Term
|
Definition
| When a person is in a state of being identified. It can also be described as something that identifies a person such as an ID card. |
|
|
Term
|
Definition
| When a person’s identity is confirmed. Authentication is the verification of a person’s identity. |
|
|
Term
|
Definition
| When a user is granted access to specific resources when authentication is complete. |
|
|
Term
|
Definition
| An initial validation of an identity. |
|
|
Term
|
Definition
| Physical devices given to authorized users to help with authentication. These devices might be attached to a keychain or are part of a card system. |
|
|
Term
| Multifactor Authentication |
|
Definition
| When two or more types of authentication are used when dealing with user access control. |
|
|
Term
|
Definition
| The science of recognizing humans based on one or more physical characteristics. |
|
|
Term
|
Definition
| An area between two doorways, meant to hold people until they are identified and authenticated. |
|
|
Term
|
Definition
| An authentication technology used to connect devices to a LAN or WLAN. It is an example of port-based NAC. |
|
|
Term
|
Definition
Extensible Authentication Protocol
Not an authentication mechanism in itself but instead defines message formats. 802.1X would be the authentication mechanism and defines how EAP is encapsulated within messages. |
|
|
Term
|
Definition
Single Sign-On
When a user can log in once but gain access to multiple systems without being asked to log in again. |
|
|
Term
|
Definition
| When a system authenticates a user who should not be allowed access to the system. For example, when an IDS/IPS blocks legitimate traffic from passing on to the network. |
|
|
Term
|
Definition
| When a system denies a user who actually should be allowed access to the system. For example, when an IDS/IPS fails to block an attack, thinking it is legitimate traffic. |
|
|
Term
|
Definition
| When a biometric system fails to recognize an authorized person and doesn’t allow that person access. |
|
|
Term
|
Definition
Lightweight Directory Access Protocol
An Application Layer protocol used for accessing and modifying directory services data. |
|
|
Term
|
Definition
| An authentication protocol that enables computers to prove their identity to each other in a secure manner. |
|
|
Term
|
Definition
| When two computers, for example a client and a server, both verify each other’s identity. |
|
|
Term
|
Definition
| Part of the authentication process used by Kerberos. |
|
|
Term
|
Definition
Challenge-Handshake Authentication Protocol
An authentication scheme used by the Point-to-Point Protocol (PPP) that is the standard for dial-up connections. |
|
|
Term
|
Definition
Remote Access Service
A networking service that allows incoming connections from remote dial-in clients. It is also used with VPNs. |
|
|
Term
|
Definition
Virtual Private Network
A connection between two or more computers or devices that are not on the same private network. |
|
|
Term
|
Definition
Point-to-Point Tunneling Protocol
A tunneling protocol used to support VPNs. Generally includes security mechanisms, and no additional software or protocols need to be loaded. A VPN device or server must have inbound port 1723 open to enable incoming PPTP connections. |
|
|
Term
|
Definition
Layer 2 Tunneling Protocol
A tunneling protocol used to connect virtual private networks. It does not include confidentiality or encryption on its own. It uses port 1701 and can be more secure than PPTP ifused in conjunction with IPsec. |
|
|
Term
|
Definition
| A hardware appliance that allows hundreds of users to connect to the network from remote locations via a VPN. |
|
|
Term
|
Definition
Remote Authentication Dial-In User Service
Used to provide centralized administration of dial-up, VPN, and wireless authentication. |
|
|
Term
|
Definition
Terminal Access Controller Access-Control System
A remote authentication protocol similar to RADIUS used more often in UNIX networks. |
|
|
