Presentation is loading. Please wait.

Presentation is loading. Please wait.

Access control techniques

Published byHerbert Nickolas Newton Modified over 6 years ago

Similar presentations

Presentation on theme: "Access control techniques"— Presentation transcript:

1 Access control techniques
1.User possessions : Tokens Memory Tokens : Storing information ATM Protection of pin code Smart Tokens : more powerful than memory tokens. Extension of Memory Tokens. More Integrated circuits into Memory Tokens

2 Access control techniques
2. Biometric Techniques Possession based Knowledge based Physiological based Behavioral biometric Multi biometric

3 Possession based : token which the user possesses
Possession based : token which the user possesses . Eg smart cards Problem :Token lost Knowledge based : token which user knows . Password and pin

4 Physiological based Kind of biometric uses physical traits such as
Fingerprint ,hand and face etc for authentication. Face Recognition: facial features of human being Fingerprint Recognition :reliable biometric characteristics. Iris Recognition: colored part of eyeball surrounding the pupil. Vein Recognition: like fingerprint ,veins. Ear Recognition: like face recognition. Shape not change with age. ECG (Electrocardiogram):test which perform to capture the electrical activity of the heart .

5 Behavioral Biometric : Speech pattern ,signature ,gait and keystrokes
Behavioral Biometric : Speech pattern ,signature ,gait and keystrokes . Gait : walking style of person. Keystroke : typing speed Multi –biometric:

6 Biometrics Applications
Authentication system Network security Combating cybercrimes Biometrics enabled smart cards E-commerce and internet

7 Intrusion Detection

8 Two step process Active components Passive components

9 Intrusion and Intrusion Detection
Intrusion : Attempting to break into or misuse your system. Intruders may be from outside the network or legitimate users of the network. Intrusion can be a physical, system or remote intrusion.

10 Different ways to intrude
Buffer overflows Unexpected combinations Unhandled input

11 Intrusion Detection Systems (IDS)
Intrusion Detection Systems look for attack signatures, which are specific patterns that usually indicate malicious or suspicious intent.

12 Intrusion Detection Systems (IDS)
Different ways of classifying an IDS IDS based on signature based misuse host based network based

13 Signature based IDS This IDS possess an attacked description that can be matched to sensed attack manifestations. The question of what information is relevant to an IDS depends upon what it is trying to detect. E.g DNS, FTP etc.

14 Signature based IDS (contd.)
ID system is programmed to interpret a certain series of packets, or a certain piece of data contained in those packets,as an attack. For example, an IDS that watches web servers might be programmed to look for the string “phf” as an indicator of a CGI program attack. Most signature analysis systems are based off of simple pattern matching algorithms. In most cases, the IDS simply looks for a sub string within a stream of data carried by network packets. When it finds this sub string (for example, the ``phf'' in ``GET /cgi-bin/phf?''), it identifies those network packets as vehicles of an attack.

15 Drawbacks of Signature based IDS
They are unable to detect novel attacks. Suffer from false alarms Have to programmed again for every new pattern to be detected.

16 Types Host based IDS: application logs ,modification
Protocol Based :analyses comm protocol Hybrid IDS: combined approach Network Intrusion Detection system:n/w traffic monitoring Application protocol based Intrusion Detection system: Misuse Detection: gather info and detect Network based vs host based :

17 Host/Applications based IDS
The host operating system or the application logs in the audit information. These audit information includes events like the use of identification and authentication mechanisms (logins etc.) , file opens and program executions, admin activities etc. This audit is then analyzed to detect trails of intrusion.

18 Drawbacks of the host based IDS
The kind of information needed to be logged in is a matter of experience. Unselective logging of messages may greatly increase the audit and analysis burdens. Selective logging runs the risk that attack manifestations could be missed.

19

20 Network based IDS This IDS looks for attack signatures in network traffic via a promiscuous interface. A filter is usually applied to determine which traffic will be discarded or passed on to an attack recognition module. This helps to filter out known un-malicious traffic.

21 Strengths of Network based IDS
Cost of ownership reduced Packet analysis Evidence removal Real time detection and response Malicious intent detection Complement and verification Operating system independence

Download ppt "Access control techniques"

Similar presentations

Intrusion Detection Systems (I) CS 6262 Fall 02. Definitions Intrusion Intrusion A set of actions aimed to compromise the security goals, namely A set.

