Presentation is loading. Please wait.

Presentation is loading. Please wait.

Authentication.

Published byDelilah Nash Modified over 6 years ago

Similar presentations

Presentation on theme: "Authentication."— Presentation transcript:

1 Authentication

2 What is Authentication ?
Authentication is the act of confirming the truth of an attribute of a datum or entity. This might involve confirming the identity of a person or software program, tracing the origins of an artifact. Authentication often involves verifying the validity of at least one form of identification.

3 Authentication in simple term
Positive verification of identity (man or machine) Verification of a person’s claimed identity 3 Categories: What you know What you have Who you are

4 Review: 3 Categories What you know What you have Who you are Password
PIN What you have e-Token RFID Certificate Who you are Biometrics

5 Four main types of authentication available are:
Password based authentication Certificate based authentication E-Token based authentication Biometric based authentication

6 Password based authentication :
Password are the most common form of authentication. Password may be a string of alphabets ,numbers and special characters This password is compulsorily to be known by the ENTITY or the THING or a PERSON that is being Authenticated

7 How does the Authentication Process takes places(password)..
Steps : Prompts for user id and password. User enters user id and password. User id and password validation. Authentication result back to the server. Inform user accordingly.

8 Certificate based authentication :
A certificate is a digital document that at a minimum includes a Distinguished Name (DN) and an associated public key. The certificate is digitally signed by a trusted third party known as the Certificate Authority (CA).Digital Certificates can then be reused for user authentication. Certificate based authentication is stronger as compared to password based authentication. Because here the user is expected to HAVE something(CERTIFICATE) rather than to KNOW something(PASSWORD).

9 Certificate based authentication is an electronic document that contains information on:
The Entity it belongs to… (2) The Entity it was issued by… (3) Unique serial number or some other unique identification… (4) Valid dates … (5) A Digital fingerprint…

10 How does the Authentication Process takes places(certificate)..
Steps : Creation, storage and distribution of DC(Digital Certificate). Login request (user to server). Server creates a random challenge. User signs the random challenge. Server returns an appropriate message back to the user.

11 E-Token based authentication :
An authentication token is a small device that generates a new random value every time it is used. This random value becomes the basis for authentication{an alternative to a password} Can be implemented on a USB key fob or a smart card. Data physically protected on the device itself May store credentials such as passwords, digital signatures and certificates, and private keys.

12 Usually an Authentication Token has the foll components or features:
Processor. LCD for displaying outputs or random values. Battery. Small keypad for entering information. Real-time clock. optional

13 How does the Authentication Process takes places(e-token)..
Steps : Creation of a token. Use of token. Token validation. Server returns an appropriate message back to the user.

14 Biometric based authentication :
Biometrics (or biometric authentication) refers to the identification of humans by their characteristics such as fingerprint, voice, Iris pattern of the eye, vein pattern, etc. Biometrics is used in computer science as a form of identification and access control. It is also used to identify individuals in groups that are under observation.

15 How does the Authentication Process takes places(Biometric)..
The user database contains a sample of user’s biometric characteristics During Authentication process, the user is required to provide a new sample of the user’s biometric. This sample is sent to encryption. This current sample is decrypted & compared.(if the sample matches ) User is considered as valid one

16 new biometric sample is requested.
Biometrics Process new biometric sample is requested. No Quality Sufficient? Signal Processing, Feature Extraction, Representation Biometric Data Collection Transmission Yes database Database Template Match Yes Decision Confidence? No

17 The common Physical characteristics are:
Fingerprint Face Retina Iris Vein pattern Hand and finger geometry

18 Signature Verification Process
The angle at which the pen is held The number of times the pen is lifted The time it takes to write the entire signature The pressure exerted by the person while signing The variations in the speed with which different parts of the signature are written.

19 Aadhaar card: One-time standardized Aadhaar enrolment establishes uniqueness of resident via ‘biometric de-duplication’ Only one Aadhaar number per eligible individual Online Authentication is provided by UIDAI Demographic Data (Name, Address, DOB, Gender) Biometric Data (Fingerprint, Iris, Face) Aadhaar :subject to online authentication is proof of ID Aadhaar enrollment / Update = KYC Aadhaar No. Issued, stored in Auth. Server “Verification” of KYC (Authentication)

20 Advantages of biometrics
Uniqueness Universality Performance Measurability User friendly Accuracy Comfort

21 Thank you..!

Download ppt "Authentication."

