authentication [English]

Other Languages

InterPARES Definition

n. ~ IP2, Archives · A declaration of a record's authenticity at a specific point in time by a juridical person entrusted with the authority to make such a declaration (e.g., public officer, notary, certification authority).
— (authenticate, v.) ~ To declare, either orally, in writing, or by affixion of a seal, that an entity is what it purports to be, after having verified its identity.

General Notes

Archivists use the term to describe the process of demonstrating, generally through internal and external evidence, that a document is genuine and free from tampering. Computing/IT uses the term to describe the process of granting an authorized user access to a system.

Other Definitions

  • Black's 5th 1983 (†372 ): In the law of evidence, the act or mode of giving authority or legal authenticity to a statute, record, or other written instrument, or a certified copy thereof, so as to render it legally admissible in evidence.
  • Black's 9th 2009 (†382 s.v. "authentication"): authentication, n. (18c) 1. Broadly, the act of proving that something (as a document) is true or genuine, esp. so that it may be admitted as evidence; the condition of being so proved . [Cases: Criminal Law (key) 444; Evidence (key) 366-381.] 2. Specif., the assent to or adoption of a writing as one's own. ¶ "The concept of authentication, although continually used by the courts without apparent difficulty, seems almost to defy precise definition. Some writers have construed the term very broadly, as does Wigmore when he states that 'when a claim or offer involves impliedly or expressly any element of personal connection with a corporeal object, that connection must be made to appear...' So defined, 'authentication' is not only a necessary preliminary to the introduction of most writings in evidence, but also to the introduction of various other sorts of tangibles." John W. Strong et al., McCormick on Evidence § 218, at 350 (5th ed. 1999)
  • Black's 9th 2009 (†382 p. 151): 1. Broadly, the act of proving that something (as a document) is true or genuine, esp. so that it may be admitted as evidence; the condition of being so proved – 2. Specif., the assent to or adoption of a writing as one's own. ¶ self-authentication · Authentication without extrinsic evidence of truth or genuineness. · In federal courts, certain writings, such as notarized documents and certified copies of public records, may be admitted into evidence by self-authentication. Fed. R. Evid 902.
  • SAA Glossary 2005 (†241 ): n. ~ 1. The process of verifying that a thing is what it purports to be, that it is acceptable as genuine or original. – 2. Computing · The process of establishing a user's identity.
    – authenticate, v. ~ 3. To verify that a thing is what it purports to be. – 4. Computing · To establish an individual's identity.
    Notes: Authentication2 is often accomplished through a shared secret known to the individual and the system, such as a user id (or name) and password. If a shared secret is not available or the system might compromise that secret, digital signatures based on public key cryptography can be used to authenticate the identity of the individual who sends a signed message.
  • Wikipedia (†387 s.v. authentication): The act of confirming the truth of an attribute of a single piece of data (datum) or entity.

Citations

  • Berman 2008 (†586 p.55 ): Security measure designed to establish the validity of a transmission, message, or originator or a means of verifying an individual’s authority to receive specific categories of information. (†1178)
  • CNSS-4009 (†730 p.4): The process of verifying the identity or other attributes claimed by or assumed of an entity (user, process, or device), or to verify the source and integrity of data. (†1720)
  • ISACA Glossary (†743 s.v. authentication): 1. The act of verifying identity (i.e.,  user, system) Scope Note:  Risk: Can also refer to the verification of the correctness of a piece of data. 2. The act of verifying the identity of a user and the user’s eligibility to access computerized information. Scope Note:  Assurance: Authentication is designed to protect against fraudulent logon activity. It can also refer to the verification of the correctness of a piece of data. (†1760)
  • Isaza 2010 (†326 ): Authentication of records is one of the most critical reasons why metadata merits discussion. The outcome of several cases has turned on whether sufficient metadata existed to authenticate key documents at issue. (†300)
  • Isaza 2010 (†326 Quoting the Lorraine v Markel decision, 241 F): "Whenever ESI is offered into evidence,” the court explains, “this data must survive the rules of evidence. Even if relevant…, the ESI also must be authentic as required by rule 901(a)…” Quoting rule 901(a), the court further details what constitutes authentication: “the requirement of authentication or identification as a condition precedent to admissibility is satisfied by evidence sufficient to support a finding that the matter in question is what its proponent claims.” (†302)
  • Isaza 2010 (†326 ): System metadata (e.g., file names and extensions, sizes, creation dates) … could be crucial to authenticating the record for any purpose where authenticity of the record is paramount, like archival or historical uses. (†303)
  • Law 2011 (†581 s.v. authentication): A software security verification procedure to acknowledge or validate the source, uniqueness, and integrity of an e-commerce message to make sure data is not being tampered with. The verification is typically achieved through the use of an electronic signature in the form of a key or algorithm that is shared by the trading partners. (†1141)
  • NIST 2013 (†734 p. B-2): Verifying the identity of a user, process, or device, often as a prerequisite to allowing access to resources in an information system. [FIPS 200] (†1843)
  • Wikipedia (†387 s.v. authentication): In contrast with identification which refers to the act of stating or otherwise indicating a claim purportedly attesting to a person or thing's identity, authentication is the process of actually confirming that identity. It might involve confirming the identity of a person by validating their identity documents, verifying the validity of a Website with a digital certificate, tracing the age of an artifact by carbon dating, or ensuring that a product is what its packaging and labeling claim to be. In other words, authentication often involves verifying the validity of at least one form of identification. (†1282)