When a user accesses a ?¬?le share or a printer, it??™s the
same authority that decides whether the request will be ful?¬?lled;
in both cases, it is the network identity of the user that will determine
the outcome.
On the Internet things are radically different. The company that
offers Web-based email has no relationship with the one that
produces your instant messaging application of choice.
Nonetheless they both want their users to authenticate before
enjoying their services. The effect is very similar to what would
Moving from local
networks to the
Internet is a complete
game changer
In a local network,
a single authority
reigns over everything
On the Internet, the
resources are
spread across
countless owners
34 The Problem
have happened to local networks if they would have stuck with
blind credentials instead of moving to authentication: a pile of
different passwords for every resource, with no clear distribution
or maintenance model.
The Internet situation is actually more complex. Every single
service performs a full-?¬‚edged authentication and, in the context
of the resources managed by the same authority, all the good
properties of authentication and authorization still hold.
Pages:
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82