Security Concepts

From NovaOrdis Knowledge Base
Revision as of 20:35, 6 March 2017 by Ovidiu (talk | contribs) (Created page with "=Authentication= Authentication is the process of identifying a subject and verifying the authenticity of the identification information. The most common authentication mech...")
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to navigation Jump to search

Authentication

Authentication is the process of identifying a subject and verifying the authenticity of the identification information.

The most common authentication mechanism is username/password. Other mechanisms are available: public key, shared key, smart cards, etc.

In the context of JEE declarative security, the result of a successful authentication is called a principal.

Related subjects: HTTP Authentication.

Authorization

Authorization is the mechanism for granting or denying access to a resource based on identity.

In JEE, this is usually implemented by matching a principal with a set of actions they are or are not allowed to perform. This mapping is referred as a role.

!!!Encryption

|[CryptographicAlgorithms#EncryptionAndDecryption]

!!!SSL/TLS

|[SSL/TLS|SSLTLS#Overview]

!!!SSO

|[Single Sign-On]


!!!LDAP

|[LDAP]


__Referenced by:__\\ [{INSERT com.ecyrd.jspwiki.plugin.ReferringPagesPlugin WHERE max=20, maxwidth=50}]