In the fields of physical security and information security, access control (AC) is the selective restriction of access to a place or other resource, while access management describes the process. The act of accessing may mean consuming, entering, or using. Permission to access a resource is called authorization.
Biometrics are body measurements and calculations related to human characteristics. Biometric authentication is used in computer science as a form of identification and access control. It is also used to identify individuals in groups that are under surveillance.
Single sign-on (SSO) is an authentication scheme that allows a user to log in with a single ID to any of several related, yet independent, software systems.
The Defense Commissary Agency (DeCA), headquartered at Fort Lee (Virginia), is an agency of the United States Department of Defense (DoD) that operates nearly 240 commissaries worldwide. American military commissaries sell groceries and household goods to active-duty, Guard, Reserve, and retired members of all eight uniformed services of the United States and eligible members of their families at cost plus surcharge, saving authorized patrons thousands of dollars compared to civilian supermarkets.
Automated fingerprint identification is the process of using a computer to match fingerprints against a database of known and unknown prints in the fingerprint identification system. Automated fingerprint identification systems (AFIS) are primarily used by law enforcement agencies for criminal identification purposes, the most important of which is the identification of a person suspected of committing a crime or linking a suspect to other unsolved crimes.
Identity document forgery is the process by which identity documents issued by governing bodies are copied and/or modified by persons not authorized to create such documents or engage in such modifications, for the purpose of deceiving those who would view the documents about the identity or status of the bearer. The term also encompasses the activity of acquiring identity documents from legitimate bodies by falsifying the required supporting documentation in order to create the desired identity.
An exchange is a type of retail store found on United States military installations worldwide. Originally akin to trading posts, they now resemble contemporary department stores or strip malls. Exact terminology varies by armed service; some examples include base exchange (BX), and post exchange (PX), and there are more specific terms for subtypes of exchange.
A credential is a piece of any document that details a qualification, competence, or authority issued to an individual by a third party with a relevant or de facto authority or assumed competence to do so.
The Common Access Card, also commonly referred to as the CAC is a smart card about the size of a credit card. It is the standard identification for Active Duty United States Defense personnel, to include the Selected Reserve and National Guard, United States Department of Defense (DoD) civilian employees, United States Coast Guard (USCG) civilian employees and eligible DoD and USCG contractor personnel. It is also the principal card used to enable physical access to buildings and controlled spaces, and it provides access to defense computer networks and systems. It also serves as an identification card under the Geneva Conventions. In combination with a personal identification number, a CAC satisfies the requirement for two-factor authentication: something the user knows combined with something the user has. The CAC also satisfies the requirements for digital signature and data encryption technologies: authentication, integrity and non-repudiation.
A credential service provider (CSP) is a trusted entity that issues security tokens or electronic credentials to subscribers. A CSP forms part of an authentication system, most typically identified as a separate entity in a Federated authentication system. A CSP may be an independent third party, or may issue credentials for its own use. The term CSP is used frequently in the context of the US government's eGov and e-authentication initiatives. An example of a CSP would be an online site whose primary purpose may be, for example, internet banking - but whose users may be subsequently authenticated to other sites, applications or services without further action on their part.
A contactless smart card is a contactless credential whose dimensions are credit-card size. Its embedded integrated circuits can store data and communicate with a terminal via NFC. Commonplace uses include transit tickets, bank cards and passports.
A United States Uniformed Services Privilege and Identification Card is an identity document issued by the United States Department of Defense to identify a person as a member of the Armed Forces or a member's dependent, such as a child or spouse.
Digital credentials are the digital equivalent of paper-based credentials. Just as a paper-based credential could be a passport, a driver's license, a membership certificate or some kind of ticket to obtain some service, such as a cinema ticket or a public transport ticket, a digital credential is a proof of qualification, competence, or clearance that is attached to a person. Also, digital credentials prove something about their owner. Both types of credentials may contain personal information such as the person's name, birthplace, birthdate, and/or biometric information such as a picture or a finger print.
Electronic authentication is the process of establishing confidence in user identities electronically presented to an information system. Digital authentication, or e-authentication, may be used synonymously when referring to the authentication process that confirms or certifies a person's identity and works. When used in conjunction with an electronic signature, it can provide evidence of whether data received has been tampered with after being signed by its original sender. Electronic authentication can reduce the risk of fraud and identity theft by verifying that a person is who they say they are when performing transactions online.
A registered user is a user of a website, program, or other systems who has previously registered. Registered users normally provide some sort of credentials to the system in order to prove their identity: this is known as logging in. Systems intended for use by the general public often allow any user to register simply by selecting a register or sign up function and providing these credentials for the first time. Registered users may be granted privileges beyond those granted to unregistered users.
In computer systems, an access token contains the security credentials for a login session and identifies the user, the user's groups, the user's privileges, and, in some cases, a particular application. In some instances, one may be asked to enter an access token rather than the usual password.
Defense Enrollment Eligibility Reporting System (DEERS) is a computerized database for United States Service members, military retirees, 100% VA Disabled Veterans, dependents, DoD active Contractors, and others worldwide who are entitled to Public Key Infrastructure and TRICARE eligibility.
In order to identify a person, a security system has to compare personal characteristics with a database. A scan of a person's iris, fingerprint, face, or other distinguishing feature is created, and a series of biometric points are drawn at key locations in the scan. For example, in the case of a facial scan, biometric points might be placed at the tip of each ear lobe and in the corners of both eyes. Measurements taken between all the points of a scan are compiled and result in a numerical "score". This score is unique for every individual, but it can quickly and easily be compared to any compiled scores of the facial scans in the database to determine if there is a match.
A whole new range of techniques has been developed to identify people since the 1960s from the measurement and analysis of parts of their bodies to DNA profiles. Forms of identification are used to ensure that citizens are eligible for rights to benefits and to vote without fear of impersonation while private individuals have used seals and signatures for centuries to lay claim to real and personal estate. Generally, the amount of proof of identity that is required to gain access to something is proportionate to the value of what is being sought. It is estimated that only 4% of online transactions use methods other than simple passwords. Security of systems resources generally follows a three-step process of identification, authentication and authorization. Today, a high level of trust is as critical to eCommerce transactions as it is to traditional face-to-face transactions.
A campus credential, more commonly known as a campus card or a campus ID card is an identification document certifying the status of students, faculty, staff or other constituents as members of the institutional community and eligible for access to services and resources. Campus credentials are typically valid for the duration of a student's enrollment or an employee's service.
