1.Once an account has been provisioned ,the first step a user undertakes to access a system is to provide identification.
2.Public information.
3.Identification must be unique for accountibility.
4.Standard naming scheme should be used.
5.Identifier should not indicate extra information about user.
6.Unless authentication is used, identities are easily spoofed.
Authentication
1.Supporting the identification claim.
2.Type I something you know.
3.Type II something you have.
4.Type III something you are.
0 Comments