X-Nico

2 unusual facts about authentication


Authentication

the inherence factors: Something the user is or does (e.g., fingerprint, retinal pattern, DNA sequence (there are assorted definitions of what is sufficient), signature, face, voice, unique bio-electric signals, or other biometric identifier).

Legal instrument

Many legal instruments were written under seal by affixing a wax or paper seal to the document in evidence of its legal execution and authenticity (which often removes the need for consideration in contract law); however, today many jurisdictions have done away with the requirement of documents being under seal in order to give them legal effect.


Apple Open Directory

Any Mac OS X Server system prior to 10.7 (Lion) configured as an Open Directory Master can act as a Windows Primary Domain Controller (PDC), providing domain authentication services to Microsoft Windows clients.

Burrows–Abadi–Needham logic

A very simple protocol — the Wide Mouth Frog protocol — allows two agents, A and B, to establish secure communications, using a trusted authentication server, S, and synchronized clocks all around.

The original Logic of Authentication paper (linked below) contains this example and many others, including analyses of the Kerberos handshake protocol, and two versions of the Andrew Project RPC handshake (one of which is defective).

Caller ID spoofing

In August 2006, Paris Hilton was accused of using caller ID spoofing to break into a voicemail system that used caller ID for authentication.

Cisco Wireless IP Phone 7920

Open/Shared Key/LEAP are supported authentication methods with CCKM/WPA joining in the near future.

CloudFlare

In June 2012, the hacker group UGNazi attacked CloudFlare partially via flaws in Google's authentication systems, gaining administrative access to CloudFlare and using it to deface 4chan.

Cosign

CoSign single sign on, a secure single sign-on web authentication system

DMARC

This means that senders will experience consistent authentication results for their messages at AOL, Comcast, Gmail, Hotmail, Mail.ru, Netease, XS4ALL, Yahoo! and any other email receiver implementing DMARC.

Dynamic DNS

Microsoft developed alternative technology (GSS-TSIG) based on Kerberos authentication.

EMV

The use of a PIN and cryptographic algorithms such as DES, Triple-DES, RSA and SHA provide authentication of the card to the processing terminal and the card issuer's host system.

Event data

Examples of security systems range from authentication applications including LDAP and RACF as well as IDS applications and other security systems.

Extensible Authentication Protocol

EAP for GSM Subscriber Identity Module (EAP-SIM) is used for authentication and session key distribution using the Subscriber Identity Module (SIM) from the Global System for Mobile Communications (GSM).

Group Domain of Interpretation

"AAA" is authorization, authentication and accounting, which might run some kind of AAA protocol.

Herbert Eugene Bolton

Bolton's biggest mistake was his February 1937 authentication of Drake's Plate of Brass, which was a forgery of a mythical brass plaque purportedly placed by Sir Francis Drake upon his arrival in 1579.

HP IceWall SSO

A demon program which accepts requests from Forwarder and performs authentication by getting user information from Certification DB ( (Directory servicesor RDB).

Identrust

The or Trust Gate approach to identity authentication prevents Man-in-the-Browser and Man-in-the-Middle fraud by providing a totally safe browser with a real-time identity validation, and a totally remote device for loading certificates and software drivers.

ISO/IEC 19794-5

The standard is intended to allow computer analysis of face images for automated face identification (one-to-many searching) and authentication (one-to-one matching), as well as human identification of distinctive features such as moles and scars that might be used to verify identity, and human verification of computer identification results.

Jay's Journal

Some critics have challenged the authenticity of the story, noting that the editor of this book, Beatrice Sparks, has filled the same role on many other "actual, anonymous diaries of teenagers" that explore such sensational themes as drug addiction, teenage pregnancy, and prostitution.

KBA

The Knowledge-based authentication, a method of authentication which seeks to prove the identity of someone accessing a service.

Kerala State Council for Science, Technology and Environment

The Center has a Regional Facility for Genetic Fingerprinting, which provides DNA analysis services for forensic and criminal investigations, paternity disputes, identification of wildlife remains, authentication of plants and seeds besides a battery of molecular diagnostics for genetic and infectious diseases.

Logical access control

Logical access controls are tools used for identification, authentication, authorization, and accountability in computer information systems.

MagicDraw

This integration authenticates MagicDraw users against the LDAP Server using the Simple User + Password combination or SASL authentication as well as the SSL/TLS protocol.

Martín Abadi

He is well known for his work on computer security and on programming languages, including his paper (with Michael Burrows and Roger Needham) on the Burrows-Abadi-Needham logic for analyzing authentication protocols, and his book (with Luca Cardelli) A Theory of Objects, laying out formal calculi for the semantics of object-oriented programming languages.

Memcached

For this purpose Memcached can be compiled with optional SASL authentication support.

Merit Network

In 1993 Merit's first Network Access Server (NAS) using RADIUS (Remote Authentication Dial-In User Service) was deployed.

Mobile Application Part

The Mobile Application Part is the application-layer protocol used to access the Home Location Register, Visitor Location Register, Mobile Switching Center, Equipment Identity Register, Authentication Centre, Short message service center and Serving GPRS Support Node (SGSN).

Open Settlement Protocol

A press release of September 2, 1998, announced that the industry leaders 3Com Corporation, Cisco, GRIC Communications, iPass, and TransNexus had "teamed up to promote inter-domain authentication, authorization and accounting standards for IP telephony through the Open Settlement Protocol (OSP)".

OpenAM

OpenAM has the flexibility to chain methods together along with Adaptive Risk scoring, or to create custom authentication modules based on the JAAS (Java Authentication and Authorization Service) open standard.

PCGS

Professional Coin Grading Service, an authentication and grading service for rare coins started by seven coin dealers in 1985 to standardize coin grading.

Pluggable authentication module

This lack of functionality is also the reason SSH does its own authentication mechanism negotiation.

Point-to-Point Tunneling Protocol

However, the most common PPTP implementation shipping with the Microsoft Windows product families implements various levels of authentication and encryption natively as standard features of the Windows PPTP stack.

Python Paste

Functionality provided by WSGI middleware may include authentication, logging, URL redirection, creation of sessions, and compression.

SASL

Simple Authentication and Security Layer, a framework for authentication and data security in Internet protocols

SCADA

-- citations as support of the statements are fine --> In electric and gas utility SCADA systems, the vulnerability of the large installed base of wired and wireless serial communications links is addressed in some cases by applying bump-in-the-wire devices that employ authentication and Advanced Encryption Standard encryption rather than replacing all existing nodes.

Software protection dongle

Some unlicensed titles for game consoles (such as Super 3D Noah's Ark or Little Red Hood) used dongles to connect to officially licensed ROM cartridges, in order to circumvent the authentication chip embedded in the console.

Two Twisted

A genteel stamp trader (Sam Neill), a docile barber (Roy Billing), his rude alcoholic wife (Wendy Hughes) and a fabled stamp... will authentication lead to murder?

Wide Mouth Frog protocol

The protocol was first described under the name "The Wide-mouthed-frog Protocol" in the paper "A Logic of Authentication" (1990), which introduced Burrows–Abadi–Needham logic, and in which it was an "unpublished protocol ... proposed by" coauthor Michael Burrows.

XRDS

OpenID authentication for discovery and capabilities description of OpenID providers.

Yadis

This descriptor follows the XRDS format and connects several services, like authentication or authorization to the Yadis URL.

YouTrack

It also has an integration with TeamCity, IntelliJ IDEA, TestLink, TestRail, and supports user authentication with Google Account, Yahoo!, OpenID and LDAP.


see also