Authentication is any process by which a system verifies the identity of a User who wishes to access it. Since Access Control is normally based on the identity of the User who requests access to a resource, Authentication is essential to effective Security.
Authentication may be implemented using Credentials, each of which is composed of a User ID and Password. Alternately, Authentication may be implemented with Smart Cards, an Authentication Server or even a Public Key Infrastructure.
Users are frequently assigned (with or without their knowledge)
Tickets, which are used to track their Authentication state. This
helps various systems manage Access Control without frequently
asking for new Authentication information.