ee4215_c4 - Logistic Security Approaches Content Passwords...

Info iconThis preview shows pages 1–14. Sign up to view the full content.

View Full Document Right Arrow Icon
Logistic Security Approaches
Background image of page 1

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full Document Right Arrow Icon
Content Passwords Key Management Protocol Access Control Covert Channel Composing Security Privileges and Roles Security Kernels
Background image of page 2
Logistic approaches are based on management techniques to provide the security measurements Typical approaches: password, Key management protocols, access control, covert channel, composing security, privileges and roles, security kernel
Background image of page 3

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full Document Right Arrow Icon
4.1 Passwords Is the only explicit protection used to authenticate identity for access to a computer system most common techniques are: user generated password computer generated password tunable password
Background image of page 4
4.1.1 User Generated Password Created by user for his own use selected passwords are normally pleasant or enjoyable images of their mind require no writing down of passwords - more safe but is quite easy to guess can be cracked by electronic search because high percentage are words in Dictionary
Background image of page 5

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full Document Right Arrow Icon
Example from Internet Attack 1988 with passwords start with ‘a’ Aaa Anything Andromache Aerobics Anvils Airplane Arrow Amorphous Albatross Ariadne Albert Atmosphere Aria Alexander Athen Ama Academia Arthur Alphabet Azure Anchor Albany aztecs animals analog answer Aliases
Background image of page 6
Obvious Personal Attributes Spouse’s name, children’s name, pet name, birthday license plate number, telephone number initials year of marriage female surname or name (are sufficient to get into various account in Bell Labs)
Background image of page 7

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full Document Right Arrow Icon
Keyboard Patterns Ghghgh bbbbb 123-09 qwppo 1qaz etc
Background image of page 8
Re-used passwords Normally, users with access to various systems will maintain the same password pattern if attacker crack a password in a less secured environment, the same password may be used to crack some more secured system
Background image of page 9

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full Document Right Arrow Icon
4.1.2 Computer Generated Password Created by computer to be less predictable poor password can be removed from system normal a choice of password is provided to prevent possible attack, password aging technique is used, that is new password is generated periodically disadvantage: difficult to remember
Background image of page 10
4.1.3 Tunable Password Compromise approach for user and computer generated password allows system administrator to provide users with part of a password user can use this to construct a new password according to specified rules Example: computer generated w5G and user can provide pra w n 5G RAND or w hy5 5 _ G o60 advanatge: of both user and CG password
Background image of page 11

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full Document Right Arrow Icon
4.1.4 Dynamic Password Similar to tunable password the CG password part is generated by computer and a tag (portable device) which automatically change periodically and user part is kept the same Normally use time as an input to generate the password thus require synchronization of Password Generation Advantage: prevent tapping the static password via the network
Background image of page 12
4.1.5 Password Cracking Critical consideration for selecting password protection
Background image of page 13

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full Document Right Arrow Icon
Image of page 14
This is the end of the preview. Sign up to access the rest of the document.

{[ snackBarMessage ]}

Page1 / 81

ee4215_c4 - Logistic Security Approaches Content Passwords...

This preview shows document pages 1 - 14. Sign up to view the full document.

View Full Document Right Arrow Icon
Ask a homework question - tutors are online