A CDE Definition
(Terminal Access Controller Access Control System) An access control protocol used to authenticate a user logging into the network. TACACS is a simple username/password system. Extended TACACS (XTACACS) adds more intelligence in the server, and TACACS+ adds encryption and a challenge/response option. See challenge/response.
An authentication method used to prove the identity of a user logging into the network. When a user logs on, the network access server (NAS), wireless access point or authentication server creates a "challenge," which is typically a random number sent to the client machine. The client software uses its password or a secret key to encrypt the challenge via an encryption algorithm or a one-way hash function and sends the result back to the network (the "response"). The authentication system also performs the same cryptographic process on the challenge and compares its result to the response from the client. If they match, the authentication system has verified that the user has the correct password.
Challenge/response systems may also work with an authentication token, which is a smart card or credit-card sized card that users have in their possession. When they log in, they respond to the challenge by either inserting their smart card into a reader or typing in the password displayed on the card's readout. See authentication token, authentication, access control and CHAP.
Before/After Your Search Term
Terms By Topic
Click any of the following categories for a list of fundamental terms.