Authorization / Authentication�(definitions from lecture by Bill Bard, University of Texas, July 1998)
Authentication verifies a claim of identity. Is typically (ideally?) centralized.
- Public / Private Key encryption: e.g., VeriSign certificates sent back from web sites that request a credit card number
- Institutional ID number: Library Circulation Department and/or university Registrar and Personnel offices serve as central authority for maintaining credential.
- Currently no mechanism for coordinating PIN numbers across campus departments at our institution. Added “Change PIN” function so people can change their random DRA PIN to match other campus PINs.
- In scenario where a network login provided basis for all authorization, authentication would be truly centralized - for example, an NT domain server. Currently not flexible enough to accommodate needs of many libraries.