When you’re developing security measures, whether they’re specific mechanisms or entire infrastructures, identification and authentication are key concepts. In short, identification makes a claim about what someone or something is, and authentication establishes whether this claim is true. You can see such processes taking place daily in a wide variety of ways.

One common example of an identification and authentication transaction is the use of payment cards that require a personal identification number (PIN). When you swipe the magnetic strip on the card, you’re asserting that you’re the person indicated on ...

Get Foundations of Information Security now with O’Reilly online learning.

O’Reilly members experience live online training, plus books, videos, and digital content from 200+ publishers.