Presentation is loading. Please wait.

Presentation is loading. Please wait.

Lecture 19 Overview. User Authentication Systems often have to identify and authenticate users – OS when a user logs in – Web server before handing out.

Published byAmelia Hudson Modified over 8 years ago

Similar presentations

Presentation on theme: "Lecture 19 Overview. User Authentication Systems often have to identify and authenticate users – OS when a user logs in – Web server before handing out."— Presentation transcript:

1 Lecture 19 Overview

2 User Authentication Systems often have to identify and authenticate users – OS when a user logs in – Web server before handing out confidential info Identification and authentication is easy among people that know each other – We identify our friends based on their face or voice More difficult for computers to authenticate people sitting in front of them Even more difficult for computers to authenticate people accessing them remotely 2

3 Authentication Factors Something the user knows – User name and password, PIN, secret question Something the user has – ATM card, badge, cookie, physical key, uniform Something the user is – Biometrics (fingerprint, voice pattern, face,…)‏ Have been used by humans forever, but only recently by computers Something about the user’s context – Location, time 3

4 Combination of Auth. Factors Different classes of authentication factors can be combined for more solid authentication – Two- or multi-factor authentication Using multiple factors from the same class might not provide better authentication 4

5 Passwords Probably oldest authentication mechanism User enters user ID and password Usability problems – Entering passwords is inconvenient – If password is disclosed to unauthorized individual, the individual can immediately access protected resource Unless we use multi-factor authentication – If password is shared among many people, password updates become difficult 5

6 Password Guessing Attacks Brute-force: Try all possible passwords using exhaustive search Can make attack harder by including digits and special characters in password However, exhaustive search assumes that people choose passwords randomly, which is often not the case – Attacker can do much better by exploiting this observation 6

7 Password Guessing Attacks Attack requires that attacker has encrypted password file or encrypted document – Offline attack Instead attacker might want to guess your banking password – Online attack Online guessing attacks are detectable – Bank shuts down online access to your bank account after n failed login attempts typically n ≤ 5 7

8 Choosing Good Passwords Use letters, numbers and special characters Choose long passwords – At least eight characters Avoid guessable roots If supported, use pass phrase Mix upper and lower case introduce misspellings and special characters Avoid common phrases – e.g., advertisement slogans 8

9 Password Hygiene Writing down passwords is more secure than – storing many passwords on a networked computer or – re-using same password across multiple sites Change passwords regularly – Especially if shorter than eight characters – Should users be forced to change their password? – Leads to password cycling and similar “myFavoritePwd” -> “dummy” -> “myFavoritePwd” goodPwd.”1” -> goodPwd.”2” -> goodPwd.”3” 9

10 Password Hygiene Don’t reveal passwords to others – In email or over phone If your bank really wants your password over the phone, switch banks Don’t enter password that gives access to sensitive information on a public computer – Don’t do online banking on them Unreasonable to expect users to remember long passwords, especially when changed often 10

11 Attacks on Password Files Systems need to store information about a password in order to validate given password Storing passwords in plaintext is dangerous, – even when file is read protected from users – Password file might end up on backup tapes – Intruder into OS might get access to password file – System administrator has access to file and might use passwords to impersonate users at other sites Many people re-use passwords across multiple sites 11

12 Defending against Attacks Store only a digital fingerprint of the password in the password file – using cryptographic hash When logging in, system computes fingerprint of entered password and compares it with user’s stored fingerprint Still allows guessing attacks when password file leaks 12

13 Defending against Attacks UNIX makes these attacks harder by storing user-specific salts in the password file – Salt is derived from time of day and process ID of /bin/passwd – Salt is included when computing password fingerprint – Two users who happen to have the same password will have different fingerprints – Makes guessing attacks harder, can’t just build a single table of fingerprints and passwords and use it for any password file 13

14 Defending against Attacks Store an encrypted version of the password in the password file Need to keep encryption key away from attackers As opposed to fingerprints, this approach allows system to easily re-compute password if necessary – e.g., have system email password to predefined email address when user forgets password Has become the norm for many websites 14

