Chapter 6 Authenticating People. FIGURE 6.0.F01: Authentication to protect computer resources.

Slides:

Advertisements

Similar presentations

Lecture 6 User Authentication (cont)

Advertisements

Password Cracking Lesson 10. Why crack passwords?

CS470, A.SelcukCryptographic Authentication1 Cryptographic Authentication Protocols CS 470 Introduction to Applied Cryptography Instructor: Ali Aydin Selcuk.

Lecture slides prepared for “Computer Security: Principles and Practice”, 2/e, by William Stallings and Lawrie Brown, Chapter 3 “User Authentication”.

1 Authentication with Passwords Prof. Ravi Sandhu Executive Director and Endowed Chair February 1, © Ravi.

COEN 350: Network Security Authentication. Between human and machine Between machine and machine.

CS426Fall 2010/Lecture 81 Computer Security CS 426 Lecture 8 User Authentication.

Chapter 12: Authentication Basics Passwords Challenge-Response Biometrics Location Multiple Methods Computer Security: Art and Science © Matt.

1 Chapter 11: Authentication Basics Passwords. 2 Establishing Identity Authentication: binding of identity to subject One or more of the following –What.

Sanjay Goel University at Albany, School of Business NYS Center for Information Forensics and Assurance 1 Password Protection.

Sanjay Goel, School of Business/NYS Center for Information Forensics and Assurance University at Albany Proprietary Information 1 Unit Outline Information.

Chapter 3 Passwords Principals Authenticate to systems.

第十章 1 Chapter 10 Authentication of People. 第十章 2 Introduction This chapter deals with password-related issues like how to force users to choose unguessable.

Authentication. Terminology  Authentication التثبت من الهوية  Access Control (authorization) التحكم في الوصول  Note the difference between the two.

CMSC 414 Computer and Network Security Lecture 21 Jonathan Katz.

CMSC 414 Computer and Network Security Lecture 22 Jonathan Katz.

CS470, A.SelcukAuthentication Systems1 CS 470 Introduction to Applied Cryptography Instructor: Ali Aydin Selcuk.

Chapter 15 Computer Security Techniques Patricia Roy Manatee Community College, Venice, FL ©2008, Prentice Hall Operating Systems: Internals and Design.

NS-H /11041 System Security. NS-H /11042 Authentication Verifying the identity of another entity Two interesting cases (for this class): –Computer.

Csci5233 Computer Security1 Bishop: Chapter 12 Authentication.

The Impact of Physical Security on Network Security

14.1 Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display. Chapter 14 Entity Authentication.

AIS, Passwords Should not be shared Should be changed by user Should be changed frequently and upon compromise (suspected unauthorized disclosure)

Chapter 6 Authenticating People

CIS 450 – Network Security Chapter 8 – Password Security.

Authentication and Authorization Authentication is the process of verifying a principal’s identity (but how to define “identity”?) –Who the person is –Or,

EMBEDDED SECURITY EEN 417 Fall /6/13, Dr. Eric Rozier, V1.0, ECE Thanks to Edward Lee and Sanjit Seshia of UC Berkeley.

COEN 250 Authentication. Between human and machine Between machine and machine.

Computer Security: Principles and Practice First Edition by William Stallings and Lawrie Brown Lecture slides by Lawrie Brown Chapter 3 – User Authentication.

1 Lecture 8: Authentication of People what you know (password schemes) what you have (keys, smart cards, etc.) what you are (voice recognition, fingerprints,

Lecture 5 User Authentication modified from slides of Lawrie Brown.

1 Chapter 11: Authentication Basics Passwords. 2 Establishing Identity Authentication: binding of identity to subject One or more of the following –What.

Chapter 4 – Protection in General-Purpose Operating Systems Section 4.5 User Authentication.

Chapter 8 Secret and Public Keys. FIGURE 8.0.F01: Using a passphrase for a file encryption key.

Chapter 9 Encrypting Volumes. FIGURE 9.0.F01: A hard drive volume with full-disk encryption (FDE).

Password Security & Software Encryption n John Barthmaier n October 21, 2009.

Advanced Accounting Information Systems Day 23 Operating Systems Security October 16, 2009.

CSCE 522 Identification and Authentication. CSCE Farkas2Reading Reading for this lecture: Required: – Pfleeger: Ch. 4.5, Ch. 4.3 Kerberos – An Introduction.

Identification and Authentication CS432 - Security in Computing Copyright © 2005,2010 by Scott Orr and the Trustees of Indiana University.

1 Lect. 20. Identification. 2  Entity Authentication (Identification) Over the communication network, one party, Alice, shows to another party, Bob,

Privacy versus Authentication Confidentiality (Privacy) –Interceptors cannot read messages Authentication: proving the sender’s identity –The Problem of.

COEN 350: Network Security Authentication. Between human and machine Between machine and machine.

14.1 Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display. Chapter 14 Entity Authentication.

Internet Services and Chapter 15 Internet Services and .

Chapter 16 The World Wide Web. FIGURE 16.0.F01: A very, very simple Web page. Courtesy of Dr. Richard Smith.

COEN 350: Network Security Authentication. Between human and machine Between machine and machine.

Identification Authentication. 2 Authentication Allows an entity (a user or a system) to prove its identity to another entity Typically, the entity whose.

