Documenti di Didattica
Documenti di Professioni
Documenti di Cultura
Define Authentication
- Authentication can be defined in two contexts.
- Regarding access control, authentication is the verification of the credential
s to ensure that they are genuine and not fabricated.
- Other access control terms include: identification, authorization, and access.
- Authentication can also be viewed as one of three key elements in security: au
thentication, authorization, and accounting, known as AAA ("triple A").
- Authentication in AAA provides a way of identifying a user, typically by havin
g them enter a valid password before granting access.
- AAA servers, which are servers dedicated to performing AAA functions, can prov
ide significant advantages in a network.
The management protocol of IEEE 802.1x that governs the interaction between the
system, authenticator, and RADIUS server is known as the Extensible Authenticati
on Protocol (EAP).
EAP is an "envelope" that can carry many different kinds of exchange data used f
or authentication, such as a challenge/response or OTP.
The EAP protocols that exist today can be divided into three categories: authent
ication legacy protocols, EAP weak protocols, and EAP strong protocols.
- Three authentication legacy protocols include:
--Password Authentication Protocol (PAP)
--Challenge-Handshake Authentication Protocol (CHAP)
--Microsoft Challenge-Handshake Authentication Protocol (MS-CHAP)
- EAP weak protocols include:
--Extended Authentication Protocol-MD5 (EAP-MD5)
--Lightweight EAP (LEAP)
- EAP strong protocols include:
--EAP with Transport Layer Security (EAP-TLS)
--EAP with Tunneled TLS (EAP-TTLS) and Protected EAP (PEAP)