1

Authentication

Student’s Name

Institutional Affiliation

Date
 2

Authentication

Information is considered a critical resource driving change and development across all

sectors. Information Assurance according to the US Department of Defense refers to the steps

performed to ensure the availability, the integrity, the authenticity, the secrecy, as well as non-

repudiation of the information as well as information systems. This includes adding protection,

detection, as well as reaction abilities to enable the restoration of this kind of information

systems. Its goal is to guarantee protecting of the information assets from being destroyed,

degraded, manipulated, or exploited. It also provides for data recovery mechanisms.

Authentication and authorization are two phrases that are frequently used

interchangeably. Even though they are frequently used interchangeably, they constitute two

separate functions. Before allowing access to secured networks and systems, authentication

checks the validity of a registered user or process. Authorization is a more comprehensive

process that verifies that the authorized user or process has been given authority to access the

requested resource. The process that ensures that there is restricted access of the existing

resources to specific users is referred to as access control. It should be noted that authentication

usually comes first, and this is closely by permission.

The key aspects of information that needs protection are availability, integrity,

confidentiality, and non-repudiation. The availability of information ensures it is timely, efficient

access, in the right format, version, and medium and to the rightful user. Confidentiality ensures

the information is protected against unauthorized access. Non-repudiation is concerned with a

proof of data delivery and receipt between the communicating entities or nodes. Different

organizations can guarantee safety of their different networks by ensuring that only the

legitimate users as well as processes are accorded access to the protected resources. Some of the
 3

examples include the computer systems, the webpages, the networks, the databases, as well as

network-based services or applications.

Authentication is a procedure of validating the identity of a user. Since verification is the

most crucial aspect of any system, the majority of authentication mechanism will be placed at the

beginning. When you're authenticated, the system will let you in. Authentication may differ from

system to system, but everyone needs to take certain concrete actions to ensure the highest level

of security. Authentication has two primary steps: the first is identification, and the second is

validation. The actual user's identification is provided in the first phase via user ID and

confirmation.

Baig and Eskeland (2021) identify five major methods of authentication: knowledge-

based, possession-based, biometrics, behavioral-based, and context-aware factors. Hans-Joachim

et al. (2010) categorize these approaches into what exactly the particular user know, what they

have, as well as what the particular user is, and the location-based authenticity. Each approach

employs a factor, a unique characteristic that is incorporated in the identification of the specific

user who is demanding system access.

The knowledge-based authentication method applies the user’s knowledge and memory.

These include the personal identification number (PIN) and the password. This is the most

common authentication. It involves a user-created string which is a combination of alphanumeric

characters and symbols. The shortcomings of using passwords as the authentication method are:

easy to guess, easy to forget, easy to share, and easy to display since some write it down.

The user is issued with a unique password or PIN that is useable in identifying them. The system

uses this information to verify the identity of the user. We can give the user a secret password
 4

that can be used to verify the specific identity of the user (Alenius, 2010). More specifically, the

user can create his or her password or generate it randomly by the system.

The possession-based authentication uses what the user has to authenticate them. For

example, a security token, smartcards, access cards, or ID card. A token is valid for a short

period. Once it is used to log in successfully, it expires. For example, Online Temporary

Password (OTP) or password resetting codes. The commonly used other method is certificate-

based. This employs digital certificates based on the user’s identity documents such as a

passport. The certificate contains the user’s data including signature and a key.

Biometric user authentication is taking shape in most organizations these days because it

employs the user's unique biological features; it is the most secure authentication method. It

comes with significant advantages. They include ease of use since the captured features can

easily be compared with the stored data in the database, and easier control of access since it will

only allow authorized users to access the premise or resource. It is easier to integrate other

authentication methods with biometrics. For example, one can use biometrics and passwords or

pins. It enforces higher degree of accuracy in security since it is impossible for someone to copy

another’s feature. There are four most common biometric authentication methods: facial, voice,

eye scanner, and fingerprints (Pathan et al, 2019).

1. Voice Recognition — identifies the speaker’s voice pattern for specific pitches,

intonation, and variation to verify him or her. The user registers their voice by recording

and setting that as their preferred mode of security authentication. 

2. Eye scanners— these read the patterns of the iris or retina of a user to verify them. It

compares the read patterns in the user’s eye to the records in the database. If they match,

the user is authorized. 

 5

3. Facial recognition— this technology compares the different face patterns of a user. Like

others, the captured face is compared with the database records to ascertain the

authenticity of the user. This have shortcomings since it could be reject facial

expressions, varied angles, use of make-up and other variation in a person’s face.

4. Fingerprint scanners—these scan the user’s fingers and match their unique patterns

with that captured in the database. These are currently the most popular biometric

technology.

After authenticating the particular process or individual, it undergoes the authorization

process. This is the stage where a determination is made as to whether the access should be

accorded to the user. It should be noted that each of the identified methods has their limitations.

The best approach to bypass these shortcomings is to employ multiple authentication methods.

With the rising trend in the internet-enabled technological devices, information security

has never been such critical. There are alarming cases if information and data loss brought about

by hackers and crackers. Safeguarding access control is the new clarion call among the

organizations. Each access point could be a point of entry and weak point in securing the data.

Strong machine authentication is required for every networked device, and despite their

generally low activity, these devices must be configured for limited rights access to limit what

can be done even if they are penetrated (El-Hajj et al, 2019). Every organization must employ

appropriate security measures to safeguard their valuable information assets. Authentication is

one of the key elements in information assurance.

 6

References

Alenius, F. (2010). Authentication and Authorization: Achieving Single Sign-on in an Erlang

Environment.

Baig, A. F., & Eskeland, S. (2021). "Security, Privacy, and Usability in Continuous

Authentication: A Survey." Sensors 21(17),pp 59-67.

El-Hajj, M., Fadlallah, A., Chamoun, M., & Serhrouchni, A. (2019). A survey of internet of things (IoT)

authentication schemes. Sensors, 19(5), 1141.

Pathan, A. S. U., Thakur, K. K., Chakraborty, A., & Kabir, M. H. (2019). Fingerprint

Authentication Security: An Improved 2-Step Authentication Method with

Flexibility. International Journal of Scientific & Engineering Research, 10(1).