Difference between revisions of "Authentication"

From CIPedia
Jump to navigation Jump to search
(References)
(13 intermediate revisions by the same user not shown)
Line 7: Line 7:
 
====[[Australia]] ====  
 
====[[Australia]] ====  
 
{{definition|Authentication: The process of verifying the identity of a user, process or device as a prerequisite to allowing access to resources in a system. <ref>[https://www.staysmartonline.gov.au/glossary on-line glossary Stay Safe On-line]</ref>}}<br /><br/>
 
{{definition|Authentication: The process of verifying the identity of a user, process or device as a prerequisite to allowing access to resources in a system. <ref>[https://www.staysmartonline.gov.au/glossary on-line glossary Stay Safe On-line]</ref>}}<br /><br/>
 +
====[[Bolivia]] ====
 +
{{definition|Autenticación: Característica que permite identificar y validar la identidad de un usuario, servicio, proceso. <ref>[https://www.ctic.gob.bo/glosario/ Glosario. AGETIC: Agencia de Gobierno Electrónico y Tecnologías de la Información y Comunicación del Estado Plurinacional de Bolivia (CTIC-EPB)]</ref>}}<br /><br/>
 
====[[Brazil]] ====  
 
====[[Brazil]] ====  
 
{{definition|Auteneticacão: Medida de segurança destinada a proteger as comunicações contra a transmissão/recepção de mensagens falsas. <ref>[http://www.bombeiros.go.gov.br/wp-content/uploads/2012/06/16-Glosssario-de-Defesa-Civil-Estudo-de-Risco-e-Medicina-de-Desastres.pdf GLOSSÁRIO DE DEFESA CIVIL ESTUDOS DE RISCOS E MEDICINA DE DESASTRES, Ministério da Integração Nacional, Brazil]</ref>}}<br /><br/>
 
{{definition|Auteneticacão: Medida de segurança destinada a proteger as comunicações contra a transmissão/recepção de mensagens falsas. <ref>[http://www.bombeiros.go.gov.br/wp-content/uploads/2012/06/16-Glosssario-de-Defesa-Civil-Estudo-de-Risco-e-Medicina-de-Desastres.pdf GLOSSÁRIO DE DEFESA CIVIL ESTUDOS DE RISCOS E MEDICINA DE DESASTRES, Ministério da Integração Nacional, Brazil]</ref>}}<br /><br/>
 +
 
==== [[Burkina-Faso]] ====
 
==== [[Burkina-Faso]] ====
{{definition|Authentification: Identification d’un utilisateur et vérification de ses droits d’accès aux services d’un système informatique. Deux niveaux sont possibles : authentification simple utilisant une seule méthode d’identification généralement basée sur une preuve mentale (mot de passe par exemple) et authentification forte utilisant au moins deux méthodes d’identification: une preuve mentale et une preuve dynamique (carte à puce par exemple). <ref>[http://www.cirt.bf/index.php/referentiel/glossaire-2/ CIRT-BF Glossary]</ref>}}<br /><br/>
+
{{definition|Authentification: Identification d’un utilisateur et vérification de ses droits d’accès aux services d’un système informatique. Deux niveaux sont possibles : authentification simple utilisant une seule méthode d’identification généralement basée sur une preuve mentale (mot de passe par exemple) et authentification forte utilisant au moins deux méthodes d’identification: une preuve mentale et une preuve dynamique (carte à puce par exemple). <ref>[http://www.cirt.bf/index.php/referentiel/glossaire-2/ CIRT-BF Glossary]</ref>}}<br/><br/>
 +
==== [[Cameroon]] (Cameroun) ====
 +
{{definition|Authentification : critère de sécurité défini par un processus mis en œuvre notamment pour vérifier l’identité d’une personne physique ou morale et s’assurer que l’identité fournie correspond à l’identité de cette personne préalablement enregistrée. <ref>[https://www.unodc.org/res/cld/document/cmr/2010/loi_sur_la_cybersecurite_et_la_cybercriminalite_html/Loi_2010-012_cybersecurite_cybercriminalite.pdf LOI N°2010/012 DU 21 DECEMBRE 2010 RELATIVE A LA CYBERSECURITE ET LA CYBERCRIMINALITE AU CAMEROUN]</ref>}}<br/><br/>
 +
 
