[cap-talk] Definition of Authentication on wiki.erights.org
Matej Kosik
kosik at fiit.stuba.sk
Mon Sep 7 20:46:35 PDT 2009
Friends,
Karp, Alan H wrote:
> David-Sarah Hopwood wrote:
>> No, it shows that "authentication" is used with at least two distinct
>> meanings. But do we want to use the word "authentication" for two different
>> things, when we have other words (such as "verification") that are clearer
>> and more applicable to one of them? Note that it is the technical jargon
>> meaning of "authentication" in computer science that we are attempting to
>> define, *not* the everyday meaning (or the meaning in some other field
>> such as the study of antiquities).
>>
> I ran into a problem when describing ZBAC to people in the US Department of Defense. It took a couple of years for me to realize that they were using the word "authentication" in its broader sense. Given that this is a large community with widespread influence, I chose to change rather than try to change their usage. I now use "subject authentication" when I describe ZBAC, and I haven't experienced the disconnect since.
>
> Just so you know the problem isn't just one of the military, I ran into the same problem at SOUPS. Lorrie Cranor and MarcS were talking past each other about authentication versus authorization. It turns out she was talking about authenticating the authorization. Here, too, being careful to use the term "subject authentication" helped.
For me, the term "authentication" was mostly empty so I was willing to
fill it with something useful. David-Sarah's definition, now stated here:
http://wiki.erights.org/wiki/Authentication
fills this term with a useful meaning.
Many groups are operating with lot of empty, vague, circularly defined,
contradictory or PR terms. Do we have to unconditionally accept them?
There is no problem for us to change the language that is appropriate in
a given context (when interacting with other groups) but internally we
can maintain our language---record definitions of basic terms. Erights
wiki can perhaps serve also for this, useful purpose.
--
Matej Kosik
More information about the cap-talk
mailing list