15 Interception Attacks Attacker intercepts password while it is being transmitted to website One-time passwords make intercepted password useless for later logins – In a challenge-response protocol, the server sends a random challenge to the client – Client uses challenge and password as an input to a function and computes a one-time password – Client sends one-time password to server – Server checks whether client’s response is valid – Given intercepted challenge and response, attacker might be able to brute-force password 15

16 Graphical Passwords Graphical passwords are an alternative to text- based passwords Multiple techniques, e.g., – User chooses a picture; to log in, user has to re- identify this picture in a set of pictures – User chooses set of places in a picture; to log in, user has to click on each place Issues similar to text-based passwords arise – e.g., choice of places is not necessarily random Shoulder surfing becomes a problem 16

17 Graphical Passwords 17

18 Server authentication With the help of a password, system authenticates user (client)‏ But user should also authenticate system (server) so that password does not end up with attacker instead! 18

19 Server authentication Classic attack: – have a program display a fake login screen – when user “logs in”, programs prints error message, sends captured user ID and password to attacker and ends current session which will start actual login screen – That’s why Windows requires you to press for login Always gives login window and cannot be overridden Today’s attack: Phishing 19

20 Biometrics Authenticate based on physical characteristics – Fingerprints, iris scan, voice, handwriting, typing pattern,… Unfortunately, they have their own problems If observed trait is sufficiently close to previously stored trait, accept user – Observed fingerprint will never be completely identical to a previously stored fingerprint of the same user 20

21 Local vs. Remote Authentication Biometrics work well for local authentication, – but are less suited for remote authentication or for identification In local authentication, a guard can ensure: – I put my own finger on a fingerprint scanner, not one made out of gelatin – I stand in front of a camera and don’t just hold up a picture of somebody else In remote authentication, this is much more difficult 21

22 Authentication vs. Identification Authentication: Does a captured trait correspond to a particular stored trait? Identification: Does a captured trait correspond to any of the stored traits? – a search problem, which is made worse by the fact that in biometrics matches are based on closeness – False positives can make biometrics-based identification useless False positive: Alice is accepted as Bob False negative: Alice is incorrectly rejected as Alice 22

23 Biometrics-based Identification Example ( from Bruce Schneier’s “Beyond Fear”) – Face-recognition software with (unrealistic) accuracy of 99.9% is used in a football stadium to detect terrorists 1-in-1,000 chance that a terrorist is not detected 1-in-1,000 chance that innocent person is flagged as terrorist – If one in 10 million stadium attendees is a known terrorist, there will be 10,000 false alarms for every real terrorist 23

24 Other Problems with Biometrics Privacy concerns – Why should my employer (or a website) have information about my fingerprints, iris,..? Aside: Why should a website know my date of birth, my mother’s maiden name,… for “secret questions”? – What if this information leaks? Getting a new password is easy, but much more difficult for biometrics Accuracy: False negatives are annoying – What if there is no other way to authenticate? – What if I grow a beard, hurt my finger,…? 24

25 Lecture 20 Trusted Operating System CS 450/650 Fundamentals of Integrated Computer Security Slides are modified from Hesham El-Rewini

26 Trusted OS Design OS is a complex system – difficult to design – Adding the responsibility of security enforcement makes it even more difficult Clear mapping from security requirements to the design Design must be checked using formal reviews or simulation Requirements  design  testing

27 Security Design Principles Least privilege – users, programs, fewest privilege possible Economy of mechanism – small, simple, straight forward Open design – extensive public scrutiny Complete mediation – every attempt must be checked

28 Security Design Principles Permission based – denial of access is the default Separation of privilege – more than one condition Least common mechanism – the risk of sharing Ease of use – unlikely to be avoided

29 OS Functions 29

30 Security features in ordinary OS Authentication of users – password comparison Protection of memory – user space, paging, segmentations File and I/O device access control – access control matrix Allocation & access control to general objects – table lookup

31 Security features in ordinary OS Enforcement of sharing – integrity, consistency Fair service – no starvation Interprocess communication & synchronization – table lookup Protection of OS protection data – encryption, hardware control, isolation

32 Trusted OS Functions 32

33 Security features of Trusted OS Identification and Authentication Mandatory and Discretionary Access Control Object reuse protection Complete mediation (all accesses are checked) Trusted path Accountability and Audit (security log) Audit log reduction Intrusion detection (patterns of normal system usages, anomalies)

34 Kernel OS part that performs lowest level functions User tasks OS OS Kernel Hardware

35 Security Kernel responsible for enforcing security mechanisms of the entire OS Coverage – ensure that every access is checked Separation – security mechanisms are isolated from the rest of OS and from user space  easier to protect Unity – all security mechanisms are performed by a single set of code  easier to trace problems

36 Security Kernel Modifiability – security mechanism changes are easier to make and test Compactness – relatively small Verifiability – formal methods, all situations are covered

Download ppt "Lecture 19 Overview. User Authentication Systems often have to identify and authenticate users – OS when a user logs in – Web server before handing out."

