Definition: Authentication is a non-functional requirement that ensures that only authorized users can access a system or application. It involves verifying the identity of the user through various means such as passwords, biometric identification, or security tokens. Authentication is crucial for maintaining the security and integrity of a system, as it prevents unauthorized access and protects sensitive information from being compromised. It also helps to ensure accountability and traceability by keeping a record of user activities.
Source: TOGAF
Source reference: https://pubs.opengroup.org/architecture/togaf9-doc/arch/chap03.html
Additional information: According to the TOGAF specification, Authentication is a non-functional requirement that refers to the process of verifying the identity of a user or system. It is a critical aspect of security and is necessary to ensure that only authorized users or systems can access the system or application.
The Authentication non-functional requirement can be further broken down into several sub-requirements, including:
1. Identification - The process of identifying a user or system based on a unique identifier such as a username, email address, or IP address.
2. Authentication Mechanisms - The methods used to verify the identity of a user or system, such as passwords, biometric authentication, or two-factor authentication.
3. Authorization - The process of granting or denying access to specific resources or functions based on the authenticated user's permissions.
4. Audit Trail - The ability to track and record all authentication attempts and actions taken by authenticated users or systems.
5. Security - The requirement to ensure that authentication mechanisms are secure and cannot be easily bypassed or compromised.
Overall, the Authentication non-functional requirement is critical to ensuring the security and integrity of a system or application and should be carefully considered and implemented in accordance with industry best practices and standards.
Example: An example of the IT non-functional requirement 'Authentication' could be that a user must provide a valid username and password to access a secure system or application. This ensures that only authorized users are able to access sensitive information or perform certain actions within the system. Additionally, the system may require multi-factor authentication, such as a security token or biometric verification, to further enhance security and prevent unauthorized access.
LOST view: Digital Solution Non-Functional Requirements Catalogue view
Identifier: http://data.europa.eu/dr8/egovera/AuthenticationRequirement
EIRA traceability: eira:DigitalSolutionNonFunctionalRequirementRequirement
ABB name: egovera:AuthenticationRequirement
EIRA concept: eira:ArchitectureBuildingBlock
Last modification: 2023-05-16
dct:identifier: http://data.europa.eu/dr8/egovera/AuthenticationRequirement
dct:title: Authentication Non-Functional Requirement
|
|
| dct:modified | 2024-01-28 |
| dct:identifier | http://data.europa.eu/dr8/AuthenticationRequirement |
| dct:title | Authentication Non-Functional Requirement |
| skos:example | An example of the IT non-functional requirement 'Authentication' could be that a user must provide a valid username and password to access a secure system or application. This ensures that only authorized users are able to access sensitive information or perform certain actions within the system. Additionally, the system may require multi-factor authentication, such as a security token or biometric verification, to further enhance security and prevent unauthorized access. |
| skos:definition | Authentication is a non-functional requirement that ensures that only authorized users can access a system or application. It involves verifying the identity of the user through various means such as passwords, biometric identification, or security tokens. Authentication is crucial for maintaining the security and integrity of a system, as it prevents unauthorized access and protects sensitive information from being compromised. It also helps to ensure accountability and traceability by keeping a record of user activities. |
| eira:concept | eira:ArchitectureBuildingBlock |
| eira:definitionSource | TOGAF |
| eira:definitionSourceReference | https://pubs.opengroup.org/architecture/togaf9-doc/arch/chap03.html |
| skos:note | According to the TOGAF specification, Authentication is a non-functional requirement that refers to the process of verifying the identity of a user or system. It is a critical aspect of security and is necessary to ensure that only authorized users or systems can access the system or application.
The Authentication non-functional requirement can be further broken down into several sub-requirements, including:
1. Identification - The process of identifying a user or system based on a unique identifier such as a username, email address, or IP address.
2. Authentication Mechanisms - The methods used to verify the identity of a user or system, such as passwords, biometric authentication, or two-factor authentication.
3. Authorization - The process of granting or denying access to specific resources or functions based on the authenticated user's permissions.
4. Audit Trail - The ability to track and record all authentication attempts and actions taken by authenticated users or systems.
5. Security - The requirement to ensure that authentication mechanisms are secure and cannot be easily bypassed or compromised.
Overall, the Authentication non-functional requirement is critical to ensuring the security and integrity of a system or application and should be carefully considered and implemented in accordance with industry best practices and standards. |
| eira:PURI | http://data.europa.eu/dr8/AuthenticationRequirement |
| dct:type | eira:AuthenticationRequirement |
| eira:view | Digital Solution Non-Functional Requirements Catalogue view |
| eira:eifLayer | N/A |
| skos:broader | http://data.europa.eu/dr8/DigitalSolutionNonFunctionalRequirementRequirement |