How does authentication work?

Cybersecurity incidents continue to make headlines. Recent breaches like those at SolarWinds, Colonial Pipeline, and the Microsoft Exchange Server show us how vulnerable systems are to breaches and ransomware attacks.

Countries around the world are stepping up their security measures. In early 2021, The president of the United States, Joe Biden, signed an executive order (EO) to improve cybersecurity in the U.S. And unlike its predecessor, the Cybersecurity Act of 2015, which only encouraged public and private sector entities to share cyber threat information, the new EO makes it a requirement.

With this and our ongoing series about the Security-of-Security in mind, we thought this would be a great time to look more closely at what authentication is and how it works.  

 

 

What is authentication?

In general terms, authentication is the process of validating the identity of an entity-user, server, or client app before granting access to a protected resource.  

Client-side authentication uses username/password combinations, tokens, and other techniques while server-side authentication uses certificates to identify trusted third parties. As the name suggests, two-factor authentication, like that proposed in CNAP, refers to two forms of authentication used in combination. 

While we're all familiar with how usernames and passwords work, tokens and certificates might be less familiar to you. 

What's up with tokens & certificates?

Tokens

A token is a form of claims-based authentication achieved through the presentation of valid, signed information. It works the way a boarding pass does when you fly. After all, you don't just walk up to a gate and present your passport. Instead, you are authenticated based on your picture ID and ticket and then given a boarding pass. The boarding pass is the verified claim made about you by the airline.   

Certificates

A digital certificate is an electronic document used to prove the ownership of a private key, to establish trust between its owner and an entity wishing to communicate with that owner. In addition to information about the private key and the owner, a digital certificate includes the digital signature of a signer which attests to the authenticity of the content. Ultimately, it confirms that communication is with the right entity/owner.   

One of the most common uses of certificates is for HTTPS-based websites. In this case, a web browser will validate that a web server is authentic to ensure that the website is who it claims to be and that communication between the user and the website is secure.   

Why authentication is a key component of your security infrastructure

When it comes to your physical security system, authentication is an important tool to ensure that the right person is accessing your resources. It both prevents unauthorized access and ensures that your security personnel, and not something else, is accessing your system when they log in. This means that hackers can't pretend to be a security server to take control of, manipulate, or copy your valuable and sensitive data.   

Once these identities have been authenticated, the next step in maintaining the security of your security system is managing who can access what part of your security system. 

Check out this blog post to learn about authorization mechanisms.