Authentication Systems

Descripción

Mapa Mental sobre Authentication Systems, creado por Davide Cometa el 18/11/2017.
Davide Cometa
Mapa Mental por Davide Cometa, actualizado hace más de 1 año
Davide Cometa
Creado por Davide Cometa hace casi 7 años
31
0

Resumen del Recurso

Authentication Systems

Nota:

  • Authentication of a human, a software or an hardware system against a relaying party.
  1. Authentication mechanisms based on
    1. Knowledge
      1. Ownership
        1. Inherence
          1. Different mechanism of authentication can be combined to obtain higher levels of authentication

            Nota:

            • Multi-factor authN: more factors are combined (do not use the same factor twice e.g. two passwords).
            1. One-factor authN
              1. Two-factor authN
                1. Three-factor authN
              2. Password-based Authentication
                1. One problem is the storage of the password on the server side
                  1. in clear -> anyone can access it
                    1. encrypted -> the key should be saved
                      1. Hashed -> unprotected digests are subject to dictionary attacks
                        1. Hashed with salt -> unpredictable digests are stored. Dictionary attacks and rainbow tables are made impossible
                      2. Challenge-Response Authentication
                        1. Symmetric CRA
                          1. Asymmetric CRA
                          2. One-time password Authentication

                            Nota:

                            • a simple authentication technique where the password is used only once as authentication information to verify the identity
                            1. Synchronous

                              Nota:

                              • password depends on time
                              1. RSA SecurID

                                Nota:

                                • It is a proprietary solution intrinsically connected with the producer.
                              2. Asynchronous
                                1. S/KEY
                                2. Event-based OTP
                                  1. OOB OTP

                                    Nota:

                                    • A sort of Password-based authN that increments security by using an out of band OTP exchange (SMS, PSTN are deprecated)
                                    1. Different solutions that are not interoperetable is not good. A common standard has been developed
                                      1. OATH
                                        1. HMAC OTP
                                          1. TOTP
                                            1. OCRA
                                              1. PSKC
                                                1. DSKPP
                                            2. Biometric Authentication
                                              1. Captcha
                                                1. Biometric Techniques
                                                  1. API/SPI standardized by CDSA
                                                    1. FIDO
                                                  2. Zero Knowledge Password Proof
                                                    1. SSO - Single Sign-On
                                                      1. Fictious

                                                        Nota:

                                                        • Different services require different authentication passwords that are provided by a manager that asks for a global password (like the password wallet, that automatically manages pwds and authNs).
                                                        1. Integral
                                                          1. Multi-application

                                                            Nota:

                                                            • asymmetric challenge-response systems. All the services are able to recognize the same user credential.
                                                            1. Kerberos
                                                            2. Multi-domain

                                                              Nota:

                                                              • A service accepts the credential of a service in another domain (like the access with google account on different websites).
                                                          Mostrar resumen completo Ocultar resumen completo

                                                          Similar

                                                          Fichas de Historia de España
                                                          stefany1994
                                                          formulas físicas basica
                                                          michelkiss25
                                                          VOCALES. Diptongo o Hiato...
                                                          JL Cadenas
                                                          CARBOHIDRATOS
                                                          Andrea Lopez Riv
                                                          Mapa conceptual
                                                          karina montealeg
                                                          Plantilla para diccionario de datos
                                                          José Francisco Espinosa Garita
                                                          Matematicas exanii-ii
                                                          Monica Sanchez8667
                                                          FGM-4. REALES ORDENANZAS PARA LAS FUERZAS ARMADAS (II)
                                                          antonio del valle
                                                          LEY 1/2000 ENJUICIAMIENTO CIVIL: "De los procesos matrimoniales y de menores" (II)
                                                          Miguel Angel del Rio
                                                          Unidad III - Dibujo de Conjunto
                                                          Mariana Cardozo
                                                          INDUCCION A PROCESOS PEDAGOGICOS
                                                          Francia Helena Vasquez Fonseca