Mutual authentication

Mutual authentication or two-way authentication (sometimes written as 2WAY authentication) refers to two parties authenticating each other suitably. In technology terms, it refers to a client or user authenticating themselves to a server and that server authenticating itself to the user in such a way that both parties are assured of the others' identity. When describing online authentication processes, mutual authentication is often referred to as website-to-user authentication, or site-to-user authentication.

Typically, this is done for a client process and a server process without user interaction.

Mutual SSL provides the same things as SSL, with the addition of authentication and non-repudiation of the client authentication, using digital signatures. However, due to issues with complexity, cost, logistics, and effectiveness, most web applications are designed so they do not require client-side certificates.

As the Financial Services Technology Consortium put it in its January 2005 report, "Better institution-to-customer authentication would prevent attackers from successfully impersonating financial institutions to steal customers' account credentials; and better customer-to-institution authentication would prevent attackers from successfully impersonating customers to financial institutions in order to perpetrate fraud."

See also

• Computer security
• Secure channel
• Digital signature
• Mobile signature
• Two-factor authentication
• Pharming

References

External links

• New Generation of Mutual Phone Authentication

• Mutual Authentication for Web Services: A Live Example

• How to prevent phishing with mutual authentication - How to stop phishing with mutual authentication
• Mutual Authentication as a mobile application-based security token.

This computer security article is a stub. You can help Wikipedia by expanding it.v · Categories: Authentication methods Computer access control Computer security stubs Wikimedia Foundation. 2010. Игры ⚽ Поможем сделать НИР Andy McAvin List of Governors of Adamawa State Look at other dictionaries: mutual authentication — abipusė patikra statusas Aprobuotas sritis informacija, informacinės technologijos ir informacinė visuomenė apibrėžtis Nuskaitymas, kai patikros sistema ir tikrinamasis dokumentas apsikeičia duomenimis, tikrindami vienas kito autentiškumą.… …   Lithuanian dictionary (lietuvių žodynas) mutual authentication —    A feature of authentication schemes such as Kerberos that requires both the client and the server to prove their identity to each other before authentication can proceed.    See also Kerberos …   Dictionary of networking Mutual — may refer to: Mutual organization, where customers derive a right to profits and votes Mutual information, the intersection of multiple information sets Mutual insurance, where policyholders have certain ownership rights in the organization… …   Wikipedia Extensible Authentication Protocol — Extensible Authentication Protocol, or EAP, is a universal authentication framework frequently used in wireless networks and Point to Point connections. It is defined in RFC 3748, which has been updated by RFC 5247. Although the EAP protocol is… …   Wikipedia Challenge-response authentication — For the spam filtering technique, see Challenge response spam filtering. For other uses, see CRAM (disambiguation). In computer security, challenge response authentication is a family of protocols in which one party presents a question (… …   Wikipedia Two-factor authentication — (TFA, T FA or 2FA) is an approach to authentication which requires the presentation of two different kinds of evidence that someone is who they say they are. It is a part of the broader family of multi factor authentication, which is a defense in …   Wikipedia Multi-factor authentication — Multi factor authentication, sometimes called strong authentication, is an extension of two factor authentication. This is the Defense in depth approach of Security In Layers applied to authentication. While two factor authentication only… …   Wikipedia Closed-loop authentication — Closed loop authentication, as applied to computer network communication, refers to a mechanism whereby one party verifies the purported identity of another party by requiring them to supply a copy of a token transmitted to the canonical or… …   Wikipedia Lightweight Extensible Authentication Protocol — The Lightweight Extensible Authentication Protocol (LEAP) is a proprietary wireless LAN authentication method developed by Cisco Systems. Important features of LEAP are dynamic WEP keys and mutual authentication (between a wireless client and a… …   Wikipedia Comparison of open source configuration management software — This is a comparison of free (libre) and open source configuration management software. Contents 1 Basic properties 2 Platform support 3 Short descriptions 4 Refere …   Wikipedia 18+ © Academic, 2000-2024 Contact us: Technical Support, Advertising Dictionaries export, created on PHP, Joomla, Drupal, WordPress, MODx. Mark and share Search through all dictionaries Translate… Search Internet Share the article and excerpts Direct link … Do a right-click on the link above and select “Copy Link”