Chapter 6 Authenticating People. FIGURE 6.0.F01: Authentication to protect computer resources

download Chapter 6 Authenticating People. FIGURE 6.0.F01: Authentication to protect computer resources

If you can't read please download the document

  • date post

    14-Dec-2015
  • Category

    Documents

  • view

    218
  • download

    2

Embed Size (px)

Transcript of Chapter 6 Authenticating People. FIGURE 6.0.F01: Authentication to protect computer resources

  • Slide 1

Chapter 6 Authenticating People Slide 2 FIGURE 6.0.F01: Authentication to protect computer resources. Slide 3 FIGURE 6.0.F02: Performing the authentication. Slide 4 TABLE 6.0.T01: Examples of authentication techniques Slide 5 TABLE 6.0.T02: Levels of authentication threats Slide 6 FIGURE 6.0.F03: Basic external attacks on authentication. Slide 7 FIGURE 6.0.F04: Unix developers using a teletype. Reprinted with permission of Alcatel-Lucent USA Inc. Slide 8 FIGURE 6.0.F05: Masking the space for typing a password. Courtesy of Dr. Richard Smith Slide 9 FIGURE 6.0.F06: Procedure diagram of password hashing. Slide 10 FIGURE 6.0.F07: Procedure diagram of a one-way hash function. Slide 11 TABLE 6.0.T03: Modern hash functions and the size of their hash values Slide 12 FIGURE 6.0.F08: Keystroke logger. Photo courtesy of KeyGhost.com Slide 13 FIGURE 6.0.F09: Offline trial-and-error attack on Alices password hash. Slide 14 EQUATION 6.0.Eq01 Slide 15 EQUATION 6.0.Eq02 Slide 16 EQUATION 6.0.Eq03 Slide 17 EQUATION 6.0.Eq04 Slide 18 TABLE 6.0.T04: Search space for random passwords or passphrases Slide 19 FIGURE 6.0.F10: Decimal dice can produce truly random numbers. Courtesy of Dr. Richard Smith Slide 20 TABLE 6.0.T05: Different degrees of cracking feasibility Slide 21 FIGURE 6.0.F11: Dictionary attack by the Morris Worm. Slide 22 EQUATION 6.0.Eq05 Slide 23 EQUATION 6.0.Eq06 Slide 24 FIGURE 6.0.F12: A four-digit luggage lock. Courtesy of Dr. Richard Smith Slide 25 EQUATION 6.0.Eq07 Slide 26 EQUATION 6.0.Eq08 Slide 27 FIGURE 6.0.F13: Passive authentication tokens, front and back. Courtesy of Dr. Richard Smith Slide 28 FIGURE 6.0.F14: A hand-operated challenge-response token. Courtesy of Dr. Richard Smith Slide 29 FIGURE 6.0.F15: Using a challenge-response token. Slide 30 FIGURE 6.0.F16: A challenge-response calculation. Courtesy of Dr. Richard Smith Slide 31 FIGURE 6.0.F17: USB direct connect challenge response tokens. Courtesy of Dr. Richard Smith Slide 32 FIGURE 6.0.F18: One-time password token. Courtesy of Dr. Richard Smith Slide 33 FIGURE 6.0.F19: Generating a one-time password. Courtesy of Dr. Richard Smith Slide 34 FIGURE 6.0.T06: Vulnerabilities of authentication tokens Slide 35 TABLE 6.0.F20: Biometric fingerprint reader on a laptops keyboard. Courtesy of Dr. Richard Smith Slide 36 FIGURE 6.0.F21: Elements of a biometric system. Slide 37 EQUATION 6.0.Eq09 Slide 38 TABLE 6.0.T07: Household policy for a weak threat environment Slide 39 TABLE 6.0.T08: Policy for a workplace using passwords against weak threats Slide 40 TABLE 6.0.T09: Policy for a workplace using tokens and passwords against weak threats Slide 41 TABLE 6.0.T10: Extending the password policy from Table 6.8 for strong threats Slide 42 TABLE 6.0.T11: Policy from Table 6.8 extended to apply biometrics to strong threats Slide 43 TABLE 6.0.T12: Extending the token policy from Table 6.9 for strong threats