 +
==== [[Canada]] ====
 +
{{definition|Authentication: A process or measure used to verify a users identity. <ref>[https://www.cyber.gc.ca/en/glossary Glossary - Canadian Centre for Cyber Security]</ref><br/><br/>Authentification: Processus ou mesure permettant de vérifier l’identité d’un utilisateur. <ref>[https://www.cyber.gc.ca/fr/glossaire Glossaire - Centre Canadien pour la Cybersécurité]</ref>}}
 +
<br/><br/>
 +
====[[Czech Republic]]====
 +
{{definition|Autentizace: Proces ověření identity subjektu.  <ref name=CZglos>[https://www.govcert.cz/download/slovnik/vykladovy_slovnik_KB_2_vydani.pdf]</ref><br/><br/>Authentication: Process of verification of subject identity.  <ref name=CZglos>[https://www.govcert.cz/download/slovnik/vykladovy_slovnik_KB_2_vydani.pdf]</ref>}}
 +
<br />
  
 
====[[Egypt]] ====  
 
====[[Egypt]] ====  
Line 31: Line 43:
 
==== [[Netherlands]] ====  
 
==== [[Netherlands]] ====  
 
{{definition|Authenticatie: Het vaststellen van de identiteit van een gebruiker, computer of applicatie. <ref>[https://www.ncsc.nl/binaries/content/documents/ncsc-nl/actueel/cybersecuritybeeld-nederland/cybersecuritybeeld-nederland-2018/1/CSBN_2018.pdf Cyber Security Beeld Nederland 2018]</ref>}}<br/>
 
{{definition|Authenticatie: Het vaststellen van de identiteit van een gebruiker, computer of applicatie. <ref>[https://www.ncsc.nl/binaries/content/documents/ncsc-nl/actueel/cybersecuritybeeld-nederland/cybersecuritybeeld-nederland-2018/1/CSBN_2018.pdf Cyber Security Beeld Nederland 2018]</ref>}}<br/>
{{definition|Authenticatie: Het proces waarbij wordt nagegaan of een persoon, een (andere) computer of applicatie daadwerkelijk is wie hij beweert te zijn. <ref>[https://www.defensie.nl/binaries/defensie/documenten/beleidsnota-s/2017/06/13/abdo-2017/ABDO+2017.pdf ABDO 2017]</ref>}}<br/>
+
{{definition|Authenticatie: Het proces waarbij wordt nagegaan of een persoon, een (andere) computer of applicatie daadwerkelijk is wie hij beweert te zijn. <ref>[https://www.defensie.nl/binaries/defensie/documenten/beleidsnota-s/2017/06/13/abdo-2017/ABDO+2017.pdf ABDO 2017]</ref> <ref>[https://kennisopenbaarbestuur.nl/media/53867/handreiking-cybercrime.pdf Handreiking Cybercrime (2012)]</ref>]}}<br/>
 
{{definition|Authenticatie is het nagaan of een bewijs van identiteit van een gebruiker, computer of applicatie overeenkomt met vooraf vastgelegde echtheidskenmerken. <ref>[https://www.ncsc.nl/binaries/content/documents/ncsc-nl/actueel/cybersecuritybeeld-nederland/cybersecuritybeeld-nederland-2016/1/CSBN2016.pdf Cyber Security Beeld Nederland 2016]</ref>}}<br/>
 
{{definition|Authenticatie is het nagaan of een bewijs van identiteit van een gebruiker, computer of applicatie overeenkomt met vooraf vastgelegde echtheidskenmerken. <ref>[https://www.ncsc.nl/binaries/content/documents/ncsc-nl/actueel/cybersecuritybeeld-nederland/cybersecuritybeeld-nederland-2016/1/CSBN2016.pdf Cyber Security Beeld Nederland 2016]</ref>}}<br/>
 
