tailieunhanh - Lecture Information systems security - Chapter 7: Authentication
The contents are presented in chapter 7: Define authentication, authentication credentials, authentication models, authentication servers, extended authentication protocols, Virtual Private Network (VPN). Inviting you to refer. | Authentication Objectives Define authentication Authentication credentials Authentication models Authentication servers Extended authentication protocols Virtual Private Network (VPN) Password-Guessing Attacks Surge Slow guessing and botnets conceal the attacks Countermeasures Strong password policy, restricting access to server by source IP, two-factor authentication Definition of Authentication Authentication can be defined in two contexts The first is viewing authentication as it relates to access control The second is to look at it as one of the three key elements of security: Authentication Authorization Accounting Authentication & Access Control Terminology Access control is the process by which resources or services are granted or denied Identification The presentation of credentials or identification Authentication The verification of the credentials to ensure that they are genuine and not fabricated Authorization Granting permission for admittance Access is the right to use specific resources Authentication, Authorization, and Accounting Short term: AAA Authentication in AAA provides a way of identifying a user Typically with a password Authorization determines whether the user has the authority to carry out certain tasks The process of enforcing policies Accounting measures the resources a user “consumes” during each network session Uses of Accounting DATA To find evidence of problems For billing For planning AAA servers Servers dedicated to performing AAA functions Can provide significant advantages in a network Objectives Define authentication Authentication credentials Authentication models Authentication servers Extended authentication protocols Virtual Private Network (VPN) Authentication Credentials Credentials are something you have, something you are, or something you know Types of authentication credentials Passwords One-time passwords Standard biometrics Behavioral biometrics Cognitive biometrics One-Time Passwords Standard passwords are . | Authentication Objectives Define authentication Authentication credentials Authentication models Authentication servers Extended authentication protocols Virtual Private Network (VPN) Password-Guessing Attacks Surge Slow guessing and botnets conceal the attacks Countermeasures Strong password policy, restricting access to server by source IP, two-factor authentication Definition of Authentication Authentication can be defined in two contexts The first is viewing authentication as it relates to access control The second is to look at it as one of the three key elements of security: Authentication Authorization Accounting Authentication & Access Control Terminology Access control is the process by which resources or services are granted or denied Identification The presentation of credentials or identification Authentication The verification of the credentials to ensure that they are genuine and not fabricated Authorization Granting permission for admittance Access is the right to use .
đang nạp các trang xem trước