ISA LESSON 3
Process of verifying someone's identity
AUTHENTICATION
This is technology provide access control for system by checking to see if a users credentials match in a database of authorized users or in data authentication server
AUTHENTICATION
it assures secure system, secure processes and enterprise information security
AUTHENTICATION
users has to enter the username and password to confirm wether that user is logging in or not
SINGLE FACTOR AUTHENTICATION
it is simplest form of authentication method
SINGLE FACTOR AUTHENTICATION
most verification today uses this type of authentication method
SINGLE FACTOR AUTHENTICATION
Now if the username or password is wrong,then the user will not be allowed to login or access the system
SINGLE FACTOR AUTHENTICATION
ADVANTAGE OF SINGLE FACTOR AUTHENTICATION
-it is very simple to use and straight forward system
-it is not all costly
-the user does not need any huge technical skills.
DISADVANTAGE SINGLE FACTOR AUTHENTICATION
-It is not all password secure.
-it will depend on the strength of the password entered by the user
-the protection level of Single factor authentication is much low.
It uses the same password/username combination, but with the addition of being asked to verify who a person is by using something only he or she own, such as a mobile device
Two Factor Authentication
Putting it simply:it uses two factors to confirm an identity
Two Factor Authentication
it is designed to prevent unauthorized users from gaining access to an account with noting more than a stolen password
Two Factor Authentication
Users may be at greater risk of comprised password than they realize, particularly if they use the same password on more than one website
Two Factor Authentication
Two factor authentication is combination of
Something you know (ur password)
Something you have (text with code that sent to your phone, or other device,or a phone authenticator app)
Something you are(biometrics using your fingerprint,face or retina)
It is an authentication method that requires the user to provide two or more verification factors to gain access to a resource such an application, online, account,or a VPN
Multi factor authentication
ADVANTAGE OF MFA
-The two factor authentication systems provides better security that na single factor authentication system
-The productivity and flexibility increase in the two factor authentication system
-Two factor authentication prevents the loss of trust
DISADVANTAGE OF MFA
It's time consuming
Any type of 1,_______ or 2,________ attack will not be possible in a 3,________
1, keylogger
2, phishing
3, MFA
ADVANTAGE OF MFA SYSTEM
no risk of security
no information could get stolen
no risk of any key-logger activity
no risk of any data getting captured
DISADVANTAGE OF MFA SYSTEM
It's time consuming
it can rely on third parties
Both of this use string of characters that used to secure your accounts
PASSWORD AND PASSPHRASE
It's typically composed of 10 letters,numbers or symbols, or a combination of letter, numbers and symbols.
PASSWORD
one word,maybe two that is intended to confuse and misdirect hackers attempting to access your digital resources
PASSWORD
It's a password composed of a sentence or combination of words
PASSPHRASE
generally tend to be longer and more complex than the average password, which increases overall security
PASSPHRASES
can also contain symbols, and does not have to be a proper sentence or grammatically correct
PASSPHRASE
It's an ancient greek word and is the combination of two word(bio)means1,______,(-metric)means2,__________.
BIOMETRICS
1, Life
2, Measurements
It's a system emoloys a unique physical characteristics or behavioral characteristic of an individual person in order to authenticate the person identity
BIOMETRICS AUTHENTICATION
PHYSICAL ATTRIBUTES EMPLOYED IN BIOMETRIC AUTHENTICATION SYSTEM INCLUDES
1,Fingerprints
2,Palm Scan
3,Hand Geometry
4,Facial Scan
5,Iris scan or retina pattern
6,Hand Written Signatures
7,Voice pattern
it's a voice recognition,gaits ,keystroke-scan and signature scan
BEHAVIORAL BIOMETRICS
This are the most likely used biometrics method in use today
FINGERPRINTS AND HANDPRINTS
Many laptops include fingerprint readers are also available on?
USB flash drive
this is based upon these physical attributes have been develop for computer login application
BIOMETRIC AUTHENTICATION
Biometrics authentication are widely used and have much strength
-Biometrics is unique and simple
-Very difficult to replicate biometric feature.
-can be used over the phone lines
-eye scan are accuracy in identifying users
-Fingerprint scan is small and inexpensive
This is the most common biometric scanner
Fingerprints
this identify image on the user finger and then matches with the data in the database
Fingerprints
This is saved in the database and system convert it into binary
Fingerprints
it is very secure since it's hard to guess the fingerprint pattern
FINGERPRINT SCAN
while1,_______ does provide the strongest authentication,it is ________ to errors.
1, Biometrics
2, Susceptible
it can interfere with the scanning process
injury on fingers
This biometrics template can be stored on a database or locally on the device
Palm Scan
it is biometrics that identifies users from the shape of their hands
Hand Geometry
it is refers to the shape of the human hand, size of the palm, and the lengths and widths of the finger
Hand Geometry
readers measure a users palm and fingers along many dimensions including length,width,deviation, and angle compare those measurements stored in a file
Hand Geometry
This is a system technology capable of matching a human face from digital image or a video frame against a databases of faces
Facial Scan
this is typicall employed to authenticate the users through ID verification services, and works by pinpointing and measuring facial features from a given image
Facial Scan
This system take image of the eye using infrared light
Iris Recognition
it's relatively secure biometric method of recognizing people
Iris recognition
it's an example of behavioral biometrics that identifies a person based on their handwriting
Signature Dynamics
1,______user write their signature on paper, and after the writing is complete, its2, ________________ or a 3,__________to turn the signature image into bits.Also known as 4,"_______"
1, Static
2, digitized through an optical scanner
3, camera
1,_______:user write their signature in a 2,_________,which acquires the signature in real time.
1,Dynamic
2, digitizing tablet
Dynamic recognition is also known as "_______"
on-line
it's a ocular based biometrics technology that uses the unique pattern on a person retina blood vessels and is often confused with iris recognition
Retina Recognition
features of iris recognition
-Remains unchange ld throughout life.
-Possible to distinguish twins
-because of using an infrared camera, recognition is available even at night or in the dark
it's a part of application that allows a device to recognize spoken words by digitizing words and matching digital signals with a particular pattern stored in a device
voice recognition
use of the human voice to uniquely identify biological characteristic to authenticate an individual unlike passwords or tokens that require physical input
Biometric Voice Recognition
also called speaker recognition or voice authentication,speaker recognition , voice printing ) applies analyzes of a person voice to verify their identity
Voice Recognition
it's a program that handles user request for access to computer resources and for an enterprise
AAA server
What is AAA server
authentication, authorization and accounting
this is a process of identifying and individual usually based on a username and password
Authentication
it's a process of granting or denying a user access to network resources once the user has been authenticated through the username and password
authorization
it's a process of keeping track of a user's activity while accessing the network resources including the amount of time spent in the network, the services accessed while there and amount of data transferred during the session
Accounting
it's used for trend analysis,capacity planning,billing,auditing and cost allocation
Accounting data
it's typically interacts with a network access and gateway servers and with databases and directories containing user info
AAA server
The current standard by which devices or application communicate with an AAA server is
Remote authentication Dial-in user service(RADIUS)
Benefits of AAA
-Easy to organize users into groups based on the level of access to systems that is required
-Highly scalable, flexible and redundant architecture
-central management and control of individuals credentials
type of authentication
single factor authentication
two factor authentication
multi factor authentication
what are types of biometrics authentication system
1, Fingerprint
2, Palm Scan
3, Hand Geometry
4, Facial Scan
5, Iris recognition
6, Retina Recognition
7, Voice Recognition
8, Signature Dynamics