chapter  3
Authentication
Pages 78

Authentication is the security discipline for verifying an entity requesting access to system resources or applications. The entity might be a person or a nonperson such as router, firewall, application, database, or other system component. The service providing the verification is called the verifier and typically performs this for the system resource or application that is the relying party. There are many authentication methods, but all can be categorized into discrete groups called authentication factors. Each factor has advantages and disadvantages, depending on the type of entity and the environment in which it is used-whimsically called the good, the bad, and sometimes the ugly. X9 standards such as X9.117 [60] provide the following definitions:

• Single-factor authentication: Authentication of one entity to another using only one authentication technique (note: a credential could contain more than one factor).