{{definition|Het bewijzen en controleren van de geclaimde identiteit van een HANDELENDE PERSOON via een (set van) authenticatiemiddel(len) op een bepaald betrouwbaarheidsniveau. <ref>[https://www.idensys.nl/fileadmin/bestanden/idensys/documenten/basisdocumentatie/documentatieset/5._Begrippenlijst_eID_Afsprakenstelsel_v1.0.pdf Begrippenlijst eID Afsprakenstelsel, 2014]</ref>}}<br /><br/>
 
{{definition|Het bewijzen en controleren van de geclaimde identiteit van een HANDELENDE PERSOON via een (set van) authenticatiemiddel(len) op een bepaald betrouwbaarheidsniveau. <ref>[https://www.idensys.nl/fileadmin/bestanden/idensys/documenten/basisdocumentatie/documentatieset/5._Begrippenlijst_eID_Afsprakenstelsel_v1.0.pdf Begrippenlijst eID Afsprakenstelsel, 2014]</ref>}}<br /><br/>
Line 49: Line 61:
 
{{definition|Autenticación:  Procedimiento de comprobación de la identidad de un solicitante o titular de certificados de DNIe. (Sede del eDNI)  <ref name=SP_G>[http://www.hacienda.gob.es/Documentacion/Publico/SGT/CATALOGO_SEFP/014_MinHFP_diccionario_AE.pdf  Diccionario de términos y conceptos de la Administración Electrónica, Ministerio de Hacienda y Función  Pública Secretaría General Técnica, 2017]</ref>}}<br />
 
{{definition|Autenticación:  Procedimiento de comprobación de la identidad de un solicitante o titular de certificados de DNIe. (Sede del eDNI)  <ref name=SP_G>[http://www.hacienda.gob.es/Documentacion/Publico/SGT/CATALOGO_SEFP/014_MinHFP_diccionario_AE.pdf  Diccionario de términos y conceptos de la Administración Electrónica, Ministerio de Hacienda y Función  Pública Secretaría General Técnica, 2017]</ref>}}<br />
 
{{definition|Autenticación:  La autenticación es un servicio de seguridad que permite verificar la identidad. Una firma digital es un mecanismo que asegura la identidad del firmante del mensaje y por tanto su autenticidad. (Definición de la FNMT; confusa) <ref name=SP_G>[http://www.hacienda.gob.es/Documentacion/Publico/SGT/CATALOGO_SEFP/014_MinHFP_diccionario_AE.pdf  Diccionario de términos y conceptos de la Administración Electrónica, Ministerio de Hacienda y Función  Pública Secretaría General Técnica, 2017]</ref>}}<br/><br/>
 
{{definition|Autenticación:  La autenticación es un servicio de seguridad que permite verificar la identidad. Una firma digital es un mecanismo que asegura la identidad del firmante del mensaje y por tanto su autenticidad. (Definición de la FNMT; confusa) <ref name=SP_G>[http://www.hacienda.gob.es/Documentacion/Publico/SGT/CATALOGO_SEFP/014_MinHFP_diccionario_AE.pdf  Diccionario de términos y conceptos de la Administración Electrónica, Ministerio de Hacienda y Función  Pública Secretaría General Técnica, 2017]</ref>}}<br/><br/>
 +
==== [[Sri Lanka]]====
 +
{{definition|Authentication: In a network, the process by which the system attempts to ensure that the person logging on is the same person to whom the account was issued. <ref>[http://www.slcert.gov.lk/Downloads/Policies/19.doc National Centre for Cyber Security, Information Security Policy Domains #19: Glossary]</ref> }}<br/><br/>
 +
 +
 
==== [[United Kingdom]]====
 
==== [[United Kingdom]]====
{{definition|Authentication: the process of verifying the identity, or other attributes of a user, process or device. <ref>[https://www.octf.gov.uk/OCTF/media/OCTF/images/publications/Cybercrime/national_cyber_security_strategy-2016-2021.pdf National Cyber Security Strategy 2016-2021]</ref> }}<br/><br/>
+
{{definition|Authentication: the process of verifying the identity, or other attributes of a user, process or device. <ref>[https://www.octf.gov.uk/OCTF/media/OCTF/images/publications/Cybercrime/national_cyber_security_strategy-2016-2021.pdf National Cyber Security Strategy 2016-2021]</ref>}}
 
