all right, We move on to domain seven, where we talk about identification in authentication, and this is actually the fifth requirement specified by missed 801 71.
So here, when we look about the look at the basic security requirements, you know, if you talk about identification and authentication, identification is all about making a claim. I claim to be Kelly Hander Hand, but that identification should be followed up with authentication, which is proof.
And if we don't follow with authentication, I can claim to be anyone. I claim to be the administrator, but you can't put the faith in that. And if identification is left alone than spoofing becomes very easy, I can say I'm Michelle Obama, but until I provide proof of that,
uh, you probably shouldn't trust that or give me the keys to the White House, All right, So for basic security requirements were gonna identify users
and processes that act on behalf of users or devices. And one of the things that we've got to realise is the user logs in. You know, the activities of the processes run at the level of the user that's locked in, which is exactly why we don't log in with our administrator accounts. We log in with their garden variety
right, because we don't want to give process is too much power. And that's where user account control comes in with, like the Windows products. Starting with Vista. You know the attempt. There's two really authenticate the fact that this process it's not a road process but it is running on behalf of a user is intended. Okay,
authenticate the identity of those users processes or devices as a prerequisite to allowing access right. We don't allow access until you've authenticate,
and those were the two basic security requirements as defined in relation to identification and authentication.