Presentation is loading. Please wait.

Presentation is loading. Please wait.

Chapter 13: Managing Identity and Authentication.

Published byEthel Flowers Modified over 8 years ago

Similar presentations

Presentation on theme: "Chapter 13: Managing Identity and Authentication."— Presentation transcript:

1 Chapter 13: Managing Identity and Authentication

2 Controlling Access to Assets Comparing subjects and objects Types of access control – Preventative– Detective – Corrective– Deterrent – Recovery– Directive – Compensation – Administrative, logical/technical, physical The CIA Triad

3 Comparing Identification and Authentication 1/3 Registration and proofing of identity Authorization and accountability Authentication factors – Type 1: Something you know – Type 2: Something you have – Type 3: Something you are

4 Comparing Identification and Authentication 2/3 Passwords – Strong passwords Age, complexity, length, history – Passphrases – Cognitive – One-time passwords Smartcards – Common Access Card (CAC) – Personal Identity Verification (PIV) card

5 Comparing Identification and Authentication 3/3 Tokens – Synchronous dynamic password tokens – Asynchronous dynamic password tokens Biometrics – Fingerprints, face, retina, iris, palm, hand geometry, heart/pulse, voice, signature, keystroke – Errors: Type 1: FRR and Type 2: FAR CER Multifactor authentication Device authentication

6 Implementing Identity Management 1/2 Centralized vs. decentralized Single sign-on – LDAP – PKI – Kerberos KDC, TGT, ST – Federation SAML, SPML, XACML – Scripted access, SESAME, KryptoKnight

7 Implementing Identity Management 2/2 Credential management systems Integrating identity services – IDaaS Managing sessions AAA protocols – RADIUS – TACACS+ – Diameter

8 Managing the Identity and Access Provisioning Life Cycle Provisioning Account review Account revocation

Download ppt "Chapter 13: Managing Identity and Authentication."

Similar presentations

© 2013 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Fundamentals of Information Systems Security.

© 2013 Jones and Bartlett Learning, LLC, an Ascend Learning Company All rights reserved. Fundamentals of Information Systems Security.
CISSP Luncheon Series: Access Control Systems & Methodology

CISSP Luncheon Series: Access Control Systems & Methodology
Access Control Methodologies

Access Control Methodologies
Authentication Chapter 2. Learning Objectives Create strong passwords and store them securely Understand the Kerberos authentication process Understand.

Authentication Chapter 2. Learning Objectives Create strong passwords and store them securely Understand the Kerberos authentication process Understand.
Authentication & Kerberos

Authentication & Kerberos
Cryptography and Network Security Chapter 15 Fifth Edition by William Stallings Lecture slides by Lawrie Brown.

Cryptography and Network Security Chapter 15 Fifth Edition by William Stallings Lecture slides by Lawrie Brown.
WSO2 Identity Server Road Map

WSO2 Identity Server Road Map
Security+ Guide to Network Security Fundamentals, Third Edition

Security+ Guide to Network Security Fundamentals, Third Edition
May 22, 2002 Joint Operations Group Discussion Overview Describe the UC Davis Security Architecture Describe Authentication Efforts at UC Davis Current.

May 22, 2002 Joint Operations Group Discussion Overview Describe the UC Davis Security Architecture Describe Authentication Efforts at UC Davis Current.
1 November 2004 1 Applicability of Biometrics As a Means of Authentication Scholarship for Service William Kwan.

1 November Applicability of Biometrics As a Means of Authentication Scholarship for Service William Kwan.
Introduction to Biometrics Dr. Pushkin Kachroo. New Field Face recognition from computer vision Speaker recognition from signal processing Finger prints.

Introduction to Biometrics Dr. Pushkin Kachroo. New Field Face recognition from computer vision Speaker recognition from signal processing Finger prints.
Security+ Guide to Network Security Fundamentals, Third Edition Chapter 8 Authentication.

Security+ Guide to Network Security Fundamentals, Third Edition Chapter 8 Authentication.
GUIDE TO BIOMETRICS CHAPTER I & II September 7 th 2005 Presentation by Tamer Uz.

GUIDE TO BIOMETRICS CHAPTER I & II September 7 th 2005 Presentation by Tamer Uz.
ISA 3200 NETWORK SECURITY Chapter 10: Authenticating Users.

ISA 3200 NETWORK SECURITY Chapter 10: Authenticating Users.
Copyright © 1995-2003 Clifford Neuman - UNIVERSITY OF SOUTHERN CALIFORNIA - INFORMATION SCIENCES INSTITUTE CSci530: Computer Security Systems Authentication.

Copyright © Clifford Neuman - UNIVERSITY OF SOUTHERN CALIFORNIA - INFORMATION SCIENCES INSTITUTE CSci530: Computer Security Systems Authentication.
Chapter 16 AAA. AAA Components  AAA server –Authenticates users accessing a device or network –Authorizes user to perform specific activities –Performs.

Chapter 16 AAA. AAA Components  AAA server –Authenticates users accessing a device or network –Authorizes user to perform specific activities –Performs.
FIREWALLS & NETWORK SECURITY with Intrusion Detection and VPNs, 2 nd ed. 10 Authenticating Users By Whitman, Mattord, & Austin© 2008 Course Technology.

FIREWALLS & NETWORK SECURITY with Intrusion Detection and VPNs, 2 nd ed. 10 Authenticating Users By Whitman, Mattord, & Austin© 2008 Course Technology.
.  Define authentication  Authentication credentials  Authentication models  Authentication servers  Extended authentication protocols  Virtual.

.  Define authentication  Authentication credentials  Authentication models  Authentication servers  Extended authentication protocols  Virtual.
Security-Authentication

Security-Authentication
Biometric Authentication Presenter: Yaoyu, Zhang Presenter: Yaoyu, Zhang.

Biometric Authentication Presenter: Yaoyu, Zhang Presenter: Yaoyu, Zhang.

Similar presentations

Ads by Google