March 03, 2016
I'm amazed the spell checker let this one go through!
Being in the security business (and more specifically, the ID "area" of this vast and connected industry), I come across some odd things, but this one stands out from the crowd.
Here it is: Nonrepudiation
Simply put, its the assurance that someone cannot deny something.
Hard to believe, but in nearly every aspect of your life it has special significance.
When assets (property or information) are deemed valuable, we protect them and only allow authorized persons to handle them. To accomplish this, we use ID - either a token, card, username, password or biometric.
When an individual presents their ID (eg. their name), they are making an identity assertion. Implied in this assertion is that they are entitled to have access to the property or information they are requesting. This assertion needs to be validated. Upon successful validation they are authorized to gain entry or access.
But what if that person with full authorization wants to do something nefarious? If the system cannot track the actions of the person who has authorization, its nearly as bad as not having any prevention in the first place.
Nonrepudiation means that a person with authenticated and authorized access cannot deny the actions they took with respect to the property or information they were accessing.
Yes, it is the oddest word we've come across in the world of Identification Security. And introducing it into a discussion at your next cocktail party will draw admiration from all who listen. Just try it and see.