Authentication

Verification (i.e., establishment of the truth of) an identity claimed by or for a system entity.

In general English usage, this term usually means "to prove genuine" (e.g., an art expert authenticates a Michelangelo painting). But the recommended definition carries a much narrower meaning. For example, to be precise, do not say "the host authenticates each received datagram". Instead, say "the host authenticates the origin of each received datagram". In most cases, we also can say "and verifies the datagram's integrity", because that is usually implied.

Rather than saying we authenticate a digital signature or digital certificate, say we "sign" and then "verify" digital signatures, and we "issue" and then "validate" digital certificates.

Specifically, authentication is the process of verifying an identity claimed by or for a system entity.

An authentication process consists of two steps:

Identification step: Presenting an identifier to the security system. (Identifiers should be assigned carefully, because authenticated identities are the basis for other security services, such as access control service.)
Verification step: Presenting or generating authentication information that corroborates the binding between the entity and the identifier.

Authentication information, the information used to verify an identity claimed by or for an entity, may exist as, or be derived from, one of the following:

Something the entity knows (usually a password).
Something the entity possesses (a token).
Something the entity is (as with biometric authentication).