A group of protocols used to protect assets from unauthorised users. The method it used is one side sends a ‘challenge’ and the other side replies with a ‘response’. A prime example is an application questions a user for their password and the person responds with it.