Authentication Protocols Natalie DeKoker, Lindsay Haley, Jordan Lunda, Matty Ott.

Slides:

Advertisements

Similar presentations

Authentication.

Advertisements

Key distribution and certification In the case of public key encryption model the authenticity of the public key of each partner in the communication must.

Kerberos 1 Public domain image of Heracles and Cerberus. From an Attic bilingual amphora, 530–520 BC. From Italy (?).

Authenticating Users. Objectives Explain why authentication is a critical aspect of network security Explain why firewalls authenticate and how they identify.

Wireless LAN  Setup & Optimizing Wireless Client in Linux  Hacking and Cracking Wireless LAN  Setup Host Based AP ( hostap ) in Linux & freeBSD  Securing.

1 Configuring Virtual Private Networks for Remote Clients and Networks.

Hands-On Microsoft Windows Server 2003 Administration Chapter 11 Administering Remote Access Services.

802.1x EAP Authentication Protocols

Security+ Guide to Network Security Fundamentals, Third Edition Chapter 8 Authentication.

Wireless LAN Security Framework Backend AAA Infrastructure RADIUS, TACACS+, LDAP, Kerberos TLSLEAPTTLSPEAPMD5 VPN EAP PPP x EAP API.

(Remote Access Security) AAA. 2 Authentication User named "flannery" dials into an access server that is configured with CHAP. The access server will.

ISA 3200 NETWORK SECURITY Chapter 10: Authenticating Users.

KerberSim CMPT 495 Fall 2004 Jerry Frederick. Project Goals Become familiar with Kerberos flow Create a simple Kerberos simulation.

Chapter 16 AAA. AAA Components  AAA server –Authenticates users accessing a device or network –Authorizes user to perform specific activities –Performs.

FIREWALLS & NETWORK SECURITY with Intrusion Detection and VPNs, 2 nd ed. 10 Authenticating Users By Whitman, Mattord, & Austin© 2008 Course Technology.

Principles of Computer Security: CompTIA Security + ® and Beyond, Third Edition © 2012 Principles of Computer Security: CompTIA Security+ ® and Beyond,

Using RADIUS Within the Framework of the School Environment Charles Bolen Systems Engineer December 6, 2011.

RADIUS Server PAP & CHAP Protocols. Computer Security  In computer security, AAA protocol commonly stands for authentication, authorization and accounting.

Remote Networking Architectures

1 © 2005 Cisco Systems, Inc. All rights reserved. 111 © 2004, Cisco Systems, Inc. All rights reserved.

Point-to-Point Protocol (PPP) Security Connecting to remote access servers (RASs) PPP authentication PPP confidentiality Point-to-Point Tunneling Protocol.

Virtual Private Networks

Introduction to Kerberos Kerberos and Domain Authentication.

S6C12 - AAA AAA Facts. AAA Defined Authentication, Authorization, and Accounting Central Management of AAA –Information in a single, centralized, secure.

Module 11: Supporting Remote Users. Overview Establishing Remote Access Connections Connecting to Virtual Private Networks Configuring Authentication.

Chapter 11: Dial-Up Connectivity in Remote Access Designs

EAP Overview (Extensible Authentication Protocol) Team Golmaal: Vaibhav Sharma Vineet Banga Manender Verma Lovejit Sandhu Abizar Attar.

Using RADIUS Within the Framework of the School Environment Ed Register Consultant April 6, 2011.

1 Microsoft Windows NT 4.0 Authentication Protocols Password Authentication Protocol (PAP) Challenge Handshake Authentication Protocol (CHAP) Microsoft.

Virtual Private Networks (Tunnels). When Are VPN Tunnels Used? VPN with PPTP tunnel Used if: All routers support VPN tunnels You are using MS-CHAP or.

Virtual Private Networks Alberto Pace. IT/IS Technical Meeting – January 2002 What is a VPN ? u A technology that allows to send confidential data securely.

Microsoft Windows Server 2003 TCP/IP Protocols and Services Technical Reference Slide: 1 Lesson 23 Virtual Private Networks (VPNs)

1 © 2005 Cisco Systems, Inc. All rights reserved. 111 © 2004, Cisco Systems, Inc. All rights reserved. CNIT 221 Security 1 ver.2 Module 7 City College.

Guide to Operating System Security Chapter 9 Web, Remote Access, and VPN Security.

Configuring Routing and Remote Access(RRAS) and Wireless Networking

SYSTEM ADMINISTRATION Chapter 13 Security Protocols.

Virtual Private Network (VPN) SCSC 455. VPN A virtual private network that is established over, in general, the Internet – It is virtual because it exists.

Mobile and Wireless Communication Security By Jason Gratto.

Module 9: Planning Network Access. Overview Introducing Network Access Selecting Network Access Connection Methods Selecting a Remote Access Policy Strategy.

WIRELESS LAN SECURITY Using

Authenticating Users Chapter 6. Learning Objectives Understand why authentication is a critical aspect of network security Describe why firewalls authenticate.

Remote Access Chapter 4. Learning Objectives Understand implications of IEEE 802.1x and how it is used Understand VPN technology and its uses for securing.

11 SECURING COMMUNICATIONS Chapter 7. Chapter 7: SECURING COMMUNICATIONS2 CHAPTER OBJECTIVES  Explain how to secure remote connections.  Describe how.

