Authentication and Authorization
来源:互联网 发布:windows 10 s 编辑:程序博客网 时间:2024/05/22 07:43
- Authentication
An authentication system is how you identify yourself to the computer. The goal behind an authentication system is to verify that the user is actually who they say they are.
There are many ways of authenticating a user. Any combination of the following are good examples.
- Password based authentication
- Requires the user to know some predetermined quantity (their password).
- Advantages: Easy to impliemnt, requires no special equipemnt.
- Disadvantages: Easy to forget password. User can tell another user their password. Password can be written down. Password can be reused.
- Advantages: Easy to impliemnt, requires no special equipemnt.
- Device based authentication
- Requires the user to posses some item such as a key, mag strip, card, s/key device, etc.
- Advantages: Difficult to copy. Cannot forget password. If used with a PIN is near useless if stolen.
- Disadvantages: Must have device to use service so the user might forget it at home. Easy target for theft. Still doesn't actually actively identify the user.
- Advantages: Difficult to copy. Cannot forget password. If used with a PIN is near useless if stolen.
- Biometric Authentication
- My voice is my passport. Verify me. This is from the movie sneakers and demonstrates one type of biometric authentication device. It identifies some physical charactistic of the user that cannot be seperated from their body.
- Retina Scanners:
- Advantages: Accurately identifies the user when it works.
- Disadvantages: New technology that is still evolving. Not perfect yet.
- Advantages: Accurately identifies the user when it works.
- Hand Scanners:
- Advantages: Difficult to seperate from the user. Accurately identifies the user.
- Disadvantages: Getting your hand stolen to break into a vault sucks a lot more than getting your ID card stolen.
- Advantages: Difficult to seperate from the user. Accurately identifies the user.
- My voice is my passport. Verify me. This is from the movie sneakers and demonstrates one type of biometric authentication device. It identifies some physical charactistic of the user that cannot be seperated from their body.
- Authorization
Once the system knows who the user is through authentication, authorization is how the system decides what the user can do.
A good example of this is using group permissions or the difference between a normal user and the superuser on a unix system.
There are other more compicated ACL (Access Control Lists) available to decide what a user can do and how they can do it. Most unix systems don't impliment this very well (if at all.)
from: http://www.acm.uiuc.edu/workshops/security/auth.html
- Authentication and Authorization
- Authentication, Authorization, and Encryption
- ASP.NET authentication and authorization
- ASP.NET authentication and authorization
- Authorization and Authentication In Hadoop
- ASP.NET authentication and authorization
- ASP.NET authentication and authorization
- Designing an Authentication and Authorization Strategy
- Yii - 验证和授权(Authentication and Authorization)
- Building Secure ASP.NET Applications: Authentication, Authorization, and Secure Communication
- Building Secure ASP.NET Applications: Authentication, Authorization, and Secure Communication
- Authentication and Authorization in the Google Data Protocol
- How-to: Enable User Authentication and Authorization in Apache HBase
- 区分authentication、authorization、Identification
- JAAS最经典的文章:USER AUTHENTICATION AND AUTHORIZATION IN THE JAVA(TM) PLATFORM
- Chapter 2 User Authentication, Authorization, and Security(1):选择Windows和SQL 身份验证
- Chapter 2 User Authentication, Authorization, and Security(2):创建登录帐号
- Chapter 2 User Authentication, Authorization, and Security(3):保护服务器避免暴力攻击
- SQL注入漏洞全接触--高级篇
- 对CMM的认识
- VC基础教程
- 数学建模论文基本格式(转载)
- 转载几篇不错的文章
- Authentication and Authorization
- 六月~八月文章列表
- 必读!写给80后的婚姻备忘录
- First Test
- JAVA中关于Oracle的索引
- windows mobile 的键盘驱动理解
- 淹死
- 从Mircrosoft Outlook 转到 Thunderbird
- ArcGIS Server常见问题集锦