Identification and Authentication Methods in Security: CISSP Certification Training

Identification and Authentication Methods in IT Security


Last updated October 28, 2016


Identification and authentication methods are major concepts in security and must study for CISSP exam. Anyone looking forward towards attaining a CISSP Certification needs to understand these methods with in depth knowledge. Let’s get an idea about the same in this post. The function of Identification is to map a known quantity to an unknown entity so as to make it known. The known quantity is called the identifier or ID and the unknown entity is what needs identification. A basic requirement for identification is a unique ID; IDs are unique only within a particular scope. After a person is identified, through the user ID or a similar value, he or she must be authenticated, which means he or she must prove about their identity.

There are three general factors that can be used for authentication which are observed below:

  • Something a person knows: Something a person knows can be a password, PIN, mother’s maiden name, or combination to a lock. Authenticating a person by something that he or she knows is usually the least expensive to implement. The downside to this method is that another person may acquire this knowledge and gain unauthorized access to a system or facility.
  • Something a person has: Something a person has can be a key, swipe card, access card, or badge. This method is common for accessing facilities, but could also be used to access sensitive areas or to authenticate systems. A downside to this method is that the item can be lost or stolen, which could result in unauthorized access.
  • Something a person is: Something specific to a person is based on a physical attribute. Authenticating a person’s identity based on a unique physical attribute is referred to as biometrics.

Two factor authentication and Biometrics are strong authentication methods. Unlike username and id which can be misused, these types of strong authentication are beneficial for high level security. Two-factor authentication involves the use of information that the user knows, such as a user id and password, and also upon something the user has, such as a smart card or token. Biometrics verifies an individual’s identity by analyzing a unique personal attribute or behavior, which is one of the most effective and accurate methods of verifying identification.

To know more about identification and authentication methods in security, you can explore our training courses on Certified Information Systems Security Professional exam. Simplilearn offers extensive CISSP Boot Camp with expert tutors.

Find our CISSP®- Certified Information Systems Security Professional Online Classroom training classes in top cities:

Name Date Place
CISSP®- Certified Information Systems Security Professional 7 Dec -5 Jan 2019, Weekdays batch Your City View Details
CISSP®- Certified Information Systems Security Professional 22 Dec -20 Jan 2019, Weekend batch Atlanta View Details
CISSP®- Certified Information Systems Security Professional 11 Jan -2 Feb 2019, Weekdays batch Washington View Details

About the Author

Chandana is working as a Senior Content Writer in and handles variety of creative writing jobs. She has done M.A. in English Literature from Gauhati University. A PRINCE2 Foundation certified, she has a unique and refreshing style of writing which can engross the readers to devour each sentence of her write-ups.

Recommended articles for you

Secure Access Control to Monitor User–System Interactions


Reassessing the Concepts of Security Risk Management


Substantial Concepts Associated with Internet Protocol Secur...