The event switch of the security context of an entity that switches identity to make it appear as another entity to the system or organizational process with the identity of another entity. Impersonation may be authorized (e.g. authorized security context switching) or unauthorized (e.g. impersonation attack). Depending on context, impersonation may designate the act of impersonating, the event of impersonation or the ability to impersonate. In cryptography, a formal and more restrictive definition may be used considering only the event when an adversary is given all public but no secret keys and convince the server he is an authorized user (Crescenzo, 2008). |