ch03 - Computer Security: Principles and Practice Chapter 3...

Info iconThis preview shows pages 1–6. Sign up to view the full content.

View Full Document Right Arrow Icon
Computer Security: Principles and Practice First Edition by William Stallings and Lawrie Brown Lecture slides by Lawrie Brown Chapter 3 Chapter 3 User Authentication User Authentication
Background image of page 1

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
2 User Authentication fundamental security building block is the process of verifying an identity claimed by or for a system entity has two steps: identification - specify identifier verification - bind entity (person) and identifier distinct from message authentication
Background image of page 2
3 Means of User Authentication four means of authenticating user's identity based one something the individual knows - e.g. password, PIN possesses - e.g. key, token, smartcard is (static biometrics) - e.g. fingerprint, retina does (dynamic biometrics) - e.g. voice, sign can use alone or combined all can provide user authentication all have issues
Background image of page 3

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
4 Password Authentication widely used user authentication method user provides name/login and password system compares password with that saved for specified login authenticates ID of user logging and that the user is authorized to access system determines the user’s privileges is used in discretionary access control
Background image of page 4
5 Password Vulnerabilities offline dictionary attack specific account attack popular password attack password guessing against single user workstation hijacking exploiting user mistakes exploiting multiple password use electronic monitoring
Background image of page 5

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
Image of page 6
This is the end of the preview. Sign up to access the rest of the document.

This note was uploaded on 02/05/2011 for the course CS 2105 taught by Professor Ana during the Fall '09 term at National University of Singapore.

Page1 / 26

ch03 - Computer Security: Principles and Practice Chapter 3...

This preview shows document pages 1 - 6. Sign up to view the full document.

View Full Document Right Arrow Icon
Ask a homework question - tutors are online