|
A process via which an entity or actor reveals
their Identity. Usually followed by authentication. |
|
|
Authentication |
A process to confirm or deny that an actor is
trusted - is the entity to whom an Identity was given. E.g. A password check.
Usually followed by authorisation. Authentication of an actor produces one of four
results: true positive, true negative, false negative (which leads to
wrongly-denied access) or false positive (which leads to unauthorised
access). |
|
Authentication that involves checking three facts
about an identified actor. Factors can include something they ·
remember (e.g. password, mother’s name), ·
carry (e.g. credit card or key) ·
are (e.g. biometric data.). |
|
|
Authorisation |
A process giving Access to a trusted actor, based
on that actor’s known Access rights. Usually followed by Access. |
|
A process to look inside a system to find data
(or processes) of interest. data can include files containing executable
processes. |