Authentication is the process of validating (otherwise known as proving) an identity. This process begins when a user submits identifying pieces of information (known as credentials) to the network. These credentials typically take the form of a User ID and password. A Policy Enforcement Point (PEP) reviews these credentials and decides whether or not the user should have access to the systems on that network.

Since these credentials are the only thing that stands between those who have access to the system and those that shouldn't, we have many rules about creating a secure yet easily-remembered password.

• Single sign-on (SSO)
  • Clinical Context Object Workgroup (CCOW)
  • Security Assertion Markup Language (SAML) 2.X
• Kerberos