Identification and authentication methods are major concepts in security and must study for CISSP exam. Anyone looking forward towards attaining a CISSP Certification needs to understand these methods with in depth knowledge. Let’s get an idea about the same in this post. The function of Identification is to map a known quantity to an unknown entity so as to make it known. The known quantity is called the identifier or ID and the unknown entity is what needs identification. A basic requirement for identification is a unique ID; IDs are unique only within a particular scope. After a person is identified, through the user ID or a similar value, he or she must be authenticated, which means he or she must prove about their identity.
There are three general factors that can be used for authentication which are observed below:
- Something a person knows: Something a person knows can be a password, PIN, mother’s maiden name, or combination to a lock. Authenticating a person by something that he or she knows is usually the least expensive to implement. The downside to this method is that another person may acquire this knowledge and gain unauthorized access to a system or facility.
- Something a person has: Something a person has can be a key, swipe card, access card, or badge. This method is common for accessing facilities, but could also be used to access sensitive areas or to authenticate systems. A downside to this method is that the item can be lost or stolen, which could result in unauthorized access.
- Something a person is: Something specific to a person is based on a physical attribute. Authenticating a person’s identity based on a unique physical attribute is referred to as biometrics.
Two factor authentication and Biometrics are strong authentication methods. Unlike username and id which can be misused, these types of strong authentication are beneficial for high level security. Two-factor authentication involves the use of information that the user knows, such as a user id and password, and also upon something the user has, such as a smart card or token. Biometrics verifies an individual’s identity by analyzing a unique personal attribute or behavior, which is one of the most effective and accurate methods of verifying identification.
To know more about identification and authentication methods in security, you can explore our training courses on Certified Information Systems Security Professional exam. Simplilearn offers extensive CISSP Boot Camp with expert tutors.