17.1
Authentication Overview
Before any user's service request is authorized according to the firewall's
security policies, the firewall need to verify the identity of the user, to
ensure that the corresponsive user is who she or he claims to be.
Authentication is the process to address such issue. It forms a filter at the
forefront of the firewall's access control, packet filtering, and secure
tunneling. In this chapter, we concern the validity of the user, in term of
person; the same principles apply to devices in the network as well.
17.1.1
Authentication Methods
Generally, the authentication process prompts the user to show one's
credential with great care that this secret is not possessed by anyone else.
The solutions and enabling technologies can be categorized upon the basis
of:
The unique attributes of the user that are different on every person –
physiological characteristics – such as one's fingerprint, retina, or
voice.
The key "tool" that a user possesses, such as a Digital Certificates, a
Passcard, or Public & Private Keys.
17
User Authentication
131