Authentication is widely used today for protecting data

Authentication refers to the task of verifying the identity of a
person/software connecting to an application. The simplest form of
authentication consists of a secret password that must be presented when a user
connects to the application. Unfortunately, passwords are easily compromised,
for example, by guessing, or by sniffing of packets on the network if the
passwords are not sent encrypted. More robust schemes are needed for critical
applications, such as online bank accounts. Encryption is the basis for more
robust authentication schemes. Many applications use two-factor authentication, where two independent

factors (that is, pieces of information or processes) are used to identify
a user. The two factors should not share a
common vulnerability; for example, if a system merely required two passwords,
both could be vulnerable to leakage in the same manner. While biometrics such
as fingerprints or iris scanners can be used in situations where a user is
physically present at the point of authentication, they

We Will Write a Custom Essay Specifically
For You For Only $13.90/page!


order now

are
not very meaningful across a network. Passwords are used as the first factor in
most such two-factor authentication schemes. Smart cards or other encryption
devices connected through the USB

interface,
which can be used for authentication based on encryption techniques are widely
used as second factors.

 

Encryption refers to the process of
transforming data into a form which cannot be readable. unless the reverse
process of decryption is applied. Encryption algorithms

use an encryption key to perform
encryption, and require a decryption key (which

could be the same as the encryption
key depending on the encryption algorithm

used) to perform decryption. Previously
it was used for transmitting messages, using a secret key known only to the
sender and the intended receiver. Even if the message is intercepted by an
enemy, the enemy, not knowing the key, will not be able to decrypt and
understand the message which was sent. Encryption is widely used today for
protecting data in transit in a variety of applications such as data transfer
on the Internet, and on cellular phone networks. Encryption is also used to
carry out other tasks, such as authentication

 

 

After users are successfully
authenticated against the selected data source, they are than authorized for
specific data or database or network resources. Authorization is basically what
a user can and cannot do on the network after that user is authenticated.

Authorization is typically
implemented using a AAA server-based solution. Authorization uses a created set
of attributes that describes the user’s access to the specific data or
database. These attributes are compared to information contained within the AAA
database, and determination of restrictions for that user is made and delivered
to the local router where the user is connected.