2.2. Classes of Authentication Mechanisms
In earlier sections, we provided a few well-known authentication mechanisms. Since authentication is a very old problem, the list of authentication mechanisms out there can be very long, especially when we consider that people customized many of those of mechanisms for a variety of deployment scenarios and security requirements. For that reason, instead of going on and providing more authentication examples, we provide a classification of authentication mechanisms that is the result of a survey conducted by IAB[V]. The IAB classified the authentication mechanisms into seven different classes, which covers almost all the authentication models "out there". In this classification, the following three fundamental criteria are considered:
Authentication based on something the authenticating party has, such as a physical hardware token or a card.
Authentication based on something the authenticating party knows, such as a secret or a password.
Authentication based on something the authenticating party is, such as a physical characteristic of the link it is attached to.
The seven classes of authentication mechanisms are as follows:
Passwords in the clear: This is the oldest and simplest user authentication method, by which the user supplies a (user name, password) pair along with its authentication request or network access request to the network. The request is processed by a server, which looks up the password in a password file using the user ...
Get AAA and Network Security for Mobile Access: Radius, Diameter, EAP, PKI and IP Mobility now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
