Chapter 13: Managing Identity and Authentication.

Slides:



Advertisements
Similar presentations
© 2013 Jones and Bartlett Learning, LLC, an Ascend Learning Company All rights reserved. Fundamentals of Information Systems Security.
Advertisements

CISSP Luncheon Series: Access Control Systems & Methodology
Access Control Methodologies
Authentication Chapter 2. Learning Objectives Create strong passwords and store them securely Understand the Kerberos authentication process Understand.
Authentication & Kerberos
Cryptography and Network Security Chapter 15 Fifth Edition by William Stallings Lecture slides by Lawrie Brown.
WSO2 Identity Server Road Map
Security+ Guide to Network Security Fundamentals, Third Edition
May 22, 2002 Joint Operations Group Discussion Overview Describe the UC Davis Security Architecture Describe Authentication Efforts at UC Davis Current.
1 November Applicability of Biometrics As a Means of Authentication Scholarship for Service William Kwan.
Introduction to Biometrics Dr. Pushkin Kachroo. New Field Face recognition from computer vision Speaker recognition from signal processing Finger prints.
Security+ Guide to Network Security Fundamentals, Third Edition Chapter 8 Authentication.
GUIDE TO BIOMETRICS CHAPTER I & II September 7 th 2005 Presentation by Tamer Uz.
ISA 3200 NETWORK SECURITY Chapter 10: Authenticating Users.
Copyright © Clifford Neuman - UNIVERSITY OF SOUTHERN CALIFORNIA - INFORMATION SCIENCES INSTITUTE CSci530: Computer Security Systems Authentication.
Chapter 16 AAA. AAA Components  AAA server –Authenticates users accessing a device or network –Authorizes user to perform specific activities –Performs.
FIREWALLS & NETWORK SECURITY with Intrusion Detection and VPNs, 2 nd ed. 10 Authenticating Users By Whitman, Mattord, & Austin© 2008 Course Technology.
.  Define authentication  Authentication credentials  Authentication models  Authentication servers  Extended authentication protocols  Virtual.
Security-Authentication
Biometric Authentication Presenter: Yaoyu, Zhang Presenter: Yaoyu, Zhang.
IT 4823 – Information Security Administration
Brian Dwyer – CITA370. Introduction  Network Device Security  Identity Management AAA Process Model ○ Authentication ○ Authorization ○ Accounting (Sometimes.
Dr. John P. Abraham Professor UTPA.  Particularly attacks university computers  Primarily originating from Korea, China, India, Japan, Iran and Taiwan.
Chapter 10: Authentication Guide to Computer Network Security.
Tonight 1) Where we are 2) Article Presentation(s) 3) Quiz 4) Lecture 5) In-class lab(s)
FORESEC Academy FORESEC Academy Security Essentials (II)
Access and Identity Management System (AIMS) Federal Student Aid PESC Fall 2009 Data Summit October 20, 2009 Balu Balasubramanyam.
ACCESS CONTROLS SZABIST – Spring Access Controls This chapter presents the following:  Identification methods and technologies  Authentication.
Fundamentals of Network Security Preparation for Security+ Certification Essential for any Information Technology professional.
Information Systems Security
Slides copyright 2010 by Paladin Group, LLC used with permission by UMBC Training Centers, LLC.
Entity Authentication
Le Trong Ngoc Security Fundamentals Entity Authentication Mechanisms 4/2011.
Access Control. 2 Domain Objectives Provide definitions and key concepts Identify access control categories and types Discuss access control threats Review.
Security Training at CCSF Last revised A.S. Degree.
Security PS Evaluating Password Alternatives Bruce K. Marshall, CISSP, IAM Senior Security Consultant
Biometrics Authentication Technology
Authentication Chapter 2. Learning Objectives Create strong passwords and store them securely Understand the Kerberos authentication process Understand.
2 Information System Security Association ISSA Buffalo Niagara CISSP Study Sessions Domain 1 – Access Control Systems and Methodology.
1 Figure 2-8: Access Cards Magnetic Stripe Cards Smart Cards  Have a microprocessor and RAM  More sophisticated than mag stripe cards  Release only.
Authentication What you know? What you have? What you are?
© ITT Educational Services, Inc. All rights reserved. IS3230 Access Security Unit 7 Authentication Methods and Requirements.
L. F. Coppenrath & Associates PASSWORD BIOPASSWORD ® Biometric Keystroke Dynamics Technology Overview.
COEN 351 Authentication. Authentication is based on What you know Passwords, Pins, Answers to questions, … What you have (Physical) keys, tokens, smart-card.
User Authentication  fundamental security building block basis of access control & user accountability  is the process of verifying an identity claimed.
LEARNING AREA 1 : INFORMATION AND COMMUNICATION TECHNOLOGY PRIVACY AUTHENTICATION VERIFICATION.
Technical Devices for Security Management Kathryn Hockman COSC 481.
Managing Secure Biometric Systems Meghan Armes IA Management April 24, 2007.
Michael Carlino. ROADMAP -Biometrics Definition -Different types -Future -Advantages -Disadvantages -Common Biometric Report -Current Issues.
WSO2 Identity Server. Small company (called company A) had few services deployed on one app server.
Understand User Authentication LESSON 2.1A Security Fundamentals.
Authentication, Authorization and Accounting Lesson 2.
Unit 4: Authentication and Access Control
Domain 5 – Identity and Access Management
MANAGEMENT of INFORMATION SECURITY, Fifth Edition
Authentication and Account Management
Chapter One: Mastering the Basics of Security
Biometrics : From Yesterday to Tomorrow
INFORMATION SECURITY The protection of information from accidental or intentional misuse of a persons inside or outside an organization Comp 212 – Computer.
CompTIA Security+ Study Guide (SY0-401)
CompTIA Security+ Study Guide (SY0-501)
Seminar Presentation on Biometrics
Chapter 13 Access Control
Managing User Security
Authentication Chapter 2.
COEN 351 Authentication.
Protection Mechanisms in Security Management
BY: Michael Etse and Maverick Fermill
Presentation transcript:

Chapter 13: Managing Identity and Authentication

Controlling Access to Assets Comparing subjects and objects Types of access control – Preventative– Detective – Corrective– Deterrent – Recovery– Directive – Compensation – Administrative, logical/technical, physical The CIA Triad

Comparing Identification and Authentication 1/3 Registration and proofing of identity Authorization and accountability Authentication factors – Type 1: Something you know – Type 2: Something you have – Type 3: Something you are

Comparing Identification and Authentication 2/3 Passwords – Strong passwords Age, complexity, length, history – Passphrases – Cognitive – One-time passwords Smartcards – Common Access Card (CAC) – Personal Identity Verification (PIV) card

Comparing Identification and Authentication 3/3 Tokens – Synchronous dynamic password tokens – Asynchronous dynamic password tokens Biometrics – Fingerprints, face, retina, iris, palm, hand geometry, heart/pulse, voice, signature, keystroke – Errors: Type 1: FRR and Type 2: FAR CER Multifactor authentication Device authentication

Implementing Identity Management 1/2 Centralized vs. decentralized Single sign-on – LDAP – PKI – Kerberos KDC, TGT, ST – Federation SAML, SPML, XACML – Scripted access, SESAME, KryptoKnight

Implementing Identity Management 2/2 Credential management systems Integrating identity services – IDaaS Managing sessions AAA protocols – RADIUS – TACACS+ – Diameter

Managing the Identity and Access Provisioning Life Cycle Provisioning Account review Account revocation