authentication

The process of identifying an individual, message, file, and other data. The two major roles for authentication, therefore, are as follows: (1) confirming that the user is who he or she claims to be; and (2) that the message is authentic and not altered or forged. The term authentication should not be confused with a closely related term, authorization, which means determining what a user is allowed to do or see.

In recent years, a number of products have been developed to assist in the authentication process, including biometrics (assessing users’ signatures, facial features, and other biological identifiers); smart cards (having microprocessor chips that run cryptographic algorithms and store a private key); digital certificates containing public or private keys; and SecureID, a commercialized product using a key and the current time to generate a random numbers stream that is verifiable by a server—thus ensuring that a potential user puts in the number on the card within a set amount of time (typically 5 or 10 seconds).

See Also: AAA; Algorithm; Authorization; Key; SecureID.