By: Taban Khajehnassiri
This article first published as the editorial of WWN, Dec 18, 1999. It gives what we do literally know about "authentication" in our on-line activities.
Last week, I received an e-mail from a student from the Technical
University MultiMedia Art of Salzburg in Austria currently working on a
project about "authentication" concerning the Internet and new
technologies in the Arabic World and the Near East. To me, the survey
itself was really interesting. It brought me this valuable question that
what we do literally know about "authentication" in our on-line
activities. Here, I have excerpted the meaning that a dictionary gives
(the denotation) for "authentication" from the e-mail itself I received :
Authentication
"The process of identifying an individual, usually based on a username and
password. In security systems, authentication is distinct from
authorization , which is the process of giving individuals access to
system objects based on their identity. authentication merely ensures that
the individual is who he or she claims to be, but says nothing about the
access rights of the individual."
To elaborate this, let me give you an example. Suppose you receive a
telephone call. The caller wants to conduct an interview with you. The
caller claims that he or she is from a Newspaper (or radio station, or TV
channel, ...) and wants to ask you some questions regarding something...
er I don't know, for instance, this very WEBFAQT WEEKLY NEWS! :) What
would you do first? I believe, the first step you would take is to make
sure he or she is real and the right person for this. You may ask the
caller to give you a telephone No. from that organization or fax you a
request on a letterhead. Then, you will call him or her back. Simply, you
want to proceed a process called "authentication". It is a very
discussable issue in the era of Computer Connections, Internet and
communications. What do we do when we want to authenticate our activities
on-line? The received e-mail brought me this feeling that in Iran we
haven't discussed all aspects of authentication. Is there a discussion
about authentication in our country? If yes, what exactly has been
discussed? Did any consequences come out of such discussions? What do you
think about authentication? We are trying to open up this discussion to
our subscribers and readers around the world. You may receive this edition
of WWN in Iran, in the UAE, in England, in Sweden, in Denmark, in the
United States, in Australia, but wherever you are, please think twice,
you surely know something that we don't. Share your knowledge and
experiences with your friends. Let's discuss the question of
authentication.