Back to Security Pattern Catalog




Authentication Enforcer


Classification Key : Perimeter Security, Spoofing

Problem

A malicious attacker might try to impersonate a legitimate user to have access to the user's resources. This could be even more serious if the impersonated user has a high level of privilege. How to prevent agents who are not allowed from entering the system?

Solution

Create a single point of access to receive the interactions of a subject and apply a protocol to verify the identity of the subject. Create a proof of identity if subject is successfully authenticated.

Known Uses

Centralized authentication service in RADIUS.

Related Patterns

Single Access Point, Policy Enforcement Point

Source

Wiley Book

Tags

Authentication, Component


 

Last modified: May 05, 2012

Conceived and Maintained by: Munawar Hafiz