+
===== [[Bermuda]] =====
 +
{{definition| Authentication: the process or action of verifying the identity of a user or process. <ref>[https://www.gov.bm/sites/default/files/10999-National-Cybersecurity-Strategy.pdf National Cyber Security Strategy 2018-2022]</ref>}}
 +
<br/><br/>
  
 
==== [[United States]]====
 
==== [[United States]]====
Line 76: Line 94:
 
==References==
 
==References==
 
[[Category:Information]][[Category:Security]]
 
[[Category:Information]][[Category:Security]]
{{#set:defined by=IAEA|defined by=ISO|defined by=Australia|defined by=Brazil|defined by=Burkina-Faso|defined by=Egypt|defined by=France|defined by=Georgia|defined by=Hong Kong|defined by=Italy|defined by=Kuwait|defined by=Liberia|defined by=Netherlands|defined by=Oman|defined by= Philippines|defined by=Romania|defined by=Senegal|defined by=Spain|defined by=United Kingdom|defined by=United States|defined by=NIST|defined by=IETF|defined by=OWASP|defined by=ISA}}
+
{{#set:defined by=IAEA|defined by=ISO|defined by=Australia|defined by=Bermuda|defined by=Bolivia|defined by=Brazil|defined by=Burkina-Faso|defined by=Cameroon|defined by=Cameroun|defined by=Canada|defined by=Czech Republic|defined by=Egypt|defined by=France|defined by=Georgia|defined by=Hong Kong|defined by=Italy|defined by=Kuwait|defined by=Liberia|defined by=Netherlands|defined by=Oman|defined by= Philippines|defined by=Romania|defined by=Senegal|defined by=Spain|defined by=Sri Lanka|defined by=United Kingdom|defined by=United States|defined by=NIST|defined by=IETF|defined by=OWASP|defined by=ISA}}
 +
{{#set: Showmainpage=Yes}}

Revision as of 16:42, 11 December 2020

Definition

International Definitions

IAEA

Authentication is the provision of assurance that a claimed characteristic of an entity is correct. [1]



National Definitions

Australia

Authentication: The process of verifying the identity of a user, process or device as a prerequisite to allowing access to resources in a system. [2]



Bolivia

Autenticación: Característica que permite identificar y validar la identidad de un usuario, servicio, proceso. [3]



Brazil

Auteneticacão: Medida de segurança destinada a proteger as comunicações contra a transmissão/recepção de mensagens falsas. [4]



Burkina-Faso

Authentification: Identification d’un utilisateur et vérification de ses droits d’accès aux services d’un système informatique. Deux niveaux sont possibles : authentification simple utilisant une seule méthode d’identification généralement basée sur une preuve mentale (mot de passe par exemple) et authentification forte utilisant au moins deux méthodes d’identification: une preuve mentale et une preuve dynamique (carte à puce par exemple). [5]



Cameroon (Cameroun)

Authentification : critère de sécurité défini par un processus mis en œuvre notamment pour vérifier l’identité d’une personne physique ou morale et s’assurer que l’identité fournie correspond à l’identité de cette personne préalablement enregistrée. [6]



Canada

Authentication: A process or measure used to verify a users identity. [7]

Authentification: Processus ou mesure permettant de vérifier l’identité d’un utilisateur. [8]



Czech Republic

Autentizace: Proces ověření identity subjektu. [9]

Authentication: Process of verification of subject identity. [9]


Egypt

Authentication: [Any] Security measure designed to establish the validity of a transmission, message, or originator, or a means of verifying an individual’s eligibility to receive specific categories of information. [10]



France

L’authentification a pour but de vérifier l’identité dont une entité se réclame. [11]

Généralement l’authentification est précédée d’une identification qui permet à cette entité de se faire reconnaître du système par un élément dont on l’a doté. En résumé, s’identifier c’est communiquer son identité, s’authentifier c’est apporter la preuve de son identité.