Similar presentations

Lecture 6 User Authentication (cont)

Lecture 6 User Authentication (cont)
CSC 386 – Computer Security Scott Heggen. Agenda Authentication Passwords Reducing the probability of a password being guessed Reducing the probability.

CSC 386 – Computer Security Scott Heggen. Agenda Authentication Passwords Reducing the probability of a password being guessed Reducing the probability.
Lecture 18 Overview.

Lecture 18 Overview.
Two-Factor Authentication & Tools for Password Management August 29, 2014 Pang Chamreth, IT Development Innovations 1.

Two-Factor Authentication & Tools for Password Management August 29, 2014 Pang Chamreth, IT Development Innovations 1.
COEN 350: Network Security Authentication. Between human and machine Between machine and machine.

COEN 350: Network Security Authentication. Between human and machine Between machine and machine.
Access Control Methodologies

Access Control Methodologies
CMSC 414 Computer and Network Security Lecture 12 Jonathan Katz.

CMSC 414 Computer and Network Security Lecture 12 Jonathan Katz.
CS426Fall 2010/Lecture 81 Computer Security CS 426 Lecture 8 User Authentication.

CS426Fall 2010/Lecture 81 Computer Security CS 426 Lecture 8 User Authentication.
CS 483 – SD SECTION BY DR. DANIYAL ALGHAZZAWI (7) AUTHENTICATION.

CS 483 – SD SECTION BY DR. DANIYAL ALGHAZZAWI (7) AUTHENTICATION.
7-1 Last time Protection in General-Purpose Operating Systems History Separation vs. Sharing Segmentation and Paging Access Control Matrix Access Control.

7-1 Last time Protection in General-Purpose Operating Systems History Separation vs. Sharing Segmentation and Paging Access Control Matrix Access Control.
Lecture 2 Page 1 CS 236, Spring 2008 Security Principles and Policies CS 236 On-Line MS Program Networks and Systems Security Peter Reiher Spring, 2008.

Lecture 2 Page 1 CS 236, Spring 2008 Security Principles and Policies CS 236 On-Line MS Program Networks and Systems Security Peter Reiher Spring, 2008.
1 Chapter 11: Authentication Basics Passwords. 2 Establishing Identity Authentication: binding of identity to subject One or more of the following –What.

1 Chapter 11: Authentication Basics Passwords. 2 Establishing Identity Authentication: binding of identity to subject One or more of the following –What.
CMSC 414 Computer and Network Security Lecture 21 Jonathan Katz.

CMSC 414 Computer and Network Security Lecture 21 Jonathan Katz.
SE571 Security in Computing

SE571 Security in Computing
CMSC 414 Computer and Network Security Lecture 11 Jonathan Katz.

CMSC 414 Computer and Network Security Lecture 11 Jonathan Katz.
Authentication Approaches over Internet Jia Li

Authentication Approaches over Internet Jia Li
Chapter 10: Authentication Guide to Computer Network Security.

Chapter 10: Authentication Guide to Computer Network Security.
Csci5233 Computer Security1 Bishop: Chapter 12 Authentication.

Csci5233 Computer Security1 Bishop: Chapter 12 Authentication.
14.1 Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display. Chapter 14 Entity Authentication.

14.1 Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display. Chapter 14 Entity Authentication.
Lecture 7 Page 1 CS 236 Online Password Management Limit login attempts Encrypt your passwords Protecting the password file Forgotten passwords Generating.

Lecture 7 Page 1 CS 236 Online Password Management Limit login attempts Encrypt your passwords Protecting the password file Forgotten passwords Generating.

Similar presentations

Ads by Google