A Professional Internet Security Provider

Timely Security Issues HIPAA Compliance Small Business IT Safety Solutions SNMP and DHCP Web Worms Honeypots SOAP/XML Interfaces Service Offerings Custom VPN Work Security Certification Policy Facilitation Intrusion Detection Systems Integration Other Services Products and Partners Security Toolkit Spam Control Custom Software Partners Resource Library Internet Security Corporation About Us

Authentication Servers What is an Authentication Server? The server part of a VPN, basically: A program that runs on a secure machine on your network to conduct the authentication interview by issuing a challenge and evaluating the response to it. It generally operates in close cooperation with your firewall to grant access by authenticated parties. What does one do? It begins by making sure that all of the components required to perform the authentication are intact. It challenges the unauthenticated party for some form of identifcation, usually a UserID. Then it determines the authentication method or methods to employ, usually a password, plus other factors such as a cryptographic token, or some kind of one time password, and/or biometric data: it issues the authentication challenge and collects the response. If the response is what was expected, the server grants access, sometimes additionally informing the firewall that the remote user may pass through the screening filter(s). Do I need one? If you have remote personnel, affiliates, partners, vendors, or customers who need to access your network you need to be absolutely certain that they are who they claim to be when they request access. The only way you can be sure is if they are processed successfully by an authentication server of some kind. What is a cryptographic token? It is a hand held device that processes a challenge and encrypts it for presentation to the authentication server as a response, either using a preloaded private key or algorithm, or user data. Look at some examples. What is biometric data? Biometric data can consist of plain, compressed, and/or encrypted information about you the user, taken from some physical part of your body by a device attached either to a token (above) or to the machine to be accessed. It is fingerprint (AFIS compliant data compatible with FBI fingerprint databases) data, retinal data, or facial wireframe shape information. As of 2001, these are the only forms of biometric identification available and on the market. How To Reach Us

---

webmaster@internet-security-corp.com

Last modified: Thu Jun 27 18:54:39 PDT 2002