Georgia

Authentication is the process of verifying and securing the identity of a user or a program when accessing electronically secured data and systems or when performing communication processes. [12]

In the authentication process, a certain attribute of a user or system certifies authorized access to such systems or data, for example, a key (see public key cryptography), a smart card, a password, the user name or even biometrical traits (fingerprint). A higher security level can be achieved by the combination of different traits used for authentication.

Hong Kong

認證 : 用以辨識及證明嘗試發出信息或接達數據的用戶╱一方身份的 程序或方法。信息認證指用以證明特定資訊的完整性的程序。

Authentication: A process or method to identify and to prove the identity of a user/party who attempts to send message or access data. [13]



Italy

Autenticazione: Verifica dell’identità o di altre caratteristiche di un utente, di un dispositivo o di una procedura ovvero dell’originatore e dell’integrità dei dati. [14]

Costituisce spesso una condizione per accedere ai sistemi informativi e di comunicazione. A tal fine vengono frequentemente impiegati metodi che associano vari strumenti di riconoscimento, quali dati biometrici, tesserini identificativi, password, etc.

Kuwait

Authentication: The process of corroborating an identity. A Authentication can be unilateral or mutual. Unilateral authentication provides assurance of the identity of only one principal. Mutual authentication provides assurance of the identities of both principals. The provision of assurance of the claimed identity of an entity. [15]



Liberia

Authentication: A security measure designed to verify an individual's authorization to access computer or security information. [16]



Netherlands

Authenticatie: Het vaststellen van de identiteit van een gebruiker, computer of applicatie. [17]


Authenticatie: Het proces waarbij wordt nagegaan of een persoon, een (andere) computer of applicatie daadwerkelijk is wie hij beweert te zijn. [18] [19]]


Authenticatie is het nagaan of een bewijs van identiteit van een gebruiker, computer of applicatie overeenkomt met vooraf vastgelegde echtheidskenmerken. [20]


Het bewijzen en controleren van de geclaimde identiteit van een HANDELENDE PERSOON via een (set van) authenticatiemiddel(len) op een bepaald betrouwbaarheidsniveau. [21]



Oman

Authentication is the process of confirming the correctness of the claimed identity. [22]



Philippines

Authentication: the process of identifying an individual, usually based on a username and password. This is defined as single factor authentication. If another factor, such as a token or PIN, is required in addition to the first one this is defined as 2-factor authentication. [23]



Romania

Autentificare: Dovadă prin care se confirmă veridicitatea unui atac, document, înscris. [24]



Senegal

Authentification: L'authentification pour un système informatique est un processus permettant au système de s'assurer de la légitimité de la demande d'accès faite par une entité (être humain ou un autre système) afin d'autoriser l'accès de cette entité à des ressources du système (systèmes, réseaux, applications) conformément au paramétrage du contrôle d'accès. [25]



Spain

Autenticación: Es un proceso electrónico que posibilita la identificación electrónica de una persona física o jurídica, o del origen y la integridad de datos en formato electrónico. [26]


Autenticación: Acreditación por medios electrónicos de la identidad de una persona o ente, del contenido de la voluntad expresada en sus operaciones, transacciones y documentos, y de la integridad y autoría de estos últimos. (Definición en Ley 11/2007 ya derogada. Creaba confusión al confundir autenticación y firma) [26]


Autenticación: Procedimiento de comprobación de la identidad de un solicitante o titular de certificados de DNIe. (Sede del eDNI) [26]


Autenticación: La autenticación es un servicio de seguridad que permite verificar la identidad. Una firma digital es un mecanismo que asegura la identidad del firmante del mensaje y por tanto su autenticidad. (Definición de la FNMT; confusa) [26]



Sri Lanka

Authentication: In a network, the process by which the system attempts to ensure that the person logging on is the same person to whom the account was issued. [27]




