and authorized for a particular access.
Identification has to be associated with some mechanism to authenticate, this is where authentication mechanism comes into picture.
Users can be authenticated in ways as
-> Hardware ways using Biometric Device, RSA tokens
-> Software ways as using passwords
Authentication itself is a very big chapter to understand as there are multiple and new ways in technology to authenticate and grant resource access which we will take up later.
But for now we can know as 2 factor Authentication which is till now the best way to authenticate summed up as
-> Something user has (may be RSA token or a software token)
-> Something user knows (may be Password)
-> Something user is (may be EMPID)
2 Factor authentication deals with a person having either of the above 2 mentioned features to authenticate itself.
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment