Page 958 - (ISC)² CISSP Certified Information Systems Security Professional Official Study Guide
P. 958
for students within a classroom environment are significantly less.
You can simplify identification and authentication by
thinking about a username and a password. Users identify
themselves with usernames and authenticate (or prove their
identity) with passwords. Of course, there are many more
identification and authentication methods, but this simplification
helps keep the terms clear.
Registration and Proofing of Identity
The registration process occurs when a user is first given an identity.
Within an organization, new employees prove their identity with
appropriate documentation during the hiring process. Personnel
within a human resources (HR) department then begin the process of
creating their user ID.
Registration is more complex with more secure authentication
methods. For example, if the organization uses fingerprinting as a
biometric method for authentication, registration includes capturing
user fingerprints.
Identity proofing is a little different for users interacting with online
sites, such as an online banking site. When a user first tries to create
an account, the bank will take extra steps to validate the user’s
identity. This normally entails asking the user to provide information
that is known to the user and the bank such as account numbers and
personal information about the user such as a national identification
number or social security number.
During this initial registration process, the bank will also ask the user
to provide additional information, such as the user’s favorite color, the
middle name of their oldest sibling, or the model of their first car.
Later, if the user needs to change their password or wants to transfer
money, the bank can challenge the user with these questions as a
method of identity proofing.
Many organizations, such as financial institutions, often use more
