The most surprising thing in Chapter 5 was the concept of AAA which implied to Authentication, Authorization as well as Auditing. Assessment of people’s identity can be achieved through requesting permission of resource use through the process of authentication. It was also surprising to note that specified permissions can be granted to any authenticated user through a process of authorization. A network system can also conduct auditing or accounting which involves collection of information concerning a person for analysis through the provision of log files.
The use of biometric authentication was also a surprising development in chapter 5 in which case, the use features of an individual such as the patterns of the iris and fingerprints, or an activity of a person such as speaking or writing is practical. Biometric authentication does not require reusable passwords and can be used to check false acceptance rate, FAR, failure to enroll, FTE as well as false rejection rates, FRR. The chapter also revealed the goals of biometric authentication which include identification, watch list and verification.
Chapter 5 also indicated the use of meta-directories as a means of coordinating directory servers and this was the most difficult part of this chapter. The system of meta-directory facilitates an effective data flow between directory services and the database thereby facilitating for data synchronization. This was revealed as a crucial part in the system of identity management in the network system. The information that undergoes the process of synchronization includes distinctive collections of entries which have user profiles coupled with potential policy information as well as authentication. Majority of the deployments of meta-directory are responsible for data synchronization in to a single directory server on the basis of LDAP.