chapter 4 part 2 network security n.
Download
Skip this Video
Loading SlideShow in 5 Seconds..
Chapter 4 (Part 2) Network Security PowerPoint Presentation
Download Presentation
Chapter 4 (Part 2) Network Security

Loading in 2 Seconds...

play fullscreen
1 / 13

Chapter 4 (Part 2) Network Security - PowerPoint PPT Presentation


  • 120 Views
  • Uploaded on

Chapter 4 (Part 2) Network Security. Chapter 4 – Protection in General-Purpose Operating Systems Section 4.5 User Authentication. In this section . Authentication Passwords Effective passwords Breaking passwords One-Time Systems Biometrics. User Authentication.

loader
I am the owner, or an agent authorized to act on behalf of the owner, of the copyrighted work described.
capcha
Download Presentation

PowerPoint Slideshow about 'Chapter 4 (Part 2) Network Security' - overton


An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.


- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -
Presentation Transcript
chapter 4 part 2 network security

Chapter 4 (Part 2)Network Security

Chapter 4 – Protection in General-Purpose Operating Systems

Section 4.5 User Authentication

in this section
In this section
  • Authentication
  • Passwords
    • Effective passwords
    • Breaking passwords
  • One-Time Systems
  • Biometrics
user authentication
User Authentication
  • Most software and OS base there security on knowing who the user is
  • Authentication based on 1 of 3 qualities:
    • Something the user knows – Passwords, PIN, passphrase
    • Something the user has – Key, license, badge, username
    • Something the user is – physical characteristics or biometrics
  • Two forms of these can be combined together
passwords as authenticators
Passwords as Authenticators
  • Most common authentication mechanism
  • Password – a word unknown to users and computers
  • Problems with passwords:
    • Loss
    • Use – time consuming if used on each file or access
    • Disclosure – if Malory finds out the password might cause problems for everyone else.
    • Revocation – revoke one persons right might cause problems with others
additional authentication information
Additional Authentication Information
  • Placing other condition in place can enforce the security of a password
  • Other methods:
    • Limiting the time of access
    • Limiting the location of access
  • Multifactor Authentication is using additional forms of authentication
  • The more authentication factors cause more for the system and administrator to manage
attacks on passwords
Attacks on Passwords
  • Figuring out a password
    • Try all possible passwords
    • Try frequently used passwords
    • Try passwords likely for the user
    • Search for the system password list
    • Ask the user
  • Loose-Lipped Systems
    • Authentication system leaks information about the password or username
    • Provides information at inconvenient times
exhaustive attack
Exhaustive Attack
  • Brute force attack is when the attacker tries all possible passwords
  • Example:
    • 26 (A-Z)character password of length 1 to 8 characters
    • One password per millisecond would take about two months
    • But we would not need to try every password
password problems
Password Problems
  • Probable Passwords
  • Passwords Likely for a user
  • Weakness is in the users choice
  • Weakness is in the control of the system
  • Look at table 4-2 on page 225
password selection criteria
Password Selection Criteria
  • Use characters other than just A-Z
  • Choose long passwords
  • Avoid actual names or words
  • Choose an unlikely password
  • Change the password regularly
  • Don’t write it down
  • Don’t tell anyone else – beware of Social Engineering
one time passwords
One-Time Passwords
  • Password that changes every time
  • Also known as a challenge-response systems
    • F(x)=x+1 - use of a function
    • F(x)=r(x) – Seed to a random number generator
    • F(a b c d e f g) = b d e g f a c – transformation of a character string
    • F(E(x))=E( D (E (x)) + 1 ) – Encrypt value must be decrypted and run through a function
the authentication process
The Authentication Process
  • Slow response from system
  • Limited number of attempts
  • Access limitations
  • Fixing Flaws with a second level of protection
    • Challenge-Response
    • Impersonation of Login
biometrics
Biometrics
  • Biometrics are biological authenticators
  • Problems with Biometrics
    • Still a relatively new concept
    • Can be costly
    • Establishing a threshold
    • Single point of failure
    • False positives
    • Speed can limit accuracy
    • Forgeries are possible