A primer on identity and access control
One of the fundamental tenets of security is to ensure only authorized entities gain access to the information, systems, networks, and other protected assets. Identification and access control have been practiced since the early days of civilization; in the Arabian Nights, we come across interesting stories weaved around passcodes and message encoding schemes to protect hidden treasures. We have come a long way since then.
Access cards, biometrics, passwords, physical security keys, and so on are widely used to control access in the human world. With the advent of web and e-commerce, several new protocols and trust models have emerged. These trust models heavily rely on applied cryptography to secure transactions in the cyber world. In the last decade, we have seen wireless authentication and authorization techniques developing at a fast pace to secure enterprise mobility, particularly BYODÂ practices. In this chapter, we will focus on trustworthy identity...