The IT Law Wiki

Strong authentication

32,296pages on
this wiki
Add New Page
Talk0 Share

Definitions Edit

Strong authentication is

a layered authentication approach relying on two or more authenticators to establish the identity of an originator or receiver of information.[1]
[t]he process of authenticating a user based on at least two of three factors: something you know (i.e., username and password), something you have (i.e., token device), and something you are (i.e., fingerprints).[2]
[a]n authentication process that uses a cryptographic security mechanism — particularly public-key certificates — to verify the identity claimed for an entity.[3]
[a] form of authentication whereby it is very difficult or impossible for a hostile user to successfully intercept and employ a transmitted authenticator (i.e., highly resistant to replay attack).[4]

References Edit

  1. DHS Sensitive Systems Policy Directive 4300A, at 7.
  2. Unified Capabilities, Framework 2013, App. C, at C-46 (full-text).
  3. Internet Security Glossary, at 293.
  4. DCID 6/3, Glossary, App. B.

Ad blocker interference detected!

Wikia is a free-to-use site that makes money from advertising. We have a modified experience for viewers using ad blockers

Wikia is not accessible if you’ve made further modifications. Remove the custom ad blocker rule(s) and the page will load as expected.

Also on Fandom

Random Wiki