Networking

Authentication

As a security mechanism, authentication is provided by every major network operating system and is implemented in all but the most insecure networks. Its 'impact on network functionality,' is that it will require users to identify themselves to the network. This process provides two benefits. It secures the network from unauthorized access and provides a degree of accountability for users once they are logged on.

There are three basic categories of authentication used on modern networks:

  • Passwords The 'traditional' authentication method, passwords do a good job of providing security, but users who choose passwords that are too simple to guess can negate their effectiveness. Additionally, passwords can be passed from one person to another, diminishing their role as an accountability mechanism. Although network users will likely be very comfortable with using passwords, you should make them aware of the rules governing password use in your organization. You should also ensure that they understand the electronic policies that will dictate conditions such as password length and expiration times.

  • Smartcards Smartcards, which are normally used in conjunction with a password or personal identification number (PIN), provide a higher level of accountability and access control than passwords. This is because the user has to be in possession of a physical item (the smartcard), as well as information (the password or PIN) in order to gain access.

  • Biometrics Biometrics, which can mean the scanning or verification of some part of your person, is the ultimate 'proof of person' authentication technique. As it is almost impossible to fake biometric mediums such as fingerprints or retinal patterns, you can be very sure that someone gaining access to the system biometrically is who they say they are. Even so, biometric systems typically also use passwords or PIN numbers as an additional measure of security.