My understanding about authentication is:

Authentication means validation or verification.

Subject and Object are involved.

The authentication process done by whom ?
Object validates or verifies subject . So it is done by object. If subject is verified/validated by object it was allowed to enter into a system.

My doubt is:

Sometimes I am reading "subject authenticates to object " or some " X authenticated to Y ".
Is it right statement? It is not subject's action right?
Subject was authenticated by object always. Right or not ?

(I assume it like subject entering into object ; that should not be correct ; subject was allowed by object)

Pls someone clarify this .

Authentication involves proof of identity -- a user sits down at a terminal and types the user name "Jane" but must supply the associated password to verify (Authenticate) that she is indeed Jane.

Think of your house or apartment, you authenticate to the house by inserting your key into the lock on the door and turning it -- if it is the right key, the door opens and you are allowed access.

So, it is quite proper to say X authenticates to Y (X "proves" his identity to Y) or X is authenticated by Y (Y accepts the proof of identity supplied by X).