Authentication is a broad term, which is normally referred to mechanisms of ensuring that entities are who they claim to be or that data has not been manipulated by unauthorized parties. Thus, entity authentication or identification refers to the means of verifying user identity, after which the user will be granted appropriate privileges. Data origin authentication refers to the means of ensuring that the data comes from an authentic source and has not been tampered with during the transmission.
The need for user authentication in early computer systems arose once it became possible to support multi-user environments. Similarly, data base systems that can be accessed by multiple users with different privileges have to rely on user authentication to enforce proper access control. There is a variety of mechanisms that allow users to authenticate themselves, but password-based authentication is currently the most widely used form of identification.
- 1.Bishop M. Computer security: art and science. Boston: Addison Wesley Professional; 2002.Google Scholar
- 2.Haller N. The S/Key one-time password system. In: Proceedings of Symposium on Network and Distributed System Security; 1994. p. 151–7.Google Scholar
- 3.Menezes A, van Oorschot P, Vanstone S. Handbook of applied cryptography. Boca Raton: CRC; 1996.Google Scholar
- 4.Pfleeger C, Pfleeger S. Security in computing. 3rd ed. Englewood Cliffs: Prentice-Hall; 2003.Google Scholar
- 5.Schneier B. Applied cryptography: protocols, algorithms, and source code in C. 2nd ed. New York: Wiley; 1996.Google Scholar
- 6.Stallings W. Cryptography and network security: principles and practices. 4th ed. New Delhi: Pearson Prentice Hall; 2006.Google Scholar
- 7.Stinson D. Cryptography: theory and practice. 3rd ed. Boca Raton: Chapman & Hall/CRC; 2006.Google Scholar