Audit Information systems & IT Security
Audit Information systems & IT Security
Menu

: Home

: Terminology

: Best Practice
: : COBIT
: : ISO 27002 (ISO 17799)
: : ISO 27001
: : ISO 27000 Series
: : ISO 20000 - ITIL
: : COSO
: : Info Security Policy
: : Security Domains

: SOX

: Links
: : Organisations
: : Standards Orgs
: : Audit Links
: : Security Links

: The News Page

: Your IP Address

: Contact
: Legal Disclaimer
Search







Audit Information systems & and IT Security

Information System audit and IT Security

Definitions and Terminology

A B C D E F G H I J K L M N O P Q R S T U V W X Y Z


Authentication


The act of verifying the identity of a user and the user’s eligibility to access computerised information. Authentication is designed to protect against fraudulent logon activity.

source: COBIT 4.0

the provision of assurance of the claimed identity of an entity. In case of user authentication, users are identified either by knowledge (e.g., password), by possession (e.g., token) or by a personal characteristic (biometrics). Strong authentication is either based on strong mechanisms (e.g., biometrics) or makes use of at least two of these factors (so-called multi-factor authentication).

source: ISO/IEC18028-4, 2005

The process of verifying that an individual or data really is who or what it is proclaimed to be. It is often used as a prerequisite for permitting access to resources in a system.

source: D. Schweitzer, 2003, Incident Response: Computer Forensics Toolkit

Process of verifying identity of an individual, device, or process

source: PCI DSS, 2008


Google
 
Web www.audit-is.com

 

 



   
Auditing Security and IT Systems
Copyright 2006-2008. All Rights Reserved. Something missing on this page? Let us know