• Create BookmarkCreate Bookmark
  • Create Note or TagCreate Note or Tag
  • PrintPrint
Share this Page URL
Help

Chapter 14. Security > Authentication on the Web

Authentication on the Web

The World Wide Web uses a stateless protocol in which each browser request to a server stands alone and does not depend on any context for what has gone before. Therefore, if a Web server wants to authenticate its users, it is necessary to add some kind of authentication to every request as well as to an initial login. In addition, the authentication problem is symmetric: the user wants to know that she is talking to the right server, and the server wants to know that it is talking to the right user.

Client authentication is the process of establishing the user's identity to the satisfaction of the server. We distinguish between systems that authenticate users directly to a commerce server (direct authentication) and systems that use third parties as intermediaries (indirect authentication).


PREVIEW

                                                                          

Not a subscriber?

Start A Free Trial


  
  • Creative Edge
  • Create BookmarkCreate Bookmark
  • Create Note or TagCreate Note or Tag
  • PrintPrint