Computer access control

smartcard for cellular devices containing authentication information necessary for connecting to the cell network

An HTTP cookie is a small block of data created by a web server while a user is browsing a website and placed on the user's computer or other device by the user's web browser. Cookies are placed on the device used to access a website, and more than one cookie may be placed on a user's device during a session.

thumb|ATM user authenticating himself Authentication (from authentikos, "real, genuine", from αὐθέντης authentes, "author") is the act of proving an assertion, such as the identity of a computer system user. In contrast with identification, the act of indicating a person or thing's identity, authentication is the process of verifying that identity.

thumb|A screenshot of the English Wikipedia login screen in mobile mode

Stuxnet is a malicious computer worm first uncovered on 17 June 2010 and thought to have been in development since at least 2005. Stuxnet targets supervisory control and data acquisition (SCADA) systems and is believed to be responsible for causing substantial damage to the Iran nuclear program after it was first installed on a computer at the Natanz Nuclear Facility in 2009. Although neither the United States nor Israel has openly admitted responsibility, multiple independent news organizations claim Stuxnet to be a cyberweapon built jointly by the two countries in a collaborative effort know

authentication method in which a computer user is granted access only after successfully presenting two or more pieces of evidence (or factors) to an authentication mechanism

alt=Comparison of SIM card sizes|thumb|Evolution of SIM cards. An eSIM is not removable.

Authorization or authorisation (see spelling differences), in information security, computer security and IAM (Identity and Access Management), is the function of specifying rights/privileges for accessing resources, in most cases through an access policy, and then deciding whether a particular subject has privilege to access a particular resource. Examples of subjects include human users, computer software and other hardware on the computer. Examples of resources include individual files or an item's data, computer programs, computer devices and functionality provided by computer applications

OAuth (short for open authorization) is an open standard for access delegation, commonly used as a way for internet users to grant websites or applications access to their information on other websites but without giving them the passwords. This mechanism is used by companies such as Amazon, Google, Meta Platforms, Microsoft, and Twitter to permit users to share information about their accounts with third-party applications or websites.

list associated with a computing system resource that specifies which users or groups are permitted to perform specified operations

service that maps the names of network resources to their respective network addresses

method or effort designed to prevent the reproduction of software, films, music, and other media, usually for copyright reasons

peripheral device used to gain access to an electronically restricted resource

type of access control

JSON-based open standard (RFC 7519) for passing claims between parties in web application environment

Type of access control

authentication algorithm

state machine model used for enforcing access control in government and military applications

Security Assertion Markup Language (SAML, pronounced SAM-el, ) is an open standard for exchanging authentication and authorization data between parties, in particular, between an identity provider and a service provider. SAML is an XML-based markup language for security assertions (statements that service providers use to make access-control decisions). SAML is also: A set of XML-based protocol messages A set of protocol message bindings A set of profiles (utilizing all of the above)

Hacking Team was a Milan-based information technology company that sold offensive intrusion and surveillance capabilities to governments, law enforcement agencies and corporations. Its "Remote Control Systems" enabled governments and corporations to monitor the communications of internet users, decipher their encrypted files and emails, record Skype and other Voice over IP communications, and remotely activate microphones and camera on target computers. The company was criticized for providing these capabilities to governments with poor human rights records, though HackingTeam stated that they

information on an entity used by computer systems to represent an external agent

sophisticated malware

thumb|Suspected FinFisher government users that were active at some point in 2015.

process of verifying that a new or existing account is owned and operated by a specified real individual or organization

java implementation of Pluggable Authentication Module

individual who uses an account registered on an online service

The YubiKey is a collection of hardware authentication devices manufactured by Yubico AB (Nasdaq Stockholm: YUBICO), a company founded in 2007 by Jakob and Stina Ehrensvärd and headquartered in Stockholm, Sweden, with an American subdivision incorporated in Santa Clara California.

type of authentication protocol

type of computer security control that may include user identification, authorization, authentication, access approval, and audit

type of one time password

question used to control access

collaboration to develop an open reference architecture using open standards to promote the adoption of strong authentication

identity assurance in IT systems

approach to digital identity in which the user generates and controls unique identifiers and stores identity data

entity that manages identity information of users and provides authentication services to relying applications

special key combination which invokes a trusted login process

thumb|right|The NemID logo often appears where its usage is required or one of the log in optionsNemID () was a common login solution for Danish Internet banks, government websites, and some other private companies. NemID was managed by the Nets DanID A/S company and came into use on July 1, 2010. During its use, everyone in Denmark who was more than 15 years old and had a CPR-Number was eligible for a NemID, which could be used with their bank as well as public institutions. Anyone over 13 years old was able to use a NemID for internet banking. NemID was scheduled to be phased out on 30 June

component of Windows Server that provides centralized user authentication, authorization and accounting

protocol for delegated authorization based on OAuth

X badge that appears next to the name of an X account to identify authentic accounts of public interest and/or X Premium subscribers

Shamoon (), also known as W32.DistTrack, is a modular computer virus that was discovered in 2012, targeting then-recent 32-bit NT kernel versions of Microsoft Windows. The virus was notable due to the destructive nature of the attack and the cost of recovery. Shamoon can spread from an infected machine to other computers on the network. Once a system is infected, the virus continues to compile a list of files from specific locations on the system, upload them to the attacker, and erase them. Finally the virus overwrites the master boot record of the infected computer, making it unusable.

access control paradigm where access is evaluated based on attributes related to the subject, the object, requested operations and in some cases environmental attributes

identifier that enables a verifiable, decentralized digital identity

XML-based protocol for exchanging authentication and authorization identities between security domains

multi-factor authentication

An Auth-Code, also known as an EPP code, authorization code, transfer code, or Auth-Info Code, is a generated passcode required to transfer an Internet domain name between domain registrars; the code is intended to indicate that the domain name owner has authorized the transfer.