There are plenty of options for user authentication, but none is a "one-size-fits-all" solution. With so many available technologies, how do you select the right one for your organization's needs? "Systems architects sometimes get stuck on security planning, because it's hard . . .
There are plenty of options for user authentication, but none is a "one-size-fits-all" solution. With so many available technologies, how do you select the right one for your organization's needs? "Systems architects sometimes get stuck on security planning, because it's hard to choose among all the competing products and technologies. And nothing is tougher than finding a reliable means to identify and authenticate the user population. Reliable authentication is essential, of course, because so many security mechanisms base their accept/reject decisions on user identity. But there's no overall consensus about methods-that is, about the best way to authenticate someone in a given setting. Some security "experts" will tout a particular technology (biometrics, for instance, or PKI) as a one-size-fits-all solution. Others may rely on whatever off-the-shelf technology lies immediately at hand. The problem is that selecting a specific technology before you implement the general structure or "design pattern" of the solution is like putting the cart in front of the horse."