COMP9321 Web Application Engineering Semester 2, 2015 Dr. Amin Beheshti Service Oriented Computing Group, CSE, UNSW Australia Week 9 1COMP9321, 15s2, Week.

Chapter 5 Storing Files. FIGURE 5.0.F01: A simple magnetic tape drive. Photographed by Dr. Richard Smith at the Computer History Museum, California A.

Authentication Lesson Introduction ●Understand the importance of authentication ●Learn how authentication can be implemented ●Understand threats to authentication.

Authentication What you know? What you have? What you are?

COEN 351 Authentication. Authentication is based on What you know Passwords, Pins, Answers to questions, … What you have (Physical) keys, tokens, smart-card.

1 Authentication Protocols Rocky K. C. Chang 9 March 2007.

Chapter 12: Authentication Basics Passwords Challenge-Response Biometrics Location Multiple Methods Computer Security: Art and Science © Matt.

My topic is…………. - It is the fundamental building block and the primary lines of defense in computer security. - It is a basic for access control and.

CIS 450 – Network Security Chapter 10 – UNIX Password Crackers.

Chapter 3 User Authentication 1. RFC 4949 RFC 4949 defines user authentication as: “The process of verifying an identity claimed by or for a system entity.”

 Encryption provides confidentiality  Information is unreadable to anyone without knowledge of the key  Hashing provides integrity  Verify the integrity.

4 Securing Secure the hardware –Lock the server room and other ways to get access to the hardware. –Password protect the BIOS-setup Secure the NOS.

CSEN 1001 Computer and Network Security Amr El Mougy Mouaz ElAbsawi.

Chapter 13 Network Security Auditing Antivirus Firewalls Authentication Authorization Encryption.

Chapter 6 – Users, Groups, and Permissions

Authentication CSE 465 – Information Assurance Fall 2017 Adam Doupé

Controlling A Computer

Authentication by Passwords

Authentication CSE 365 – Information Assurance Fall 2018 Adam Doupé

From Passwords to Public keys Chapter 4 ~ Chapter 6

From Passwords to Public keys Chapter 10 ~ Chapter 12

COEN 351 Authentication.

Authentication CSE 365 – Information Assurance Fall 2019 Adam Doupé

Presentation transcript:

Chapter 6 Authenticating People

FIGURE 6.0.F01: Authentication to protect computer resources.

FIGURE 6.0.F02: Performing the authentication.

TABLE 6.0.T01: Examples of authentication techniques

TABLE 6.0.T02: Levels of authentication threats

FIGURE 6.0.F03: Basic external attacks on authentication.

FIGURE 6.0.F04: Unix developers using a teletype. Reprinted with permission of Alcatel-Lucent USA Inc.

FIGURE 6.0.F05: Masking the space for typing a password. Courtesy of Dr. Richard Smith

FIGURE 6.0.F06: Procedure diagram of password hashing.

FIGURE 6.0.F07: Procedure diagram of a one-way hash function.

TABLE 6.0.T03: Modern hash functions and the size of their hash values

FIGURE 6.0.F08: Keystroke logger. Photo courtesy of KeyGhost.com

FIGURE 6.0.F09: Offline trial-and-error attack on Alice’s password hash.

EQUATION 6.0.Eq01

EQUATION 6.0.Eq02

EQUATION 6.0.Eq03

EQUATION 6.0.Eq04

TABLE 6.0.T04: Search space for random passwords or passphrases

FIGURE 6.0.F10: Decimal dice can produce truly random numbers. Courtesy of Dr. Richard Smith

TABLE 6.0.T05: Different degrees of cracking feasibility

FIGURE 6.0.F11: Dictionary attack by the Morris Worm.

EQUATION 6.0.Eq05

EQUATION 6.0.Eq06

FIGURE 6.0.F12: A four-digit luggage lock. Courtesy of Dr. Richard Smith

EQUATION 6.0.Eq07

EQUATION 6.0.Eq08

FIGURE 6.0.F13: Passive authentication tokens, front and back. Courtesy of Dr. Richard Smith

FIGURE 6.0.F14: A hand-operated challenge-response token. Courtesy of Dr. Richard Smith

FIGURE 6.0.F15: Using a challenge-response token.

FIGURE 6.0.F16: A challenge-response calculation. Courtesy of Dr. Richard Smith

FIGURE 6.0.F17: USB direct connect challenge response tokens. Courtesy of Dr. Richard Smith

FIGURE 6.0.F18: One-time password token. Courtesy of Dr. Richard Smith

FIGURE 6.0.F19: Generating a one-time password. Courtesy of Dr. Richard Smith

FIGURE 6.0.T06: Vulnerabilities of authentication tokens

TABLE 6.0.F20: Biometric fingerprint reader on a laptop’s keyboard. Courtesy of Dr. Richard Smith

FIGURE 6.0.F21: Elements of a biometric system.

EQUATION 6.0.Eq09

TABLE 6.0.T07: Household policy for a weak threat environment

TABLE 6.0.T08: Policy for a workplace using passwords against weak threats

TABLE 6.0.T09: Policy for a workplace using tokens and passwords against weak threats

TABLE 6.0.T10: Extending the password policy from Table 6.8 for strong threats

TABLE 6.0.T11: Policy from Table 6.8 extended to apply biometrics to strong threats

TABLE 6.0.T12: Extending the token policy from Table 6.9 for strong threats