|
|
Electronic data networks are becoming ubiquitous and demanding stronger secure access control and protection from unauthorized access. The changing network dynamics and increased security levels have driven new requirements in access control management solutions. Stronger forms of authentication, such as two-factor, three-factor authentication systems, and other public key infrastructure solutions are now being used to manage users who are accessing networks and controlling access to network resources.
Secure access through strong user authentication is becoming increasingly essential. Strong user authentication is typically achieved by implementing multifactor authentication technology. Examples include one-time password (OTP) solutions, hardware tokens, s/key, and smart cards.
Cisco Secure Access Control Server (ACS) provides support for two-factor authentication in a centralized access management solution for managing users and network infrastructure resources with OTP solutions.
Identification and authentication (I&A) is a two-step process that governs user access to a network or a resource in the network.
Identification, which is the first step of the process, determines the identity of the user. The identification component of an access control system can be based on one of the following attributes:
Username or user ID
Computer or system name
MAC address (Layer 2)
IP address (Layer 3)
Process name or process ID (PID)
Authentication is the second step in the process of verifying the identification provided earlier. The authentication component can be based on one of the following attributes:
Simple password (one-factor)
Multiple passwords (two-factor)
Personal identification number (PIN)
Shared secret key
Certificate
Token
Pass-phrase
Biometric
|
|