Chapter08 - Security Guide to Network Security Fundamentals Third Edition Chapter 8 Authentication Objectives Define authentication Describe the

Info iconThis preview shows pages 1–12. Sign up to view the full content.

View Full Document Right Arrow Icon
Security+ Guide to Network Security Fundamentals, Third Edition Chapter 8 Authentication
Background image of page 1

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
Security+ Guide to Network Security Fundamentals, Third Edition Objectives Define authentication Describe the different types of authentication credentials List and explain the authentication models 2
Background image of page 2
Security+ Guide to Network Security Fundamentals, Third Edition Objectives (continued) Define authentication servers Describe the different extended authentication protocols Explain how a virtual private network functions 3
Background image of page 3

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
Security+ Guide to Network Security Fundamentals, Third Edition Definition of Authentication Authentication can be defined in two contexts The first is viewing authentication as it relates to access control The second is to look at it as one of the three key elements of security—authentication, authorization, and accounting 4
Background image of page 4
Security+ Guide to Network Security Fundamentals, Third Edition Authentication and Access Control Terminology Access control is the process by which resources or services are granted or denied Identification The presentation of credentials or identification Authentication The verification of the credentials to ensure that they are genuine and not fabricated Authorization Granting permission for admittance Access is the right to use specific resources 5
Background image of page 5

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
Security+ Guide to Network Security Fundamentals, Third Edition Authentication, Authorization, and Accounting (AAA) Authentication in AAA provides a way of identifying a user Typically by having them enter a valid password before granting access Authorization is the process that determines whether the user has the authority to carry out certain tasks Often defined as the process of enforcing policies Accounting measures the resources a user “consumes” during each network session 6
Background image of page 6
Security+ Guide to Network Security Fundamentals, Third Edition Authentication, Authorization, and Accounting (AAA) (continued) The information can then be used in different ways: To find evidence of problems For billing For planning AAA servers Servers dedicated to performing AAA functions Can provide significant advantages in a network 7
Background image of page 7

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
Security+ Guide to Network Security Fundamentals, Third Edition Authentication Credentials Types of authentication, or authentication credentials Passwords One-time passwords Standard biometrics Behavioral biometrics Cognitive biometrics 8
Background image of page 8
Security+ Guide to Network Security Fundamentals, Third Edition One-Time Passwords Standard passwords are typically static in nature One-time passwords (OTP) Dynamic passwords that change frequently Systems using OTPs generate a unique password on demand that is not reusable The most common type is a time-synchronized OTP Used in conjunction with a token The token and a corresponding authentication server share the same algorithm Each algorithm is different for each user’s token 9
Background image of page 9

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
Security+ Guide to Network Security Fundamentals, Third Edition One-Time Passwords (continued) 10
Background image of page 10
Security+ Guide to Network Security Fundamentals, Third Edition 11
Background image of page 11

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
Image of page 12
This is the end of the preview. Sign up to access the rest of the document.

This note was uploaded on 06/13/2010 for the course CITX CITX 1150 taught by Professor P.whalen during the Fall '09 term at British Columbia Institute of Technology.

Page1 / 51

Chapter08 - Security Guide to Network Security Fundamentals Third Edition Chapter 8 Authentication Objectives Define authentication Describe the

This preview shows document pages 1 - 12. Sign up to view the full document.

View Full Document Right Arrow Icon
Ask a homework question - tutors are online