Interactions between entities can be held without any knowledge about the identity of the participating subjects. Most commonly, there are some expectations about the actual identity of each subject. Content or interaction may be restricted/conditioned by the nature of the subject, as well logging and usability aspects will benefit from knowing who is whom. Authentication mechanisms and protocols are the key foundation used to prove the identity of a subject, and is usually held at domain borders, later enabling access control to resources and services.
This lecture will discuss authentication methods, mechanisms and protocols. First from a conceptual perspective, and then applied to specific scenarios commonly found in our daily interactions in smartphones, laptops and services.
Download Links: Portuguese English
Recommended reading:
- Security in Computing, 5th edition, C. P. Pfleeger, S. L. Pfleeger: Chap 4, Sec 5
- You can use your University email with SSO to access this resource
- Segurança em Redes Informáticas, A. Zúquete, Secs. 5.3, 5.4.1, 8.6.3, 8.9.2, Chap. 10