In most computer security contexts, ___________ is the fundamental building block and the primary line of defense.
_________ is the basis for most types of access control and for user accountability.
The process of verifying an identity claimed by or for a system entity.
Presenting an identifier to the security system.
Presenting or generating authentication information that corroborates the binding between the entity and the identifier.
_________ is the means by which a user provides a claimed identity to the system;
_______________ is the means of establishing the validity of the claim.
____________ is a procedure that allows communicating parties to verify that the contents of a received message have not been altered and that the source is authentic.
The process of establishing confidence in user identities that are presented electronically to an information system.
Electronic user authentication
a __________ for user authentication that involves a number of entities and procedures.
An applicant applies to a _________ to become a subscriber of a credential service provider (CSP).
registration authority (RA)
An applicant applies to a registration authority (RA) to become a _________ of a credential service provider (CSP).
An applicant applies to a registration authority (RA) to become a subscriber of a ___________.
credential service provider (CSP)
The __________ is a data structure that authoritatively binds an identity and additional attributes to a token possessed by a subscriber, and can be verified when presented to the verifier in an authentication transaction.
The party to be authenticated is called a _________ and the party verifying that identity is called a _________.
The verifier passes on an assertion about the identity of the subscriber to the _________.
relying party (RP)
Four general means of authenticating a user’s identity:
Something the individual knows
Something the individual possesses
Something the individual is (static biometrics)
Something the individual does (dynamic biometrics)
An ________ may be able to guess or steal a password.
3 concepts we wish to relate:
areas of risk
An _________ describes an organization’s degree of certainty that a user has presented a credential that refers to his or her identity.
The degree of confidence in the vetting process used to establish the identity of the individual to whom the credential was issued
The degree of confidence that the individual who uses the credential is the individual to whom the credential was issued.
Level 1 - little or no confidence
Level 2 - some confidence
Level 3 - high confidence
Level 4 - very high confidence
Three levels of potential impact:
Low - Authentication error could be expected to have a limited adverse effect.
Moderate - Authentication error expected to have a serious adverse effect.
High - Authentication error expected to have a severe or catastrophic adverse effect.
Impact of error that results in unauthorized access: (Areas of Risk)
Low: At worst, an insignificant or inconsequential unrecoverable financial loss.
Moderate - At worst, a serious unrecoverable financial loss to any party, or a serious organization liability.
High - severe or catastrophic unrecoverable financial loss to any party; or severe or catastrophic organization liability.
(T/F) If the potential impact is low, an assurance level of 1 is adequate. If the potential impact is moderate, an assurance level of 2 or 3 should be achieved. And if the potential impact is high, an assurance level of 4 should be implemented.
A widely used line of defense against intruders is the ________.
The attacker obtains the system password file and compares the password hashes against hashes of commonly used passwords.
Offline dictionary attack
The attacker targets a specific account and submits password guesses until the correct password is discovered.
Specific account attack
A variation of the preceding attack is to use a popular password and try it against a wide range of user IDs.
Popular password attack
The attacker attempts to gain knowledge about the account holder and system password policies and uses that knowledge to guess the password.
Password guessing against single user
The attacker waits until a logged-in workstation is unattended.
If the system assigns a password, then the user is more likely to write it down because it is difficult to remember.
Exploiting user mistakes
Attacks can also become much more effective or damaging if different network devices share the same or a similar password for a given user.
Exploiting multiple password use
If a password is communicated across a network to log on to a remote system, it is vulnerable to eavesdropping.
A widely used password security technique is the use of ________ and a ____ value.
hashed passwords, salt
This value is related to the time at which the password is assigned to the user.
The password and salt serve as inputs to a hashing algorithm to produce a __________.
fixed-length hash code
Salt serves three purposes:
prevents duplicate passwords from being visible
greatly increases the difficulty of offline dictionary attacks
impossible to find out whether a person used the same password
a user can gain access on a machine using a guest account or by some other means and then run a password guessing program, called a ___________, on that machine.
The most secure version of the UNIX hash/salt scheme was developed for _______, another widely used open source UNIX.
OpenBSD uses a hash function based on the Blowfish symmetric block cipher. The hash function, called ______, is quite slow to execute.
(T/F) The traditional approach to password guessing, or password cracking as it is called, is to develop a large dictionary of possible passwords and to try each of these against the password file.
The result is a mammoth table of hash values known as a __________.
The hashed passwords are kept in a separate file from the user IDs, referred to as a __________.
shadow password file
The _________ strategy is unlikely to succeed at most installations, particularly where there is a large user population or a lot of turnover.
If the passwords are quite random in nature, users will not be able to remember them.
A _____________ strategy is one in which the system periodically runs its own password cracker to find guessable passwords.
reactive password checking
A user is allowed to select his or her own password. How ever, at the time of selection, the system checks to see if the password is allowable and, if not, rejects it.
complex password policy, or proactive password checker
(T/F) All passwords must be at least eight characters long. In the first eight characters, the passwords must include at least one each of uppercase, lowercase, numeric digits, and punctuation marks.
two problems in password checker:
A technique for developing an effective and efficient proactive password checker that is based on rejecting words on a list has been implemented on a number of systems, including Linux.
Objects that a user possesses for the purpose of user authentication are called _________.
_______ can store but not process data.
A _________ can store only a simple security code, which can be read by an inexpensive card reader.
(T/F) Smart tokens include an embedded microprocessor.
A _______ smart card must be inserted into a smart card reader with a direct connection to a conductive contact plate on the surface of the card.
A _________ card requires only close proximity to a reader.
With a ______ protocol, the user authenticates himself or herself to the token and then the token authenticates the user to the computer.
The token generates a unique password periodically.
Dynamic password generator
The computer system generates a challenge, such as a random string of numbers. The smart token generates a response based on the challenge.
For user authentication the most important category of smart token is the _______, which has the appearance of a credit card, has an electronic interface, and may use any of the type of protocols.
Smart card includes three types of memory:
Read-only memory (ROM)
Electrically erasable programmable ROM (EEPROM)
Random access memory (RAM)
The terminal may be able to change the protocol used and other parameters via a ________ command.
protocol type selection (PTS)
A __________ card can serve the same purposes as other national ID cards, and similar cards such as a driver’s license, for access to government and commercial services.
national electronic identity (eID)
A six-digit decimal random number printed on the face of the card. This is used as a password, as explained subsequently.
Card access number (CAN)
Three lines of human- and machine-readable text on the back of the card. This may also be used as a password.
Machine readable zone (MRZ)
An alphanumerical nine-character unique identifier of each card.
This function is reserved for government use and stores a digital representation of the cardholder’s identity.
This function is for general-purpose use in a variety of government and commercial applications.
This optional function stores a private key and a certificate verifying the key; it is used for generating a digital signature.
Ensures that the contactless RF chip in the eID card cannot be read without explicit access control.
A ___________ system attempts to authenticate an individual based on his or her unique physical characteristics.
Biometrics is based on __________.
Most common means of human-to-human identification; thus it is natural to consider them for identification by computer.
A ________ is the pattern of ridges and f urrows on the surface of the fingertip. Believed to be unique across the entire human population.
Identify features of the hand, including shape, and lengths and widths of fingers.
Hand geometry systems
A _________ system obtains a digital image of the retinal pattern by projecting a low-intensity beam of visual or infrared light into the eye.
Each individual who is to be included in the database of authorized users must first be ________ in the system.
Depending on application, user authentication on a biometric system involves either _________ or __________.
The simplest form of user authentication is _____________, in which a user attempts to access a system that is locally present, such as a stand-alone office PC or an ATM machine.
The host generates a random number r, often called a ______, and returns this to the user.
(T/F) The token either stores a static passcode or generates a one-time random passcode.
(T/F) The principal difference from the case of a stable biometric is that the host provides a random sequence as well as a random number as a challenge. The sequence challenge is a sequence of numbers, characters, or words.
________ are those in which an adversary attempts to achieve user authentication without access to the remote host or to the intervening communications path.
__________ are directed at the user file at the host where passwords, token passcodes, or biometric templates are stored.
__________ in the context of passwords refers to an adversary’s attempt to learn the password by observing the user, finding a written copy of the password, or some similar attack that involves the physical proximity of user and adversary.
For a token, an analogous threat is ______ of the token or physical copying of the token.
The analogous threat for a biometric protocol is _______ or imitating the biometric parameter so as to generate the desired template.
Involve an adversary repeating a previously captured user response.
An application or physical device masquerades as an authentic application or device for the purpose of capturing a user password, passcode, or biometric.
Trojan horse attack
A _________ attempts to disable a user authentication service by flooding the service with numerous authentication attempts.