Chapter 13. User Authentication
13.0. Introduction
Today’s primary method for permitting access to host computers and other networked or networking devices is the username and password combination. This method, which provides the simplest form of verifying the authenticity of a user trying to access the resource, is known as user authentication. Grand schemes are sometimes developed to authenticate users, but most can be broken down into three primary authentication factors:
- Something you know
This is the simplest and most common form of user authentication. It might be a password, PIN, or secret phrase that only “trusted” users would know.
- Something you have
This would be something a trusted user possesses, such as a secret decoder ring, or a token-generator such as RSA Security’s SecurID product.
- Something you are
Lots of new development is occurring here in a field known as biometrics. This involves offering your fingerprint or a scan of your retinas, or looking into a camera, so that your facial features can be scanned and matched against a trusted user facial profile.
Many systems implement two or more of these authentication factors—for instance, the user must know a PIN and possess a security token before access is permitted. This is known as two-factor authentication. ScreenOS provides native username and password authentication, and you can configure it to integrate with external authentication systems running within the network that provide authentication and authorization ...
Get ScreenOS Cookbook now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
