Network authentication tokens

Abstract

Network users may be authenticated by different means and from a variety of locations. Once authenticated, the user's access should be consistent with the strength of the authentication. The author examines one possible method for determining the authentication strength and conveying this information within a distributed network. The approach discussed uses a token composed of a unique user ID and an authentication level. The token is sent along with the request for establishing a remote session. Once the token is received, the remote location determines user access based solely on the authentication token.<>