Network Security. Permission granted to reproduce for educational use only.© Goodheart-Willcox Co., Inc. Remote Authentication Dial-In User Service (RADIUS)

The Windows NT ® 5.0 Public Key Infrastructure Charlie Chase Program Manager Windows NT Security Microsoft Corporation.

1 Chapter 8 Panko, Corporate Computer and Network Security Copyright 2004 Prentice-Hall Cryptographic Systems: SSL/TLS, VPNs, and Kerberos.

1 Chapter 8 Copyright 2003 Prentice-Hall Cryptographic Systems: SSL/TLS, VPNs, and Kerberos.

1 Chapter 8 Panko, Corporate Computer and Network Security Copyright 2004 Prentice-Hall Cryptographic Systems: SSL/TLS, VPNs, and Kerberos.

Module 8: Designing Network Access Solutions. Module Overview Securing and Controlling Network Access Designing Remote Access Services Designing RADIUS.

1 © 2005 Cisco Systems, Inc. All rights reserved. 111 © 2004, Cisco Systems, Inc. All rights reserved.

1 Chapter 12: VPN Connectivity in Remote Access Designs Designs That Include VPN Remote Access Essential VPN Remote Access Design Concepts Data Protection.

11.59 © 2004 Pearson Education, Inc. Exam Managing and Maintaining a Microsoft® Windows® Server 2003 Environment Lesson 11: Introducing WINS, DNS,

Shambhu Upadhyaya Security –Upper Layer Authentication Shambhu Upadhyaya Wireless Network Security CSE 566 (Lecture 10)

Cisco’s Secure Access Control Server (ACS)

Mastering Windows Network Forensics and Investigation Chapter 13: Logon and Account Logon Events.

Kerberos Named after a mythological three-headed dog that guards the underworld of Hades, Kerberos is a network authentication protocol that was designed.

Network access security methods Unit objective Explain the methods of ensuring network access security Explain methods of user authentication.

Kerberos. What is Kerberos? Network authentication protocol Developed at MIT in the mid 1980s Available as open source or in supported commercial software.

Module 8: Designing Security for Authentication. Overview Creating a Security Plan for Authentication Creating a Design for Security of Authentication.

Kerberos  Kerberos was a 3-headed dog in Greek mythology Guarded the gates of the deadGuarded the gates of the dead Decided who might enterDecided who.

Configuring AAA Kamyar Miremadi Laila Sherif Summer 2005.

© ITT Educational Services, Inc. All rights reserved. IS3230 Access Security Unit 7 Authentication Methods and Requirements.

KERBEROS SYSTEM Kumar Madugula.

This courseware is copyrighted © 2016 gtslearning. No part of this courseware or any training material supplied by gtslearning International Limited to.

1 Example security systems n Kerberos n Secure shell.

Introduction to Port-Based Network Access Control EAP, 802.1X, and RADIUS Anthony Critelli Introduction to Port-Based Network Access Control.

Network Security. Permission granted to reproduce for educational use only.© Goodheart-Willcox Co., Inc. Remote Authentication Dial-In User Service (RADIUS)

Virtual Private Networks

Microsoft Windows NT 4.0 Authentication Protocols

Radius, LDAP, Radius used in Authenticating Users

Presentation transcript:

Authentication Protocols Natalie DeKoker, Lindsay Haley, Jordan Lunda, Matty Ott

Protocols and Security Point-to-Point Protocol (PPP) Direct Connection Between Two Computers Authenticates, Encrypts, Compresses Network Control Protocol Runs Atop PPP and negotiates options for PPP

Protocols Password Authentication Protocol (PAP) Uses Password to validate Users MS-CHAP Microsoft’s Authentication Protocol for Virtual Private Networks

Security Security (AAA) Authentication, Authorization, and Accounting (AAA) Dictates which users have access or control over parts of the network

RADIUS Remote Authentication Dial-In User Service (RADIUS) The more common between the AAA standards 3 devices: Radius Server, Network Access Servers (NASs), and group of systems that dial into the network Internet Authentication Service (IAS) most common built in with most Windows Server operating systems FreeRADIUS UNIX/LINUX

TACACS+ Terminal Access Controller Access Control System Plus

Kerberos Key Distribution Center (KDC) Authentication Server (AS) Ticket-Granting Service Ticket-Granting Ticket (TGT) 2:15 PM Expires 12:15 AM lcelin1 geauxtigers lsaceldsainasdf1 gjhyeaubsfxtishjgeascrs 2:15 PM

Kerberos Key Distribution Center (KDC) Authentication Server (AS) Ticket-Granting Service Ticket-Granting Ticket (TGT) 2:15 PM

Kerberos - Strengths Time stamping forces new token requests Prevents 3 rd Parties from intercepting tokens Tokens not likely to be cracked within time span

Kerberos - Weaknesses If KDC goes down, no one has access Important to maintain backup Time stamping requires clients to have synchronized clocks

EAP Extensible Authentication Protocol (EAP) EAP-PSK

EAP EAP-TLS (Transport Layer Security) and EAP-MS-CHAP

EAP EAP-TTLS and EAP-MS-CHAPv2 Protected Extensible Authentication Protocol (PEAP)

EAP EAP-MD5 Fizzy Lifting Drinks 02a5c67f32b91ccfea Fizzy Lifting Drinks

EAP Lightweight Extensible Authentication Protocol (LEAP)

802.1x My Computer AuthenticatorAuthentication Server Port-Base Network Access Control (PNAC)

The End