Most people who have used a computer know about passwords. People rely on passwords to prevent others from getting to their stuff. Computer systems use passwords to know that you are who you say you are. There are other ways we can access computers too. We can use our fingerprints or our face. All these ways help keep us and our stuff safe.
Knowing Who You Are
All these methods are ways computers use to verify a person’s identity. A valid identity tells a computer that the user is allowed to use it. Each of these ways verifies them because, ideally, only they know their password. Their fingerprint only belongs to them. Their face is, well, their face. In the language of computer science, this is called authentication.
Suppose you set up an account on a computer system (like a streaming media service, for example). When you sign in for the first time, you create a relationship with the system. You create a username and password, telling the computer you’re someone unique. If someone tries to sign in as you, they need to know your password along with your username. The combination is unique on that streaming service and should be known only to you.
A Clubhouse Example
Imagine that as a child, you created a club. You and a group of friends were in this club. You had a clubhouse. This was a place you’d meet and tell stories or eat snacks.
In this club, you made a “secret password” so only people with the password could get into the clubhouse. You’d spend a good deal of time trying to come up with the perfect (and usually funny) password. You’d whisper the secret password to each other and promised not to tell anyone. The next time one of you came to the clubhouse, someone at the entrance would ask for the password before they’d grant entry.
In this case, the password wasn’t used to make sure only certain people could get in. You and your friends all knew each other. Rather, you used the password to keep people out. If a parent, guardian, or stranger tried to get into your secret club, you could ask, “What’s the password?” If they didn’t know it, they couldn’t get in.
Passwords and other identification tools do both things. They tell the system who should be allowed in. But they also keep all others out.
What Can I Do?
Identity is only one part of security. Once you’ve gotten into a system, it may be important to prevent certain types of activity. For example, a family who shares a computer may give everyone access to a movie service. But they may want to restrict the kids from watching movies with a certain rating. Everyone can get in. Only the adults can watch all the movies. Computer scientists call this authorization.
Modern computer systems are designed so administrators can authorize people based on roles. Everyone with an “owner” role, for example, may have access to everything. People with a “member” role will have limited access. Members may have access to some files and can only do a limited number of things.
Going back to our clubhouse example, suppose the club had bylaws. The bylaws tell the members what the club is about and the rules everyone has to follow. The bylaws may say that only the president and vice president can vote on changes to the bylaws. Everyone else just gets to follow the rules. This may not be a great club, but this governmental system does show how authorization works.
Without authentication, anyone on the internet would be able to access any computer system. Without authorization, it wouldn’t be possible to restrict access to certain data, files, or services once a person has access to a system. By using both together, computer administrators have powerful tools to keep people and assets safe.
Leave a Reply