Access Authentication

Abstract

Unless a corporation can reliably authenticate its network users, it is not possible to keep unauthorized users out of its networks. Authentication is essential for two parties to be able to trust in each other’s identities. Authentication is based on something you know (a password), on something you have (a token card, a digital certificate), or something that is part of you (fingerprints, voiceprint). A strong authentication requires at least two of these factors. The following mechanisms of authentication are described in this chapter: (1) IEEE 802.1X Access Control Protocol; (2) Extensible Authentication Protocol (EAP) and EAP methods; (3) traditional passwords; (4) Remote Authentication Dial-in Service (RADIUS); (5) Kerberos authentication service; and (6) X.509 authentication.