Home · About · A-Z Index · Search · Contacts · Press · Register · Login

Security Forum


Return to Security home page
Current work:

- Managers Guides

- MGIS

- Data Privacy

- PKI

- Guide to PKI

- Identity Mgt

- Access Control

- Security Patterns

- Secure Messaging

Strategy/Roadmap

Useful links:

Security topics

Info sources

Liaisons

How we work

Open Group Security Standards/Guides

Authentication

A User Authentication Service (UAS) is a vital component in any secure system, to guard against the risk of an unathorized person (or program or process) masquerading as another person.

It is now widely recognized that if you get authentication wrong in your system, other security measures are rendered largely ineffective.

Authentication raises particularly difficult issues in mobile environments.

Authentication is the verification process that compares an electronically stored set of identification data supposedly unique to a given user, with the same data that the user inputs as their unique identifier. If the comparison is found to be true, then that user is authenticated as correct, so is then granted access rights (i.e. given authorisation) appropriate to that user.

Simple methods of Authentication usually involve coded names and passwords. However, these do not offer sufficiently secure authentication for many of today's users.

Biometrics have been at the center of recent developments to find a more satisfactory data set than a name+password that can be used to identify an individual human user. This technology is referred to as Human Recognition System (HRS). Biometrics are measurements of a user's physical/biological characteristics, digitized to create a set of identifier data that can be electronically stored, retrieved, and compared. Enrolment involves capturing a given biometric for a user, and processing it into digital form and storing it. Identification is then the comparison with the data stored in a biometric database; if the comparison finds a true match in the database then that user is verified.

The Security Forum supported work in the Bio-API Consortium on a Human Authentication API (HA-API), and in 2000 published the Human Recognition Service (HRS) API, C013. The HRS API is fully compatible with CDSA.


Home · Contacts · Legal · Copyright · Members · News
© The Open Group 1995-2012  Updated on Wednesday, 1 August 2001