Page Properties |
---|
Contexts | Computer Science, IAM, Information Security |
---|
Term | Impersonation |
---|
Alternative Forms | To impersonate |
---|
Definitions | The event switch of the security context of an entity that switches identity to make it appear as another entity to the system or organizational process with the identity of another entity. Impersonation may be authorized (e.g. authorized security context switching) or unauthorized (e.g. impersonation attack). Depending on context, impersonation may designate the act of impersonating, the event of impersonation or the ability to impersonate. In cryptography, a formal and more restrictive definition may be used considering only the event when an adversary is given all public but no secret keys and convince the server he is an authorized user (Crescenzo, 2008). |
---|
Related Terms | AAL3Active Impersonation Authentication Authenticator Assurance Level 3Concurrent Impersonation Impersonation Attack Impersonation Resistance Impersonation TokenPassive Impersonation Security Context Verifier Impersonation Verifier Impersonation Resistance
|
---|
|
...
(NIST SP 800-63A, 2020(2), p. 25)
As typically done in the literature on identification schemes, we study security against impersonation; that is, against an adversary that, given all public keys (but no secret key), tries to convince the server to be an authorized user.
(Crescenzo, 2008, p. 4-5)
impersonation
Ability of a process to run using a different security context than the one that owns the process.
Overview
Impersonation is a feature of operating systems and applications that allows them to respond to client requests. Typically, a server impersonates a client to allow the client to access resources on the server. For example, Internet Information Services (IIS) uses impersonation to provide a secure context for responding to anonymous requests from clients.
An impersonation token is an access token that contains the security information of a client process and allows the server to impersonate the client to access resources.
See Also: authentication
...
Bibliography
See Also
...
Filter by label (Content by label) |
---|
showLabels | false |
---|
sort | title |
---|
cql | label in ( "impersonation" , "impersonation-attack" ) |
---|
|