An authentication server controls network access, providing authorization, privacy, and non-repudiation. It can be hardware or software-based and use various algorithms, including passwords and Kerberos. Proxy servers can also act as authentication servers, and security requirements should be analyzed before implementation.
An authentication server is a device that controls who can access a computer network. The goals of authentication are authorization, privacy, and non-repudiation. Authority determines what objects or data a user can have access to on the network, if any. Privacy prevents information from being disclosed to unauthorized persons. Non-repudiation is often a legal requirement and refers to the fact that the authentication server can log all network access along with identifying data, such that a user cannot repudiate or deny the fact that they have accessed or modified the data in question.
Authentication servers come in many different forms. The software that controls authentication can reside on a network access server computer, a router or other piece of hardware that controls network access, or some other network access point. Regardless of the type of machine hosting the authentication software, the term authentication server is still generally used to refer to the combination of hardware and software that fulfills the authentication function.
In addition to variations in hardware, there are several types of logic algorithms that can be used by an authentication server. The simplest of these authentication algorithms is generally considered to be the use of passwords. In a simple implementation, the authentication server can simply store a list of valid usernames and their corresponding passwords and authenticate all users attempting to connect to the network based on this list.
Kerberos is another type of authentication protocol, used for example in many Windows® authentication server systems and some online security or Internet security systems. There are three main aspects to Kerberos authentication: user identity authentication, secure packaging of the user’s name, and secure transmission of user credentials over the network. Kerberos authentication servers on Windows® operating systems are available for Windows XP®, Windows 2000® and Windows 2003® operating systems.
A proxy server is a server or computer that intercepts requests to and from an internal network and an external network, such as the Internet. Proxy servers sometimes act as authentication servers, as well as a number of other functions they can perform. There are many different options that can be used to implement authentication servers, including hardware, operating system, and software package requirements. Therefore, it is usually important for an organization to thoroughly analyze the security requirements before implementing an authentication server in the network environment.
Protect your devices with Threat Protection by NordVPN