Proof of authorization (identification technology)

from Wikipedia, the free encyclopedia
This article is not adequately provided with supporting documents (for example individual proofs ). Information without sufficient evidence could be removed soon. Please help Wikipedia by researching the information and including good evidence.
This article needs to be revised: This is wrong in front and behind: engl. credentials describes it accurately, here it is pseudo-technical, shortened and falsified. A high school diploma is of course a credential , but not a password-protected access to a system which, in turn, is not a credential in German usage. If no one takes pity, the only thing left is deletion . The reference to Engl. WP goes wrong by the way: if that would have to refer to login credentials . In the German WP there is a login (information technology) . - Tangomoos ( discussion ) 17:09, Aug. 12, 2018 (CEST)
Please help to improve it and then remove this mark.

A credential ( English credential ) is an instrument that a system, the identity is to confirm from another system or user. An identity known in the system is required. Proof is usually provided after the identity has been named in the form of a user ID in connection with an authentication feature .

Credentials identification documents, certificates, passwords or results may be cryptographic methods or physical components for access or admission as smart cards or keys .

Proof of authorization in the case of unknown identity must be implemented using asymmetric keys. Then the user must have at least one matching complementary key.

Example situation

A user wants to log on to a system as a client in order to e.g. B. to access a protected resource . In order to authenticate, the user as the client first gives his identity and then gives his user ID and password as proof of authorization, which the server can use to authenticate him.

The following processes must be carried out for this:

  • Identification: The user reveals his identity.
  • Authentication (or also authentication ): The identity of the user is confirmed by entering a user ID and the user is accepted for the required access rights based on the authentication feature.
  • Authorization : It is checked whether the user in question has the necessary rights , i.e. is authorized to access the required resources, so that a controlled opening of the protection of the IT resource can take place according to the set access rights. The authorization level entered allows a user to edit or delete certain files or processes based on preset rights.