Aswin TS Authentication Methods Simplified Notes Unit 4
Aswin TS Authentication Methods Simplified Notes Unit 4
2. Trust: Builds confidence between users, devices, and systems by ensuring all
interactions are legitimate.
4. Access Control: Defines who can access what parts of the system, improving
overall security.
Methods of Authentication
Various methods are used to verify the identity of users or devices in a distributed system.
1. Password-Based Authentication
Users provide a username and password to access the system.
Challenges:
Solutions:
2. Token-Based Authentication
The system issues a temporary token to the user after verifying their identity. This token
can be used to access resources for a limited time.
Use Cases:
Used in Single Sign-On (SSO) systems for secure and seamless access.
Benefits:
Tokens are more secure than passwords as they expire and can be revoked.
Users must verify their identity using at least two of the following factors:
Example: Logging into a bank account with a password and a one-time code sent to your
phone.
Benefits:
A cryptographic system that uses pairs of public and private keys for secure
communication and authentication.
How it works:
A trusted Certificate Authority (CA) issues a digital certificate verifying the identity of
users or devices.
The private key is kept secret by the user, while the public key is shared.
Use Cases:
Benefits:
5. Biometric Authentication
Common Methods:
Behavioral Biometrics: Tracks patterns like typing speed or how a device is held.
Benefits:
Example: Logging into multiple corporate systems using Single Sign-On (SSO).
Benefits:
Reduces the risk of password fatigue (users creating weak passwords for convenience)
7. Smart Cards
How it works:
The user inserts the card into a reader and may also enter a PIN for verification.
Use Cases:
Used for both physical access (e.g., entering buildings) and logical access (e.g., logging
into computers)
Benefits:
Provides two-factor authentication (something the user has + something they know).
8. Passwordless Authentication
Benefits: