1 Identification Who are you? How do I know you are who you say you are?

Slides:



Advertisements
Similar presentations
Chapter ADCS CS262/0898/V1 Chapter 1 An Introduction To Computer Security TOPICS Introduction Threats to Computer Systems –Threats, Vulnerabilities.
Advertisements

Computer Security CIS326 Dr Rachel Shipsey.
© State Services Commission, 2006 Authentication to access government services What might the future hold? Laurence Millar Deputy Commissioner Information.
Excel Lesson 16 Protecting, Tracking, and Sharing Workbooks Microsoft Office 2010 Advanced Cable / Morrison 1.
CSC 386 – Computer Security Scott Heggen. Agenda Authentication Passwords Reducing the probability of a password being guessed Reducing the probability.
BP5- METHODS BY WHICH PERSONAL DATA CAN BE PROTECTED Data Protection.
Networks. User access and levels Most network security involves users having different levels of user access to the network. The network manager will.
CS 483 – SD SECTION BY DR. DANIYAL ALGHAZZAWI (7) AUTHENTICATION.
BTC - 1 Biometrics Technology Centre (BTC) Biometrics Solution for Authentication Prof. David Zhang Director Biometrics Technology Centre (UGC/CRC) Department.
Security strategy. What is security strategy? How an organisation plans to protect and respond to security attacks on their information technology assets.
It’s always better live. MSDN Events Security Best Practices Part 2 of 2 Reducing Vulnerabilities using Visual Studio 2008.
Securing Data Storage Protecting Data at Rest Advanced Systems Group Dell Computer Asia Ltd.
CMSC 414 Computer and Network Security Lecture 14 Jonathan Katz.
Authentication System
CSCI 530 Lab Authentication. Authentication is verifying the identity of a particular person Example: Logging into a system Example: PGP – Digital Signature.
Cryptography and Network Security Chapter 11 Fifth Edition by William Stallings Lecture slides by Lawrie Brown.
Security. If I get 7.5% interest on $5,349.44, how much do I get in a month? (.075/12) = * 5, = $ What happens to the.004? =
CSC 386 – Computer Security Scott Heggen. Agenda Authentication.
Chapter 4.  Can technology alone provide the best security for your organization?
BUSINESS B1 Information Security.
Hash Functions A hash function H accepts a variable-length block of data M as input and produces a fixed-size hash value h = H(M) Principal object is.
GOLD UNIT 4 - IT SECURITY FOR USERS (2 CREDITS) Thomas Jenkins.
Copyright © 2013 by The McGraw-Hill Companies, Inc. All rights reserved. McGraw-Hill/Irwin Business Plug-In B6 Information Security.
Authentication and Authorization Authentication is the process of verifying a principal’s identity (but how to define “identity”?) –Who the person is –Or,
Databases and security continued CMSC 461 Michael Wilson.
10/8/20151 Computer Security Authentication. 10/8/20152 Entity Authentication Entity Authentication is the process of verifying a claimed identity It.
1 Lecture 8: Authentication of People what you know (password schemes) what you have (keys, smart cards, etc.) what you are (voice recognition, fingerprints,
Lecture 7 Page 1 CS 236 Online Challenge/Response Authentication Authentication by what questions you can answer correctly –Again, by what you know The.
Password authentication Basic idea –User has a secret password –System checks password to authenticate user Issues –How is password stored? –How does system.
G53SEC 1 Authentication and Identification Who? What? Where?
 Access Control 1 Access Control  Access Control 2 Access Control Two parts to access control Authentication: Are you who you say you are? – Determine.
Protection in General- Purpose OS Week-3. Our Main Concern In what way do operating systems protect one user’s process from inadvertent or malicious interaction.
Lecture 7 Page 1 CS 236, Spring 2008 Challenge/Response Authentication Authentication by what questions you can answer correctly –Again, by what you know.
Security in Computing Protection in General-Purpose Operating Systems.
CMSC 414 Computer and Network Security Lecture 20 Jonathan Katz.
Data Security.
G53SEC 1 Authentication and Identification Who? What? Where?
COEN 350: Network Security Authentication. Between human and machine Between machine and machine.
IT Security. What is Information Security? Information security describes efforts to protect computer and non computer equipment, facilities, data, and.
Changing Your Password General Lesson 3. Objectives Following completion of this lesson you will be able to:. Define how often a password must be changed.
Identification Authentication. 2 Authentication Allows an entity (a user or a system) to prove its identity to another entity Typically, the entity whose.
Authentication What you know? What you have? What you are?
CSCI 530 Lab Authentication. Authentication is verifying the identity of a particular person Example: Logging into a system Example: PGP – Digital Signature.
CSCE 201 Identification and Authentication Fall 2015.
My topic is…………. - It is the fundamental building block and the primary lines of defense in computer security. - It is a basic for access control and.
Lecture 7 Page 1 CS 236 Online Challenge/Response Authentication Authentication by what questions you can answer correctly –Again, by what you know The.
CSCI 530 Lab Passwords. Overview Authentication Passwords Hashing Breaking Passwords Dictionary Hybrid Brute-Force Rainbow Tables Detection.
1 Authentication Technologies Authentication Mechanisms –Something you know –Something you have –Something you are Features –Authenticator & Base secret.
Operating Systems Security 1. The Boot Sequence The action of loading an operating system into memory from a powered-off state is known as booting or.
 Encryption provides confidentiality  Information is unreadable to anyone without knowledge of the key  Hashing provides integrity  Verify the integrity.
Host and Application Security Lesson 8: You are you… mostly.
Chapter Six: Authentication 2013 Term 2 Access Control Two parts to access control Authentication: Are you who you say you are?  Determine whether access.
Cryptographic Hash Function. A hash function H accepts a variable-length block of data as input and produces a fixed-size hash value h = H(M). The principal.
INTRO TO COMPUTER SECURITY LECTURE 4 IDENTIFICATION AND AUTHENTICATION M M Waseem Iqbal
7/10/20161 Computer Security Protection in general purpose Operating Systems.
Challenge/Response Authentication
MANAGEMENT of INFORMATION SECURITY, Fifth Edition
3.6 Fundamentals of cyber security
Design for Security Pepper.
Identification and Authentication
Chapter One: Mastering the Basics of Security
Challenge/Response Authentication
INFORMATION SECURITY The protection of information from accidental or intentional misuse of a persons inside or outside an organization Comp 212 – Computer.
Security Barriers Asset Proper Access Attack Security System
Fun gym Cambridge Nationals R001.
Fun gym Cambridge Nationals R001.
Operating Systems Security
Computer Security Authentication
Computer Security Protection in general purpose Operating Systems
Chapter Goals Discuss the CIA triad
Presentation transcript:

1 Identification Who are you? How do I know you are who you say you are?

2 Process of Identification There are typically two stages: 1. Username for identification 2. Password for verification of identification (authentication)

3 Threats There are various ways in which a username/password identification system can be abused: Password guessing Password spoofing Reading the password file

4 Password Guessing This term refers to exhaustive and intelligent searches to try and determine the password of a user. How can these attacks be prevented -by the user, -by the system?

5 Spoofing Attacks The system verifies that the user is who they say they are. BUT does the user verify the system? A typical spoof attack is to create a program which pretends to be the system inviting the user to enter their username and password.

6 Reading the Password File The password file, where the system stores the data for verifying passwords is very sensitive to attacks. In an insecure system the password file will be a list of passwords indexed by username. An attacker with access to this file has potential knowledge of every password.

7 Protecting the Password File There are essentially two ways to secure the file: 1. Cryptographic protection 2. Access control over the file which is imposed by the operating system.

8 Cryptographic Protection This makes use of a one-way function which is defined as follows : A one-way function is a function f: X Y such that given x in X it is easy to compute y=f(x) in Y BUT given y in Y it is difficult to find an x in X such that y=f(x).

9 The password file is protected using a one-way function as follows: 1. The system receives the username and password (x) from the user. 2.It uses the one-way function on the password to transform it into a set of characters y=f(x). 3. The system does not store the password but instead stores y indexed by the username. 4. To verify a user, the system asks for the username and password (x) and computes y=f(x). 5. If the value of y indexed by the username is the same as y then the user is authenticated.

10 Which function to use? The security of such a system relies on the one-way function used. In general the function should not be too efficient!

11 Password Salting This process overcomes certain problems associated with a large user base where it is possible that two users may have the same password Before the password is (encrypted and) stored, the system adds some salt such as appending the username. Now all passwords should be unique.

12 Alternative methods for authentication There are many alternatives used. Some are for situations where risk is low and others where security is paramount. Something only you are likely to know such as your mothers maiden name, date of birth or postcode. Something you have such as a credit card. Fingerprints, retina patterns, palmprints… where you are - access may only be available in a secured area

13 Authentication Failure The system can fail in two ways: 1. It can accept an unauthorised user 2. It can reject an authorised user

14 Summary By now you should be familiar with: The process of identification and authentication Threats such as password guessing and password spoofing and ways the user and the system can protect themselves against these threats Protection of the password file using a one- way function

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.