Connect to the Purdue Home Page

Purdue University

Identity and Access Management


Authenticating is proving an identity. The person offering the identity is asked to supply some secret token that proves the declaration of identity is correct. Often the token is a password, but it can be a public key infrastructure (PKI) X.509 certificate or some other form of privately owned information that substantiates the identity's ownership.

The I2A2 Authentication DBM

A dedicated data base manager (DBM) of the I2A2 system supports the checking of identities. Users interact with the DBM via the authentication network daemon, authcnetd, using a simple ASCII protocol. The authentication DBM also provides a store for the public part of X.509 certificates.

Authentication Realms

The authentication DBM's database is partitioned into administrative authentication realms to allow departments flexibility in implementing their own authentication security policies. Realms are created by their inclusion in the realm configuration file by an I2A2 administrator.


Users authenticate to a realm either by presenting a Purdue-issued X.509 certificate when they connect to authcnetd, or by sending an identifier and a password over an SSL connection.

Feedback | Contact Purdue
Maintained by: IAMO Team

Purdue University, West Lafayette, IN 47907, (765) 494-4600
© 2010 - 2013 Purdue University | An equal access/equal opportunity university | Copyright Complaints
If you have trouble accessing this page because of a disability, please contact the CSC at or (765) 494-4000.