Open main menu
Home
Random
Recent changes
Special pages
Community portal
Preferences
About Wikipedia
Disclaimers
Incubator escapee wiki
Search
User menu
Talk
Dark mode
Contributions
Create account
Log in
Editing
Authentication
(section)
Warning:
You are not logged in. Your IP address will be publicly visible if you make any edits. If you
log in
or
create an account
, your edits will be attributed to your username, along with other benefits.
Anti-spam check. Do
not
fill this in!
==== Digital authentication ==== The term digital authentication, also known as [[electronic authentication]] or e-authentication, refers to a group of processes where the confidence for user identities is established and presented via electronic methods to an information system. The digital authentication process creates technical challenges because of the need to authenticate individuals or entities remotely over a network. The American [[National Institute of Standards and Technology]] (NIST) has created a generic model for digital authentication that describes the processes that are used to accomplish secure authentication: # Enrollment β an individual applies to a credential service provider (CSP) to initiate the enrollment process. After successfully proving the applicant's identity, the CSP allows the applicant to become a subscriber. # Authentication β After becoming a subscriber, the user receives an [[authenticator]] e.g., a token and credentials, such as a user name. He or she is then permitted to perform online transactions within an authenticated session with a relying party, where they must provide proof that he or she possesses one or more authenticators. # Life-cycle maintenance β the CSP is charged with the task of maintaining the user's credential over the course of its lifetime, while the subscriber is responsible for maintaining his or her authenticator(s).<ref name="Turner-DigitalAuthentication-Basics" /><ref name="NIST-Authentication">{{cite web|title=Draft NIST Special Publication 800-63-3: Digital Authentication Guideline|url=https://pages.nist.gov/800-63-3/sp800-63-3.html|publisher=National Institute of Standards and Technology, USA|access-date=9 August 2016|url-status = live|archive-url=https://web.archive.org/web/20160913153728/https://pages.nist.gov/800-63-3/sp800-63-3.html|archive-date=13 September 2016}}</ref> The authentication of information can pose special problems with electronic communication, such as vulnerability to [[man-in-the-middle attack]]s, whereby a third party taps into the communication stream, and poses as each of the two other communicating parties, in order to intercept information from each. Extra identity factors can be required to authenticate each party's identity.
Edit summary
(Briefly describe your changes)
By publishing changes, you agree to the
Terms of Use
, and you irrevocably agree to release your contribution under the
CC BY-SA 4.0 License
and the
GFDL
. You agree that a hyperlink or URL is sufficient attribution under the Creative Commons license.
Cancel
Editing help
(opens in new window)