University of Texas Health Science Center at Houston
Middleware |  Identity Management |  Directory Service |  Authorization |  Digital IDs |  Systems

Conceptual Overview

Authentication is the process of determining if a real-world entity, person or system, is who or what its identifier claims it is. It is the core middleware service required for all secure, networked activities in Cyberspace. 

Identity is authenticated by the presentation of digital credentials, In the case of people, identity may be confirmed by:

  • something you know, e.g. a password,
  • something you have, e.g. USB token or digital ID (certified public/private key), and/or
  • something you are, e.g. biometrics such as a fingerprint or facial scan.
The security of any authentication process depends on several variables. Authentication using only a password is much less secure than using a USB token activated by a password This latter example represents a "two-factor" authentication mechanism in that the process requires you to provide
  • something you have, and
  • something you know.
Authentication at UTHSC-H

Strategically, the university is moving toward using one of two mechanisms when authentication is required:

  • UTHSC-H username/password when basic security is needed, and
  • Digital IDs when high security with strong identity verification is required.
Using only two authentication mechanisms for all "secured" applications has multiple benefits. These include:
  • users must know significanly fewer passwords - possibly only two for UTHSC-H systems,
  • greatly reduced number of help-desk calls requesting password assistance,
  • rolling out new restricted applications without issuing additional usernames/passwords,
  • digital signatures for e-mail and electronic documents,
  • encryption of e-mail ensuring that only intended recipients can view messages,
  • easy sharing of restricted resources among different universities,
  • enhanced overall security, 
  • increased user satisfaction, and
  • significant return on investment.

Academic Technology