ABSTRACT
This chapter will show the importance of authentication and assurance, along with confidentiality. A key concept in authentication is the way that different entities authenticate themselves. The main methods are: one-way server authentication; one-way client authentication; and mutual authentication. With one-way server authentication, the server sends its authentication credentials to the client, such as with a digital certificate. The client then checks this and will verify that it has been created by an entity which it trusts. With one-way client authentication, the client proves its identity to the server. This might be though a hardware address, a nonce, or an Internet Protocol address. With two-way authentication, both the client and the server identify themselves to each other, and is thus the most secure method, as we reduce the risk of a spoof device on either end. Digital certificates are used by many devices, such as for servers to prove their identity, and for smart cards to provide their public keys.
