These are some notes on how authentication can be done in an enterprise. This all falls under Identity and Access Management. Some ways of doing identity verification: Direct Authentication – app maintains user identity information Username / Password Smart cards Biometrics Federated Third-party authentication – SAML/OAuth Some ways of using identity: AuthN AuthZ Identity Delgation […]
Encryption and Certificates
Some quick notes on doing encryption. Encryption is a process, by which information can be transformed (encoded) in such a format, that only authorized parties can read (decode) the information, and unauthorized parties cannot. The purpose of encrypting information is to protect the sensitive data from unauthorized use. Symmetric and Asymmetric Encryption In a symmetric […]