Verifying the identity of a user, process or device as a prerequisite to allowing access to resources in a system.