This part covers the basic principles of authentication and intrusion detection in distributed systems. Authentication-related security threats are discussed, e.g., forgery, replay, eavesdropping, and repudiation. Basic authentication protocols are covered including the Needham-Schroeder protocol, the Denning-Sacca protocol, and the kerberos protocol. The problem of intrusion detection is introduced. In host-based intrusion detection systems, intrusion detection clients run on the individual hosts of the network and collect data about real time processes, user activities, and the contents of log files. In network-based systems, the intrusion detection code runs in some dedicated network devices and analyzes packets for known attack patterns. An overview of intrusion detection methods, their functionality and limitations is given.