Ever since the dawn of internetworking in the early 1960s, the concerns surrounding access to the data stored on the networks have been persistent. The idea of providing network access only to authorized people has formed one of the cornerstones of modern cybersecurity. It mandates that no users except those who have the right to access any resource on the network shall get it.

In the security systems, each user is stored as a set of attributes such as name, email ID, employee ID, etc., which collectively form the identity of that user. But what if a malicious actor tries to impersonate someone else to gain access to the systems? To stop such malicious users from getting access, cybersecurity measures should involve the act of verifying the identity of the users.