Category: Access Control, Authentication, & Identity Management

Learn how security and network administrators restrict access, grant authorization, and authenticate their users.

Single Sign On (SSO) Authentication

SSO We implement Single Sign-On (SSO) in many day-to-day authentication technologies. As the name suggests, SSO allows users to login or access multiple systems and services by providing credentials only once, just as we saw in Kerberos. Because of that, SSO is a "transitive" form of authentication, allowing users to access services in other domains ...

Kerberos Authentication

Kerberos is a Single Sign-On (SSO) authentication protocol developed by the Massachusetts Institute of Technology in the 1980s. It is also a written standard in RFC 4120. As an SSO technology, users don't have to worry about entering different login credentials every time they access a resource. If we didn't have SSO technology, it wouldn't ...

The 5 Factors of Authentication

Many people confuse authentication with authorization. They both start with "auth," so I can see how these terms might be mistakenly used interchangeably. The reality is authentication comes before authorization. Authentication is simply proving you are who you say are. For example, you provide your identity, such as a username or E-mail, and then you ...

Understanding the CIA Triad

No, I'm not referring to the Central Intelligence Agency, I'm referring to the three security principles: Confidentiality, Integrity, and Availability. In the cybersecurity world, these 3 principles are our core security goals. Confidentiality We keep sensitive and personal information "confidential," that is, the confidentiality principle enshrouds itself in preventing the unauthorized disclosure of data. We ...