Impersonation

Definitions

Impersonation involves:

“

[p]retending to be someone else and sending or posting material to get that person in trouble, put them in danger or to damage their reputation or friendships.[1]

”

“

[a] process by which a Web application assumes the identity of a particular user and thus gains all the privileges to which that user is entitled.[2]

”

Overview

"Impersonation has three possible levels: identification, letting the server inspect the client's identity; impersonation, letting the server act on behalf of the client; and delegation, the same as impersonation but extended to remote systems to which the server connects (through the preservation of credentials). Impersonation by imitating or copying the identification, behavior or actions of another may also be used in social engineering to obtain otherwise unauthorized physical access."^[3]

References

1. European Network and Information Security Agency, Security Issues and Recommendations for Online Social Networks 16 (Nov. 14, 2007) (full-text).
2. Wiki.GIS.com, GIS Glossary (full-text).
3. ISACA, Interactive Glossary & Term Translations (full-text).

See also

• False personation
• Impersonate
• Spoofing
• User interface impersonation
• Verifier impersonation attack