United Kingdom

Authentication: the process of verifying the identity, or other attributes of a user, process or device. [28]
Bermuda
Authentication: the process or action of verifying the identity of a user or process. [29]



United States

NIST
Verifying the identity of a user, process, or device, often as a prerequisite to allowing access to resources in an information system. [30]



Other definitions

OWASP

Authentication is the process of verifying that someone or something is the actual entity that they claim to be. [31]

Authentication is what happens when you log into a system. It compares your credentials (often user name and password) with a previously established known value such that the system can know that you are who you say you are. For sensitive systems, there is a trend toward using two factor authentication (2FA) which essentially means that users must supply two different secrets, usually one is a password (something they know) and the other is a pin supplied via text (verifying something they have).

International Standard

ISA-62443-*

Authentication: Provision of assurance that a claimed characteristic of an identity is correct. [32]



IETF
Authentication: The process of verifying an identity claimed by or for a system entity. [33]



ISO/IEC - ISO/IEC 27000:2014

Authentication is a process that is used to confirm that a claimed characteristic of an entity is actually correct. To authenticate is to verify that a characteristic or attribute that appears to be true is in fact true. [34]


See also

Notes

  1. IAEA - Nuclear Security Series Glossary Version 1.3 (November 2015)
  2. on-line glossary Stay Safe On-line
  3. Glosario. AGETIC: Agencia de Gobierno Electrónico y Tecnologías de la Información y Comunicación del Estado Plurinacional de Bolivia (CTIC-EPB)
  4. GLOSSÁRIO DE DEFESA CIVIL ESTUDOS DE RISCOS E MEDICINA DE DESASTRES, Ministério da Integração Nacional, Brazil
  5. CIRT-BF Glossary
  6. LOI N°2010/012 DU 21 DECEMBRE 2010 RELATIVE A LA CYBERSECURITE ET LA CYBERCRIMINALITE AU CAMEROUN
  7. Glossary - Canadian Centre for Cyber Security
  8. Glossaire - Centre Canadien pour la Cybersécurité
  9. 9.0 9.1 [1]
  10. Glossary of the National Telecom Authority (NTA), Egypt
  11. ANSSI Glossaire
  12. A Digital Georgia e-Georgia strategy and action plan 2014-2018
  13. Glossary for Information Security Terms/資訊保安詞彙表
  14. IL LINGUAGGIO DEGLI ORGANISMI INFORMATIVI Glossario (2013)
  15. Glossary Communication and Information Technology Regulatory
  16. Government of Liberia’s Policy for the Telecommunications and Information Communications Technology (ICT) sectors
  17. Cyber Security Beeld Nederland 2018
  18. ABDO 2017
  19. Handreiking Cybercrime (2012)
  20. Cyber Security Beeld Nederland 2016
  21. Begrippenlijst eID Afsprakenstelsel, 2014
  22. Oman CERT Glossary
  23. NHS Cyber security glossary
  24. GLOSAR de termeni din domeniul ordinii şi siguranţei publice, MINISTERUL ADMINISTRAŢIEI ŞI INTERNELOR DIRECŢIA GENERALĂ ORGANIZARE, PLANIFICARE MISIUNI ŞI RESURSE
  25. STRATÉGIE NATIONALE DE CYBERSÉCURITÉ DU SÉNÉGAL (SNC2022)
  26. 26.0 26.1 26.2 26.3 Diccionario de términos y conceptos de la Administración Electrónica, Ministerio de Hacienda y Función Pública Secretaría General Técnica, 2017
  27. National Centre for Cyber Security, Information Security Policy Domains #19: Glossary
  28. National Cyber Security Strategy 2016-2021
  29. National Cyber Security Strategy 2018-2022
  30. NIST SOURCE: SP 800-53; SP 800-53A; SP 800-27; FIPS 200; SP 800-30
  31. OWASP Glossary
  32. ISA-62443 series
  33. RFC2828 glossary
  34. ISO/IEC 27000:2014, Information technology -- Security techniques -- Information security management systems -- Overview and vocabulary

References