ABSTRACT
Our first step in protecting a computing environment or cyberenvironment is to establish methodologies for determining how access may be gained to our environment. We usually divide this concern into two components that we call authentication and authorization. Our concern in providing authentication is basically to answer the question “Who are you?” In other words, this means the establishment of a mechanism for determining whether a party wishing to gain access is allowed to enter the system. In this case, the party in question might be either a human or a machine, the authentication process is initiated by that external party, and our system must respond appropriately.
