12 - Chapter 12 Authentication Basics Passwords...

Info iconThis preview shows pages 1–11. Sign up to view the full content.

View Full Document Right Arrow Icon
June 1, 2004 Computer Security: Art and Science ©2002-2004 Matt Bishop Slide #12-1 Chapter 12: Authentication Basics Passwords Challenge-Response Biometrics Location Multiple Methods
Background image of page 1

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full Document Right Arrow Icon
June 1, 2004 Computer Security: Art and Science ©2002-2004 Matt Bishop Slide #12-2 Overview Basics Passwords Storage Selection Breaking them Other methods Multiple methods
Background image of page 2
June 1, 2004 Computer Security: Art and Science ©2002-2004 Matt Bishop Slide #12-3 Basics Authentication: binding of identity to subject Identity is that of external entity (my identity, Matt, etc .) Subject is computer entity (process, etc .)
Background image of page 3

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full Document Right Arrow Icon
June 1, 2004 Computer Security: Art and Science ©2002-2004 Matt Bishop Slide #12-4 Establishing Identity One or more of the following What entity knows ( eg. password) What entity has ( eg. badge, smart card) What entity is ( eg. fingerprints, retinal characteristics) Where entity is ( eg . In front of a particular terminal)
Background image of page 4
June 1, 2004 Computer Security: Art and Science ©2002-2004 Matt Bishop Slide #12-5 Authentication System ( A , C , F , L , S ) A information that proves identity C information stored on computer and used to validate authentication information F complementation function; f : A C L functions that prove identity S functions enabling entity to create, alter information in A or C
Background image of page 5

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full Document Right Arrow Icon
June 1, 2004 Computer Security: Art and Science ©2002-2004 Matt Bishop Slide #12-6 Example Password system, with passwords stored on line in clear text A set of strings making up passwords C = A F singleton set of identity function { I } L single equality test function { eq } S function to set/change password
Background image of page 6
June 1, 2004 Computer Security: Art and Science ©2002-2004 Matt Bishop Slide #12-7 Passwords Sequence of characters Examples: 10 digits, a string of letters, etc . Generated randomly, by user, by computer with user input Sequence of words Examples: pass-phrases Algorithms Examples: challenge-response, one-time passwords
Background image of page 7

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full Document Right Arrow Icon
June 1, 2004 Computer Security: Art and Science ©2002-2004 Matt Bishop Slide #12-8 Storage Store as cleartext If password file compromised, all passwords revealed Encipher file Need to have decipherment, encipherment keys in memory Reduces to previous problem Store one-way hash of password If file read, attacker must still guess passwords or invert the hash
Background image of page 8
June 1, 2004 Computer Security: Art and Science ©2002-2004 Matt Bishop Slide #12-9 Example UNIX system standard hash function Hashes password into 11 char string using one of 4096 hash functions As authentication system: A = { strings of 8 chars or less } C = { 2 char hash id || 11 char hash } F = { 4096 versions of modified DES } L = { login , su , … } S = { passwd , nispasswd , passwd+ , … }
Background image of page 9

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full Document Right Arrow Icon
June 1, 2004 Computer Security: Art and Science ©2002-2004 Matt Bishop
Background image of page 10
Image of page 11
This is the end of the preview. Sign up to access the rest of the document.

{[ snackBarMessage ]}

Page1 / 42

12 - Chapter 12 Authentication Basics Passwords...

This preview shows document pages 1 - 11. Sign up to view the full document.

View Full Document Right Arrow Icon
Ask a homework question - tutors are online