Authentication Systems

As we've seen, authentication systems require some sort of credential. Although we usually associate credentials with some sort of document, that need not be the case. More broadly, credentials can be created using:

  • Something you know

  • Something you have

  • Something you are

  • Some combination of the three

These are known as authentication factors . In general, the more authentication factors that are present in an authentication system, the more secure it is. You'll hear the term "two-factor authentication," for example, meaning that the system incorporates two of these authentication factors. The remainder of this section will discuss some common authentication schemes and their authentication factors.

Cookies

You may not have thought of cookies as an identity credential; but, the fact is, they represent the most prevalent form of identity credential on the Internet. The Hacker's Dictionary defines a cookie as a handle, transaction ID, or other token of agreement between cooperating programs. The claim check you get from a dry-cleaning shop is a perfect example of a cookie; the only thing it's useful for is making sure that you get your clothes back by relating two transactions that happen at different times.

On the Internet, cookies are exchanged between the browsers people use to access the Web and the servers the people visit. These cookies serve the same purpose as the claim check in the dry cleaning example: they tie transactions together that are otherwise difficult ...

Get Digital Identity now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.