Authentication (Single Factor) and Authorization: The most basic form of authentication is known as single-factor authentication (SFA), because only one type of authentication is checked.
SFA is most often implemented as the traditional username/password combination. A username and password are unique identifiers for a logon process.
Here’s a synopsis for how SFA works: when users sit down in front of a computer system, the first thing a security system requires is that they established who they are.
Identification is typically confirmed through a logon process. Most operating system terms use a user ID (username) and password to accomplish this.
These values can be sent across the connection as plain text or they can be encrypted.
Authentication (Single Factor) and Multi-factor Authorization
The logon process identifies that you are who you say you are to the operating system and possibly the network.
Illustrates the logon and password process Notice that the operating system compares this information to the stored information from the security processor, and it either accepts or denies the logon attempt.
The operating system might establish privileges or permission based on stored data about that particular user ID.
Whenever two or more parties authenticate each other, it is known as mutual authentication.
A client may authenticate to a server and a server may authenticate to a client when there is a need to establish a secure session between the two and employ encryption.
Mutual Authentication ensures that the client is not unwittingly connecting and providing its credentials to a rogue server, which can then turn around and steal the data from the real server.
Commonly, mutual authentication will be implemented when the data to be sent during the session is of a critical nature, such as financial or medical records.
When two or more access methods are included as part of the authentication process, you are implementing a multifactor authentication system.
A system that user smart cards and passwords is referred to as two-factor authentication system, this example require both smart card and a logon password process.
A multi-factor system can consist of a two-factor system, three-factor system, and so on.
As long as more than one factor is involved in the authentication process, it is considered a multifactor system.
For obvious reasons, the two or more factors employed should not be from the same category.
Although you do increase difficulty in gaining system access by requiring the user to enter two sets of username/password combination,
It is much preferred to pair a single username/password combination with a biometric identifier or other security check.
If you have any question regarding Authentication (Single Factor) and Authorization or Multifactor Authentication click here to ask.
Authentication (Single Factor) and Multifactor Authorization