DynaPass Authentication Glossary

Two Factor Authentication Token

admin — Tue, 07 Feb 2012 16:00:02 +0000

During the two factor authentication process which utilizes “something you have,” the two-factor authentication token refers to a physical property such as a USB token or a smart card that a user has. A commonly used two factor authentication token is a USB token that a user can stick into a computer via the USB drive to authenticate themselves. Two Factor authentication tokens can be useful for organizations that have employees who need to access company data stored in different forms such as websites and company applications where tokens can be easy and convenient to use instead of remembering multiple static passwords.

User Authentication

admin — Tue, 07 Feb 2012 14:00:03 +0000

User authentication refers to identifying a user or entity and verifying that they are allowed access to restricted access. The most common way of identifying a user is through the use of a username and static password. Sometimes this refers to the CAPTCHA process of authenticating a user as human. In network security, user authentication refers to identifying a user along with which level of authorization their account may receive.

Machine-to-machine (M2M)

admin — Thu, 19 Jan 2012 22:55:48 +0000

Machine-to-machine, also known as M2M, refers to technologies that enable wireless or wired communication between mechanical or electronic devices. Machine to machine allows networked devices to exchange information and perform tasks without the need of human interaction, but humans may maintain, reconfigure, or access data from M2M technology. In machine to machine communication, devices(sensors or meters) are used to capture an event(data such as electricity usage) and relying it through a network to an application(software) which captures the event into meaningful information(for example, improve energy efficiency). M2M technology is used in many machines we interact with on a daily basis including city infrastructure, remote patient monitoring and security systems. M2M communication can be used, for example, to efficiently monitor your house’s electricity meter, monitor a patient’s health remotely, or even help you create a shopping list based on what is in your refrigerator. The potential applications of M2M will increase as wireless sensors, networks and computers improve.

Gramm-Leach-Bliley Act (GLBA)

admin — Thu, 19 Jan 2012 21:33:42 +0000

The Gramm-Leach-Bliley Act, also knowns as the Financial Services Modernization Act of 1999, became effective as of November 12, 1999 and was enacted by the 106th United States Congress and signed into law by President Bill Clinton. It was an act that allowed financial companies such as commercial banks, investment banks, securities firms, and insurance companies to consolidate. An example of this type of consolidation is Citigroup which was a merger of Citicorp, a commercial bank, and Travelers Group, the insurance company. The Gramm-Leach-Bliley Act requires financial institutions that offer consumers financial products or services to explain their information sharing practices to consumers and to safeguard sensitive data. The GLB Act includes the Financial Privacy Rule, the Model Form Rule, the Safeguards Rule and provisions that prohibit pretexting.

Mobile Authentication

admin — Tue, 17 Jan 2012 23:17:21 +0000

Any authentication solution that delivers any factor of the identification process through a mobile device is utilizing mobile authentication. This could be a one-time password transmitted through SMS text message or even email. Even an application on a mobile device that generates an OTP offline is also considered to be mobile authentication.

Family Educational Rights and Privacy Act (FERPA)

admin — Tue, 17 Jan 2012 21:38:28 +0000

Federal legislation FERPA (Family Educational Rights and Privacy Act of 1974) requires protection to be in place for personally identifiable information (PII) of students. If a school receives federal funding they are required by government regulatory compliance of FERPA to protect their student’s private info.

Smartphone

admin — Wed, 11 Jan 2012 18:00:38 +0000

Mobile phones with more advanced computing platforms are known as smartphones. Smartphones typically run applications with more functionality than traditional mobile phones as well as offering higher resolutions, touch screens and web browsing capabilities. Some authentication methods utilize smartphone technology for transmission of a one-time password through mobile applications.

Short Message Service (SMS)

admin — Wed, 11 Jan 2012 16:00:14 +0000

Widely accepted across the world an SMS text message is a form of communication through a PC, phone or mobile device where a short text message can be delivered using standardized communication protocols. Short Message Services are also used during some multi-factor and two-factor authentication processes as an out-of-band authentication method known as “something you have”. Something you have refers to the device used to receive a one-time password transmission after traditional login.

Pass Code

admin — Tue, 10 Jan 2012 19:42:27 +0000

Different from a password, a pass code is a numeric only version. The most common pass code used by almost everyone is a PIN for an ATM, the personal identification number is purely numeric. Pass codes do not offer a high level of security because the process for brute force cracking is much easier.

Web Access Management

admin — Tue, 10 Jan 2012 18:34:10 +0000

Web access management refers to security controls used to identify a user for authorized accessibility remotely. The process for web access management begins with authentication of the user based on a policy. At this point the system will usually log the user’s access for reporting, auditing and optional single sign-on accessibility.