Authentication is the process of establishing to a specified Level Of Assurance that the Identification is authentic.

Authentication for most of our purposes is the process a Digital Identity Asserting Claims to a Verifier which uses Authentication Methods to provide confidence in the Claims.

Authentication is a Facet Of Building Trust and there maybe differing Level Of Assurances.

Authentication process consists of two basic steps: (RFC 4949)

Authentication Definition#

Authentication[1] (from Greek αυθεντικός; real or genuine, from authentes; author) is the act of establishing or confirming something or someone as authentic.

"the real-time corroboration of a person's claimed digital Identity with an implied or notional level of trust." (Gartner defines "user authentication"

"The process of establishing confidence in the Digital Identity of users or information systems" (NIST.SP.800-63—2),

ISO 24745 - process of establishing an understood Level Of Confidence that a specific entity or claimed identity is genuine

Authentication Components#

Authentication Challenges#

There are many Authentication Challenges


Victor the (Verifier) is an entity that must be convinced that Peggy (the prover or Claimant) knows some Authentication Factors to some Level Of Assurance.


The scenario we are most familiar with us when something or someone (a Digital Identity) presents (or claims) something. As an Example:
  • I am userid1
  • and my password is Xyz
The Identity Provider (IDP) then verifies that the asserted claims are genuine.

There are many Authentication Methods.

Authentication involves Trust#

In our modern day digital systems Authentication involves Trust that the Relying Party trusts the Identity Provider (IDP).

LDAP Authentication#

Some details on LDAP Authentication

Level Of Assurance#

The NIST Electronic Authentication Guideline determine the Level Of Assurance as to the Identity being asserted.

More Information#

There might be more information for this subject on one of the following: