Computer Security Principles and Practice 1 e

Computer Security Principles And Practice 1 E-Free PDF

  • Date:10 Jul 2020
  • Views:2
  • Downloads:0
  • Pages:40
  • Size:6.73 MB

Share Pdf : Computer Security Principles And Practice 1 E

Download and Preview : Computer Security Principles And Practice 1 E


Report CopyRight/DMCA Form For : Computer Security Principles And Practice 1 E


Transcription:

Token Based Authentication,Biometric Authentication. Remote User Authentication,Security Issues for User Authentication. Practical Application An Iris Biometric System,Case Study Security Problems for ATM Systems. Learning Objectives,After studying this chapter you should be able to. Discuss the four general means of authenticating a user s identity. Explain the mechanism by which hashed passwords are used for user. authentication, Present an overview of token based user authentication.
Present an overview of biometric based user authentication. Discuss the issues involved and the approaches for remote user. authentication, Summarize some of the key security issues for user authentication. Threats Security properties,MS STRIDE and Their mitigations. MFA Multi Factor Authentication,ACLs Access Control Lists. Computer security OS lab DKU 4,Authentication,RFC 2828 defines user authentication as. The process of verifying an identity claimed by or. for a system entity, Fundamental building block and primary line of defense.
basis for access control user accountability,Authentication. Authentication is usually based on a combination of. 1 Something you know things such as a PIN a password prearranged. questions or your mother s maiden name, 2 Something you have a driver s license a smart card or a radio key for. storing secret keys,3 Something you are biometrics. Static biometrics fingerprints retina face palm prints. Dynamic biometrics voice pattern handwriting typing rhythm. 4 Somewhere you are not IP or MAC address, Two factor authentication a kind of strong authentication. requires providing more than one type of authentication information. Computer security OS lab DKU 6,User Authentication.
The means of authenticating,user identity are based on. Password PIN,answers to Smartcard Fingerprint,prearranged electronic retina face. questions Voice pattern,keycard handwriting,physical key typing rhythm. Computer security OS lab DKU 7,Authentication, Source http www validsoft com five factor authentication. Computer security OS lab DKU 8,Something You Know,Password Authentication.
Password Cracking,Password Authentication,widely used line of defense against intruders. user provides name login and password, system compares password with the one stored for that specified login. the user ID, determines that the user is authorized to access the system. determines the user s privileges,is used in discretionary access control DAC. The passwords in etc passwd were encrypted with the crypt 3 function. one way hash,etc shadow,Password based Authentication.
Password Vulnerabilities,Offline dictionary attack. Workstation hijacking, The attacker waits until a logged in workstation is unattended. Exploiting user mistakes,Sometimes user writes down the password. attackers are frequently successful in obtaining passwords by using social. engineering tactics that trick the user or an account manager into revealing a. Many computer systems are shipped with preconfigured passwords for system. administrators,Exploiting multiple password use, Attacks can also become much more effective or damaging if different network. devices share the same or a similar password for a given user. Electronic monitoring, If a password is communicated across a network to log on to a remote system it.
is vulnerable to eavesdropping,Computer security OS lab DKU 12. Simple Countermeasures, controls to prevent unauthorized access to password file. Intrusion detection measures to identify a compromise. rapid reissuance of compromised passwords,account lockout mechanisms. Locks out access to the account after a number of failed login attempts. policies to inhibit users from selecting common passwords. training in and enforcement of password policies that make passwords. difficult to guess, Minimum length of the password Character set Prohibition against using well known. user identifiers and Length of time before the password must be changed. automatic workstation logout, policies that forbids the same or similar passwords on network devices.
Password encryption Basic hash encryption,AES vs MD5. Computer security OS lab DKU 13,Authentication, Password Cracking Brute force attack vs Dictionary attack. Brute force attack,Guess every possible password, Try all permutations of the letters symbols in the alphabet. Depending on the length complexity of your password this can take time. Dictionary attack, Most people 70 of the people use real words as passwords. Try all dictionary words before trying a brute force attack. List of common passwords used, SW available that will run through these lists l0phtcrack Brutus John the Ripper.
is based on trying all the strings in a pre arranged listing typically derived from a. list of words such as in a dictionary, tries only those possibilities which are deemed most likely to succeed. Computer security OS lab DKU 14,Authentication,Password Cracking. Dictionary attack,Hybrid attack,Words from dictionary their variations used in. Social Engineering,People write passwords in different places. People disclose passwords natively to others,Shoulder surfing.
Hackers slyly watch over peoples shoulders to steal. Pre computed dictionary attack Rainbow table attacks. It is possible to achieve a time space tradeoff by pre computing a list of hashes of. dictionary words and storing these in a DB using the hash as the DB key. Computer Security Principles and Practice 3rd Edition William Stallings and Lawrie Brown Contents Token Based Authentication Biometric Authentication Remote User Authentication Security Issues for User Authentication Practical Application An Iris Biometric System Case Study Security Problems for ATM Systems 2 Learning Objectives After studying this chapter you should be able to

Related Books