Specifications
23-3
Managing Access Server Security
SecurID
SecurID is a system of authentication from Security Dynamics Technologies, Inc.
There is no authorization information at the SecurID authentication host. Like
Kerberos, the SecurID realm provides values for realm-defined parameters.
Once the password has been accepted, its processing is analogous to the Kerberos
method. However, the resulting “authorization” parameters with SecurID, are the
combination of the realm parameters and the port configuration parameters.
User Accounts
User accounts provide a method of defining user name and password pairs, and
associated authorization parameters. User account information resides on the
access server. This is convenient method for supporting multiple administrative
roles that are fully self-contained on the access server.
Local user accounts support the Password Authentication Protocol (PAP) and the
Challenge Handshake Authorization Protocol (CHAP) Point-to-Point Protocol
(PPP). The local user accounts also support interactive username and password
authentication. Limited authorization information may also be configured for
each account. This feature is designed for small sites or for back-up access by the
network administrator.