Authentication and Authorization
As discussed in Chapter 3, SSL VPNs typically require that users identify themselves and prove their identities before granting access to internal resources.
Authentication
Authentication is usually achieved using one or more of the following factors:
Something only the user knows
Something only the user has
Something only the user is (i.e., a physical property of the user's person)
SSL VPN products support a variety of authentication schemes and leverage all three of the aforementioned methods of proving one's identity. Most commonly, users identify themselves using a username and authenticate using one of these several techniques:
Passwords
The user is supplied a secret password known only to the user and which is associated with the user's identification information (username). The SSL VPN compares this password to a copy of the password stored in a database or preferably performs a hash on the password and compares it to a previously hashed value of the correct...
