Professional Documents
Culture Documents
Authentication
Student’s Name
Institutional Affiliation
Date
2
Authentication
Information is considered a critical resource driving change and development across all
sectors. Information Assurance according to the US Department of Defense refers to the steps
performed to ensure the availability, the integrity, the authenticity, the secrecy, as well as non-
repudiation of the information as well as information systems. This includes adding protection,
detection, as well as reaction abilities to enable the restoration of this kind of information
systems. Its goal is to guarantee protecting of the information assets from being destroyed,
Authentication and authorization are two phrases that are frequently used
interchangeably. Even though they are frequently used interchangeably, they constitute two
separate functions. Before allowing access to secured networks and systems, authentication
process that verifies that the authorized user or process has been given authority to access the
requested resource. The process that ensures that there is restricted access of the existing
resources to specific users is referred to as access control. It should be noted that authentication
The key aspects of information that needs protection are availability, integrity,
access, in the right format, version, and medium and to the rightful user. Confidentiality ensures
proof of data delivery and receipt between the communicating entities or nodes. Different
organizations can guarantee safety of their different networks by ensuring that only the
legitimate users as well as processes are accorded access to the protected resources. Some of the
3
examples include the computer systems, the webpages, the networks, the databases, as well as
most crucial aspect of any system, the majority of authentication mechanism will be placed at the
beginning. When you're authenticated, the system will let you in. Authentication may differ from
system to system, but everyone needs to take certain concrete actions to ensure the highest level
of security. Authentication has two primary steps: the first is identification, and the second is
validation. The actual user's identification is provided in the first phase via user ID and
confirmation.
Baig and Eskeland (2021) identify five major methods of authentication: knowledge-
et al. (2010) categorize these approaches into what exactly the particular user know, what they
have, as well as what the particular user is, and the location-based authenticity. Each approach
employs a factor, a unique characteristic that is incorporated in the identification of the specific
The knowledge-based authentication method applies the user’s knowledge and memory.
These include the personal identification number (PIN) and the password. This is the most
characters and symbols. The shortcomings of using passwords as the authentication method are:
easy to guess, easy to forget, easy to share, and easy to display since some write it down.
The user is issued with a unique password or PIN that is useable in identifying them. The system
uses this information to verify the identity of the user. We can give the user a secret password
4
that can be used to verify the specific identity of the user (Alenius, 2010). More specifically, the
user can create his or her password or generate it randomly by the system.
The possession-based authentication uses what the user has to authenticate them. For
example, a security token, smartcards, access cards, or ID card. A token is valid for a short
period. Once it is used to log in successfully, it expires. For example, Online Temporary
Password (OTP) or password resetting codes. The commonly used other method is certificate-
based. This employs digital certificates based on the user’s identity documents such as a
passport. The certificate contains the user’s data including signature and a key.
Biometric user authentication is taking shape in most organizations these days because it
employs the user's unique biological features; it is the most secure authentication method. It
comes with significant advantages. They include ease of use since the captured features can
easily be compared with the stored data in the database, and easier control of access since it will
only allow authorized users to access the premise or resource. It is easier to integrate other
authentication methods with biometrics. For example, one can use biometrics and passwords or
pins. It enforces higher degree of accuracy in security since it is impossible for someone to copy
another’s feature. There are four most common biometric authentication methods: facial, voice,
1. Voice Recognition — identifies the speaker’s voice pattern for specific pitches,
intonation, and variation to verify him or her. The user registers their voice by recording
2. Eye scanners— these read the patterns of the iris or retina of a user to verify them. It
compares the read patterns in the user’s eye to the records in the database. If they match,
3. Facial recognition— this technology compares the different face patterns of a user. Like
others, the captured face is compared with the database records to ascertain the
authenticity of the user. This have shortcomings since it could be reject facial
expressions, varied angles, use of make-up and other variation in a person’s face.
4. Fingerprint scanners—these scan the user’s fingers and match their unique patterns
with that captured in the database. These are currently the most popular biometric
technology.
process. This is the stage where a determination is made as to whether the access should be
accorded to the user. It should be noted that each of the identified methods has their limitations.
The best approach to bypass these shortcomings is to employ multiple authentication methods.
With the rising trend in the internet-enabled technological devices, information security
has never been such critical. There are alarming cases if information and data loss brought about
by hackers and crackers. Safeguarding access control is the new clarion call among the
organizations. Each access point could be a point of entry and weak point in securing the data.
Strong machine authentication is required for every networked device, and despite their
generally low activity, these devices must be configured for limited rights access to limit what
can be done even if they are penetrated (El-Hajj et al, 2019). Every organization must employ
References
Environment.
Baig, A. F., & Eskeland, S. (2021). "Security, Privacy, and Usability in Continuous
El-Hajj, M., Fadlallah, A., Chamoun, M., & Serhrouchni, A. (2019). A survey of internet of things (IoT)
Pathan, A. S. U., Thakur, K. K., Chakraborty, A., & Kabir, M. H. (2019). Fingerprint