Featured:
Allergies
Tech Know
Grilling Guide
eHow Now Blog

What Is Two-Way Authentication?

Two-way authentication refers to the mechanism in computer security where both the client and server authenticate each other with certificates. A certificate is a form of guarantee that the information is obtained from the intended entity and not from a malicious entity. Due to cost of implementation, the mechanism is rarely used in client-server based systems. However, it may be used in peer-to-peer communication.

  1. Certificate Based Authentication

    • Assume that two communicating entities are Alice and Bob. In a certificate-based authentication mechanism, Alice gets a certificate signed by a certifying authority. The certificate can be provided by companies such as Symantec VeriSign. This certificate ensures that the information obtained by Bob is certified to be from Alice.

    Two-Way Authentication

    • In a two-way authentication mechanism, both Alice and Bob exchange certificates. Therefore, both Alice and Bob can be sure that they are communicating with each other.

    Advantage

    • Two-way authentication ensures a higher level of security compared to one-way authentication, where only one of the communicating entities is authenticated with a certificate. Both Alice and Bob can be sure that they know each others' identity.

    Disadvantages

    • Two-way authentication has higher cost compared to one-way authentication. Both Alice and Bob have to obtain certificates. In comparison, in one way authentication, only one of Alice or Bob has to obtain the certificate. In a client-server based communication mechanism, implementing two-way authentication via certificates can be more involved. For example, in a webmail-based system, each user with an email address would need to obtain a certificate. Further, the certificate must be obtained from an authority that the webmail provider approves. Therefore, most client-server schemes authorize the server with certificates but do not implement client side certificates.

Related Searches:

References

Resources

Comments

You May Also Like

  • How to Identify an Authentic Jimmy Choo Handbag

    When looking for a designer handbag, it is easy to fall victim to scams and end up with a fake. Many suppliers...

  • The Best Authentication Method

    Authentication is a security process by which electronic information is protected. In the human resources field, authentication devices are used to record...

  • Two Stage Authentication

    Individuals may occasionally seek access to secure information. To obtain access to this data, a user must verify his identity. This can...

  • Linux Authentication Methods

    There are dozens of authentication, authorization and accounting (AAA) protocols for Linux, each following its own rule set on how to manage...

  • How to Use Client Certificate Authentication

    Client certificate authentication encrypts all communications that flow in and out of your Exchange server. It essentially protects all your mailboxes from...

  • How to Identify Server Authentication

    Server authentication is a type of setting used in Microsoft Internet Information Services, or IIS. IIS is a Web hosting service available...

  • How to Create a Windows Server Certificate

    Windows server certificates enable authentication and authorization of both users and services, and many enterprise functions require them. IP security, for example...

  • TLS and SSL Tutorial

    In Internet security parlance, two communicating entities are usually referred to as Alice and Bob. Data transferred between Alice and Bob must...

  • How to Use Two Wireless Routers

    Because of the nature of wireless networks, it's a common task to want to connect to multiple wireless routers depending on your...

  • The Relationship Between SSL & TLS

    TLS and SSL Tutorial. In Internet security parlance, two communicating entities are usually referred to as Alice and Bob. Data transferred between...

  • What Is a Multi-Factor Authentication Mechanism?

    PC users can utilize computers to store and transfer information. Users may wish this data kept confidential for a number of reasons....

  • How to Configure a Broadband Router

    A broadband router is a networking device that allows computer users share vital resources, including printers, file servers and Internet connectivity. Though...

  • What Is EAP Authentication?

    Extensible Authentication Protocol (EAP) is the mechanism behind Internet and network security. It ensures that computers join certain networks legally, and it...

  • How to Have an "Alice in Wonderland" Birthday Party

    Throwing an "Alice in Wonderland" themed birthday party is easy as the story lends itself to specific foods, activities and décor. Playing...

  • JDBC ResultSet Example

    The Java Database Connectivity (JDBC) Application Programmer Interface (API) provides classes for connecting to and accessing tabular data, including relational ...

  • Biometric Authentication Techniques

    Biometric authentication is a security method used to protect physical and digital data. Fingerprints, irises, retinas, speech, facial features and other aspects...

Related Ads

thumbnail
Featured