Tech moves fast! Stay ahead of the curve with Techopedia!
Join nearly 200,000 subscribers who receive actionable tech insights from Techopedia.
Universal authentication is a method for verifying the identity of users and computers on a network without asking for the same identification every time the user moves from site to site. The idea is that a security platform works out all the authentication requirements for all subsequent access to nodes within the same security area so that the user does not have to input his/her security credentials again every time a new node is encountered.
Universal authentication is the process of allowing a specific user access to security-controlled zones without having to verify his/her identity more than once. This can be thought of as similar to having a security key card that allows one access to every part of the building that one is allowed in. For identity validation, the initial background check one had prior to obtaining a card suffices; thereafter, one just needs his/her security key card. That is what universal authentication is like. As opposed to the authentication scheme that most are currently implementing, which is like having a security guard at every door of the building, checking credentials every time someone enters, even though the person just came out from the room a minute ago.
Most universal authentication methods make use of installed software, a platform that controls the authentication process in a given security zone such as a building or network. Other methods involve two-factor authentication, which makes use of a dedicated security device to be used in conjunction with the traditional username and password combination. This means that the owner must have both device and user account credentials before being authenticated, making it difficult for a thief to have both, and is especially effective against hackers since they are not able to obtain the physical security device.
There is currently no single standard for universal authentication, as each vendor is using its own proprietary platform and security protocols for its universal authentication product. However, organizations like the Fast Identity Online (FIDO) Alliance are pushing for standardized forms of universal authentication. The FIDO Alliance has created the Universal 2nd Factor (U2F) protocol and the Universal Authentication Framework (UAF) protocol for the industry to adopt and support.