| Author: Shivshanker Cheral 13 May 2008 | Member Level: Diamond | Rating:  Points: 2 |
There are two closely interlinked concepts at the heart of security for distributed applications - authentication and authorization.
www.c-sharpcorner.com/.../AuthenticationAndAuthorizatio11252005233533PM/AuthenticationAndAuthorizatio.aspx
Learn about the security models in Microsoft Internet Information Services (IIS) and ASP.NET that will allow you to authenticate your users appropriately ...
msdn.microsoft.com/en-us/library/ms978378.aspx
|
| Author: karthekeyan 13 May 2008 | Member Level: Diamond | Rating: Points: 2 |
www.codeproject.com/KB/asp/MultiUserLoginAuth.aspx
|
| Author: Sachin Kumar 15 May 2008 | Member Level: Gold | Rating: Points: 2 |
Authentication is the process of determining whether someone or something is, in fact, who or what it is declared to be. In private and public computer networks (including the Internet), authentication is commonly done through the use of logon passwords. Knowledge of the password is assumed to guarantee that the user is authentic. Each user registers initially (or is registered by someone else), using an assigned or self-declared password. On each subsequent use, the user must know and use the previously declared password. The weakness in this system for transactions that are significant (such as the exchange of money) is that passwords can often be stolen, accidentally revealed, or forgotten.
For this reason, Internet business and many other transactions require a more stringent authentication process. The use of digital certificates issued and verified by a Certificate Authority (CA) as part of a public key infrastructure is considered likely to become the standard way to perform authentication on the Internet.
Logically, authentication precedes authorization (although they may often seem to be combined).
|