Security: Authentication

Confirm that individuals are who they claim to be

Security support and updates

Authentication is the process of confirming that something is authentic and, in particular, that users are who they claim to be. Authentication, therefore, depends on an authoritative collection of user's identities, provided by identity management.

The most common means of verifying a user's identity is by a password, though other means may supplement or replace a password. Typically, users' identities are authenticated to let them do something, like log in to a system. Successful authentication grants the ability to do something (which is called authorization and is sometimes confused with authentication).

In a heterogeneous environment with different systems and applications, user authentication and authorization should grant consistent rights in all contexts. This is generally accomplished by using users' roles, defined by their identity information, to determine their rights. For example, users with the role of guest would have minimal rights to view or modify system information.

Learn more