Similar presentations

Digital Certificate Installation & User Guide For Class-2 Certificates.

Digital Certificate Installation & User Guide For Class-2 Certificates.
Digital Certificate Installation & User Guide For Class-2 Certificates.

Digital Certificate Installation & User Guide For Class-2 Certificates.
ESign-Online Digital Signature Service February 2015 Controller of Certifying Authorities Department of Electronics and Information Technology Ministry.

ESign-Online Digital Signature Service February 2015 Controller of Certifying Authorities Department of Electronics and Information Technology Ministry.
GUIDE TO BIOMETRICS CHAPTER I & II September 7 th 2005 Presentation by Tamer Uz.

GUIDE TO BIOMETRICS CHAPTER I & II September 7 th 2005 Presentation by Tamer Uz.
Security Awareness: Applying Practical Security in Your World

Security Awareness: Applying Practical Security in Your World
Copyright © 1995-2003 Clifford Neuman - UNIVERSITY OF SOUTHERN CALIFORNIA - INFORMATION SCIENCES INSTITUTE CSci530: Computer Security Systems Authentication.

Copyright © Clifford Neuman - UNIVERSITY OF SOUTHERN CALIFORNIA - INFORMATION SCIENCES INSTITUTE CSci530: Computer Security Systems Authentication.
Marjie Rodrigues 411154.

Marjie Rodrigues
Security-Authentication

Security-Authentication
Digital Signature Xiaoyan Guo/102587 Xiaohang Luo/104446.

Digital Signature Xiaoyan Guo/ Xiaohang Luo/
Security systems need to be able to distinguish the “white hats” from the “black hats”. This all begins with identity. What are some common identifiers.

Security systems need to be able to distinguish the “white hats” from the “black hats”. This all begins with identity. What are some common identifiers.
Karthiknathan Srinivasan Sanchit Aggarwal

Karthiknathan Srinivasan Sanchit Aggarwal
Authentication Approaches over Internet Jia Li

Authentication Approaches over Internet Jia Li
Chapter 10: Authentication Guide to Computer Network Security.

Chapter 10: Authentication Guide to Computer Network Security.
Access and Identity Management System (AIMS) Federal Student Aid PESC Fall 2009 Data Summit October 20, 2009 Balu Balasubramanyam.

Access and Identity Management System (AIMS) Federal Student Aid PESC Fall 2009 Data Summit October 20, 2009 Balu Balasubramanyam.
14.1 Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display. Chapter 14 Entity Authentication.

14.1 Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display. Chapter 14 Entity Authentication.
Copyright © 2013 by The McGraw-Hill Companies, Inc. All rights reserved. McGraw-Hill/Irwin Business Plug-In B6 Information Security.

Copyright © 2013 by The McGraw-Hill Companies, Inc. All rights reserved. McGraw-Hill/Irwin Business Plug-In B6 Information Security.
Entity Authentication

Entity Authentication
Le Trong Ngoc Security Fundamentals Entity Authentication Mechanisms 4/2011.

Le Trong Ngoc Security Fundamentals Entity Authentication Mechanisms 4/2011.
Security PS Evaluating Password Alternatives Bruce K. Marshall, CISSP, IAM Senior Security Consultant

Security PS Evaluating Password Alternatives Bruce K. Marshall, CISSP, IAM Senior Security Consultant
DIGITAL SIGNATURE. GOOD OLD DAYS VS. NOW GOOD OLD DAYS FILE WHATEVER YOU WANT – PUT ‘NA’ OR ‘-’ OR SCRATCH OUT FILE BACK DATED, FILE BLANK FORMS, FILE.

DIGITAL SIGNATURE. GOOD OLD DAYS VS. NOW GOOD OLD DAYS FILE WHATEVER YOU WANT – PUT ‘NA’ OR ‘-’ OR SCRATCH OUT FILE BACK DATED, FILE BLANK FORMS, FILE.

Similar presentations

Ads by Google