Intrusion Detection Systems (I) CS 6262 Fall 02. Definitions Intrusion Intrusion A set of actions aimed to compromise the security goals, namely A set.
Chapter 15 Computer Security Techniques

Chapter 15 Computer Security Techniques
Copyright © 2015 McGraw-Hill Education. All rights reserved. No reproduction or distribution without the prior written consent of McGraw-Hill Education.

Copyright © 2015 McGraw-Hill Education. All rights reserved. No reproduction or distribution without the prior written consent of McGraw-Hill Education.
19.1 Silberschatz, Galvin and Gagne ©2003 Operating System Concepts with Java Chapter 19: Security The Security Problem Authentication Program Threats.

19.1 Silberschatz, Galvin and Gagne ©2003 Operating System Concepts with Java Chapter 19: Security The Security Problem Authentication Program Threats.
5/1/2006Sireesha/IDS1 Intrusion Detection Systems (A preliminary study) Sireesha Dasaraju CS526 - Advanced Internet Systems UCCS.

5/1/2006Sireesha/IDS1 Intrusion Detection Systems (A preliminary study) Sireesha Dasaraju CS526 - Advanced Internet Systems UCCS.
Introduction to Biometrics Dr. Pushkin Kachroo. New Field Face recognition from computer vision Speaker recognition from signal processing Finger prints.

Introduction to Biometrics Dr. Pushkin Kachroo. New Field Face recognition from computer vision Speaker recognition from signal processing Finger prints.
GUIDE TO BIOMETRICS CHAPTER I & II September 7 th 2005 Presentation by Tamer Uz.

GUIDE TO BIOMETRICS CHAPTER I & II September 7 th 2005 Presentation by Tamer Uz.
Lesson 13-Intrusion Detection. Overview Define the types of Intrusion Detection Systems (IDS). Set up an IDS. Manage an IDS. Understand intrusion prevention.

Lesson 13-Intrusion Detection. Overview Define the types of Intrusion Detection Systems (IDS). Set up an IDS. Manage an IDS. Understand intrusion prevention.
Chapter 15 Computer Security Techniques Patricia Roy Manatee Community College, Venice, FL ©2008, Prentice Hall Operating Systems: Internals and Design.

Chapter 15 Computer Security Techniques Patricia Roy Manatee Community College, Venice, FL ©2008, Prentice Hall Operating Systems: Internals and Design.
Lesson 9-Securing a Network. Overview Identifying threats to the network security. Planning a secure network.

Lesson 9-Securing a Network. Overview Identifying threats to the network security. Planning a secure network.
Intrusion Detection Systems. Definitions Intrusion –A set of actions aimed to compromise the security goals, namely Integrity, confidentiality, or availability,

Intrusion Detection Systems. Definitions Intrusion –A set of actions aimed to compromise the security goals, namely Integrity, confidentiality, or availability,
Marjie Rodrigues 411154.

Marjie Rodrigues
Security-Authentication

Security-Authentication
Intrusion Detection - Arun Hodigere. Intrusion and Intrusion Detection Intrusion : Attempting to break into or misuse your system. Intruders may be from.

Intrusion Detection - Arun Hodigere. Intrusion and Intrusion Detection Intrusion : Attempting to break into or misuse your system. Intruders may be from.
Lecture 11 Intrusion Detection (cont)

Lecture 11 Intrusion Detection (cont)
Department Of Computer Engineering

Department Of Computer Engineering
Intrusion Detection System Marmagna Desai [ 520 Presentation]

Intrusion Detection System Marmagna Desai [ 520 Presentation]
INTRUSION DETECTION SYSTEM

INTRUSION DETECTION SYSTEM
INTRUSION DETECTION SYSTEMS Tristan Walters Rayce West.

INTRUSION DETECTION SYSTEMS Tristan Walters Rayce West.
A survey of image-based biometric identification methods: Face, finger print, iris, and others Presented by: David Lin ECE738 Presentation of Project Survey.

A survey of image-based biometric identification methods: Face, finger print, iris, and others Presented by: David Lin ECE738 Presentation of Project Survey.

Similar presentations

Ads by Google