It's Me, and Here's My Proof: Why Identity and Authentication Must Remain Distinct


No matter what kinds of technological or procedural advancements occur, certain principles of computer science will remain especially those concerning information security. Iíve noticed lately that, among all the competing claims of security vendors that their latest shiny box will solve all your security woes, a basic understanding of computer science fundamentals is missing.

Because good computer science never loses importance, and because knowing the science can help you choose products and develop processes, from time to time I will cover such topics in this column. This month Iíd like to explore the concepts of identity, authentication, and authorization, to help you understand their important distinctions, and to help guard you against the increasingly common tendency to combine the first two. Itís Me, and Hereís My Proof: Why Identity and Authentication Must Remain Distinct

Linked by shanmuga Thursday, 16th February 2006 6:49AM