Presentation is loading. Please wait.

Presentation is loading. Please wait.

Chapter 6 Authenticating People. FIGURE 6.0.F01: Authentication to protect computer resources.

Published byJulie Pierce Modified over 8 years ago

Similar presentations

Presentation on theme: "Chapter 6 Authenticating People. FIGURE 6.0.F01: Authentication to protect computer resources."— Presentation transcript:

1 Chapter 6 Authenticating People

2 FIGURE 6.0.F01: Authentication to protect computer resources.

3 FIGURE 6.0.F02: Performing the authentication.

4 TABLE 6.0.T01: Examples of authentication techniques

5 TABLE 6.0.T02: Levels of authentication threats

6 FIGURE 6.0.F03: Basic external attacks on authentication.

7 FIGURE 6.0.F04: Unix developers using a teletype. Reprinted with permission of Alcatel-Lucent USA Inc.

8 FIGURE 6.0.F05: Masking the space for typing a password. Courtesy of Dr. Richard Smith

9 FIGURE 6.0.F06: Procedure diagram of password hashing.

10 FIGURE 6.0.F07: Procedure diagram of a one-way hash function.

11 TABLE 6.0.T03: Modern hash functions and the size of their hash values

12 FIGURE 6.0.F08: Keystroke logger. Photo courtesy of KeyGhost.com

13 FIGURE 6.0.F09: Offline trial-and-error attack on Alice’s password hash.

14 EQUATION 6.0.Eq01

15 EQUATION 6.0.Eq02

16 EQUATION 6.0.Eq03

17 EQUATION 6.0.Eq04

18 TABLE 6.0.T04: Search space for random passwords or passphrases

19 FIGURE 6.0.F10: Decimal dice can produce truly random numbers. Courtesy of Dr. Richard Smith

20 TABLE 6.0.T05: Different degrees of cracking feasibility

21 FIGURE 6.0.F11: Dictionary attack by the Morris Worm.

22 EQUATION 6.0.Eq05

23 EQUATION 6.0.Eq06

24 FIGURE 6.0.F12: A four-digit luggage lock. Courtesy of Dr. Richard Smith

25 EQUATION 6.0.Eq07

26 EQUATION 6.0.Eq08

27 FIGURE 6.0.F13: Passive authentication tokens, front and back. Courtesy of Dr. Richard Smith

28 FIGURE 6.0.F14: A hand-operated challenge-response token. Courtesy of Dr. Richard Smith

29 FIGURE 6.0.F15: Using a challenge-response token.

30 FIGURE 6.0.F16: A challenge-response calculation. Courtesy of Dr. Richard Smith

31 FIGURE 6.0.F17: USB direct connect challenge response tokens. Courtesy of Dr. Richard Smith

32 FIGURE 6.0.F18: One-time password token. Courtesy of Dr. Richard Smith

33 FIGURE 6.0.F19: Generating a one-time password. Courtesy of Dr. Richard Smith

34 FIGURE 6.0.T06: Vulnerabilities of authentication tokens

35 TABLE 6.0.F20: Biometric fingerprint reader on a laptop’s keyboard. Courtesy of Dr. Richard Smith

36 FIGURE 6.0.F21: Elements of a biometric system.

37 EQUATION 6.0.Eq09

38 TABLE 6.0.T07: Household policy for a weak threat environment

39 TABLE 6.0.T08: Policy for a workplace using passwords against weak threats

40 TABLE 6.0.T09: Policy for a workplace using tokens and passwords against weak threats

41 TABLE 6.0.T10: Extending the password policy from Table 6.8 for strong threats

42 TABLE 6.0.T11: Policy from Table 6.8 extended to apply biometrics to strong threats

43 TABLE 6.0.T12: Extending the token policy from Table 6.9 for strong threats

Download ppt "Chapter 6 Authenticating People. FIGURE 6.0.F01: Authentication to protect computer resources."

Similar presentations

Lecture 6 User Authentication (cont)

Lecture 6 User Authentication (cont)
Password Cracking Lesson 10. Why crack passwords?

Password Cracking Lesson 10. Why crack passwords?
CS470, A.SelcukCryptographic Authentication1 Cryptographic Authentication Protocols CS 470 Introduction to Applied Cryptography Instructor: Ali Aydin Selcuk.

CS470, A.SelcukCryptographic Authentication1 Cryptographic Authentication Protocols CS 470 Introduction to Applied Cryptography Instructor: Ali Aydin Selcuk.
Lecture slides prepared for “Computer Security: Principles and Practice”, 2/e, by William Stallings and Lawrie Brown, Chapter 3 “User Authentication”.

Lecture slides prepared for “Computer Security: Principles and Practice”, 2/e, by William Stallings and Lawrie Brown, Chapter 3 “User Authentication”.
1 Authentication with Passwords Prof. Ravi Sandhu Executive Director and Endowed Chair February 1, 2013 © Ravi.

1 Authentication with Passwords Prof. Ravi Sandhu Executive Director and Endowed Chair February 1, © Ravi.
COEN 350: Network Security Authentication. Between human and machine Between machine and machine.

COEN 350: Network Security Authentication. Between human and machine Between machine and machine.
CS426Fall 2010/Lecture 81 Computer Security CS 426 Lecture 8 User Authentication.

CS426Fall 2010/Lecture 81 Computer Security CS 426 Lecture 8 User Authentication.
Chapter 12: Authentication Basics Passwords Challenge-Response Biometrics Location Multiple Methods Computer Security: Art and Science ©2002-2004 Matt.

Chapter 12: Authentication Basics Passwords Challenge-Response Biometrics Location Multiple Methods Computer Security: Art and Science © Matt.
1 Chapter 11: Authentication Basics Passwords. 2 Establishing Identity Authentication: binding of identity to subject One or more of the following –What.

1 Chapter 11: Authentication Basics Passwords. 2 Establishing Identity Authentication: binding of identity to subject One or more of the following –What.
Sanjay Goel University at Albany, School of Business NYS Center for Information Forensics and Assurance 1 Password Protection.

Sanjay Goel University at Albany, School of Business NYS Center for Information Forensics and Assurance 1 Password Protection.
Sanjay Goel, School of Business/NYS Center for Information Forensics and Assurance University at Albany Proprietary Information 1 Unit Outline Information.

Sanjay Goel, School of Business/NYS Center for Information Forensics and Assurance University at Albany Proprietary Information 1 Unit Outline Information.
Chapter 3 Passwords Principals Authenticate to systems.

Chapter 3 Passwords Principals Authenticate to systems.
第十章 1 Chapter 10 Authentication of People. 第十章 2 Introduction This chapter deals with password-related issues like how to force users to choose unguessable.

第十章 1 Chapter 10 Authentication of People. 第十章 2 Introduction This chapter deals with password-related issues like how to force users to choose unguessable.
Authentication. Terminology  Authentication التثبت من الهوية  Access Control (authorization) التحكم في الوصول  Note the difference between the two.

Authentication. Terminology  Authentication التثبت من الهوية  Access Control (authorization) التحكم في الوصول  Note the difference between the two.
CMSC 414 Computer and Network Security Lecture 21 Jonathan Katz.

CMSC 414 Computer and Network Security Lecture 21 Jonathan Katz.
CMSC 414 Computer and Network Security Lecture 22 Jonathan Katz.

CMSC 414 Computer and Network Security Lecture 22 Jonathan Katz.
CS470, A.SelcukAuthentication Systems1 CS 470 Introduction to Applied Cryptography Instructor: Ali Aydin Selcuk.

CS470, A.SelcukAuthentication Systems1 CS 470 Introduction to Applied Cryptography Instructor: Ali Aydin Selcuk.
Chapter 15 Computer Security Techniques Patricia Roy Manatee Community College, Venice, FL ©2008, Prentice Hall Operating Systems: Internals and Design.

Chapter 15 Computer Security Techniques Patricia Roy Manatee Community College, Venice, FL ©2008, Prentice Hall Operating Systems: Internals and Design.
NS-H0503-02/11041 System Security. NS-H0503-02/11042 Authentication Verifying the identity of another entity Two interesting cases (for this class): –Computer.

NS-H /11041 System Security. NS-H /11042 Authentication Verifying the identity of another entity Two interesting cases (for this class): –Computer.
Csci5233 Computer Security1 Bishop: Chapter 12 Authentication.

Csci5233 Computer Security1 Bishop: Chapter 12 Authentication.

Similar presentations

Ads by Google