河南中医药大学：《信息安全网络与网络安全》课程教学资源（英文讲稿）第02章工具箱：鉴别、访问控制与加密 Toolbox：Authentication, Access Control, and Cryptography

• Survey authentication mechanisms • List available access control implementation options • Explain the problems encryption is designed to solve • Understand the various categories of encryption tools as well as the strengths, weaknesses, and applications of each • Learn about certificates and certificate authorities

团购合买资源类别：文库，文档格式：PDF，文档页数：40，文件大小：3.78MB

SECURITY IN COMPUTING FIETH EDITION Chapter 2: Toolbox: Authentication, Access Control, and Cryptography 授课教师:高海波可南中医药大学信息管理与信息系统教研室 From Security in Computing, Fifth Edition, by Charles P Pfleeger, et al. (ISBN: 9780134085043) Copyright 2015 by Pearson Education, Inc. All rights reserved

SECURITY IN COMPUTING, FIFTH EDITION Chapter 2: Toolbox: Authentication, Access Control, and Cryptography From Security in Computing, Fifth Edition, by Charles P. Pfleeger, et al. (ISBN: 9780134085043). Copyright 2015 by Pearson Education, Inc. All rights reserved. 1 授课教师：高海波河南中医药大学信息管理与信息系统教研室

2 Objectives for Chapter 2 Survey authentication mechanisms List available access control implementation options Explain the problems encryption is designed to solve Understand the various categories of encryption tools as well as the strengths, weaknesses, and applications of each Learn about certificates and certificate authorities From Security in Computing, Fifth Edition, by Charles P Pfleeger, et al. (ISBN: 9780134085043) Copyright 2015 by Pearson Education, Inc. All rights reserved

Objectives for Chapter 2 • Survey authentication mechanisms • List available access control implementation options • Explain the problems encryption is designed to solve • Understand the various categories of encryption tools as well as the strengths, weaknesses, and applications of each • Learn about certificates and certificate authorities 2 From Security in Computing, Fifth Edition, by Charles P. Pfleeger, et al. (ISBN: 9780134085043). Copyright 2015 by Pearson Education, Inc. All rights reserved

3 Authentication The act of proving that a user is who she says she is Methods Something the user knows Something the user is Something user has From Security in Computing, Fifth Edition, by Charles P Pfleeger, et al. (ISBN: 9780134085043) Copyright 2015 by Pearson Education, Inc. All rights reserved

Authentication • The act of proving that a user is who she says she is • Methods: • Something the user knows • Something the user is • Something user has 3 From Security in Computing, Fifth Edition, by Charles P. Pfleeger, et al. (ISBN: 9780134085043). Copyright 2015 by Pearson Education, Inc. All rights reserved

Something You Know Passwords Security questions Attacks on something you know' Dictionary attacks Inferring likely passwords/answers Guessing Defeating concealment Exhaustive or brute-force attack Rainbow tables From Security in Computing, Fifth Edition, by Charles P Pfleeger, et al. (ISBN: 9780134085043) Copyright 2015 by Pearson Education, Inc. All rights reserved

Something You Know • Passwords • Security questions • Attacks on “something you know”: • Dictionary attacks • Inferring likely passwords/answers • Guessing • Defeating concealment • Exhaustive or brute-force attack • Rainbow tables 4 From Security in Computing, Fifth Edition, by Charles P. Pfleeger, et al. (ISBN: 9780134085043). Copyright 2015 by Pearson Education, Inc. All rights reserved

5 Distribution of Password Types One character 09 Oth d Two character passwords 14% Ihree characters Words dictionaries or lists of names Four characters 15 all letter Six letter Five letters all same case From Security in Computing, Fifth Edition, by Charles P Pfleeger, et al. (ISBN: 9780134085043) Copyright 2015 by Pearson Education, Inc. All rights reserved

6 Password Storage Identity Password Identity Password Jane qwerty ane 0x471aa2d2 Pat aaaaaa Pat 0x13b9c32f Philli oct 31 witch Phillip 0xo1c142be RoZ aaaaaa Roz 0x13b9c32f Herman guessme Herman 0x5202aae2 Claire aq 3wm Soto! 4 Claire 0x488b8c27 Plaintext Concealed From Security in Computing, Fifth Edition, by Charles P Pfleeger, et al. (ISBN: 9780134085043) Copyright 2015 by Pearson Education, Inc. All rights reserved

7 Biometrics: Something You Are lII 7890 p5A12570121 p49801900107 p94291297100 1p82814+2I 05568704564 From Security in Computing, Fifth Edition, by Charles P Pfleeger, et al.(ISBN: 9780134085043) Copyright 2015 by Pearson Education, Inc. All rights reserved

8 Problems with biometrics Intrusive Expensive Single point of failure Sampling error False readings peed S Forgery From Security in Computing, Fifth Edition, by Charles P Pfleeger, et al. (ISBN: 9780134085043) Copyright 2015 by Pearson Education, Inc. All rights reserved

Problems with Biometrics • Intrusive • Expensive • Single point of failure • Sampling error • False readings • Speed • Forgery 8 From Security in Computing, Fifth Edition, by Charles P. Pfleeger, et al. (ISBN: 9780134085043). Copyright 2015 by Pearson Education, Inc. All rights reserved

9 TokenS: Something You have Time-Based Token authentication Login: collings Passcode: 2468159759 PASSCODE PIN TOKENCODE Token code Clock Changes every RSA+B59 1591 SecurID synchronized to 60 seconds UCT Unique seec From Security in Computing, Fifth Edition, by Charles P Pfleeger, et al. (ISBN: 9780134085043) Copyright 2015 by Pearson Education, Inc. All rights reserved

Federated Identity Management Identity Manager ser (performs Authenticated authentication) Identity application AT pplication (no authentication) (no authentication) Application (no authentication) From Security in Computing, Fifth Edition, by Charles P Pfleeger, et al. (ISBN: 9780134085043) Copyright 2015 by Pearson Education, Inc. All rights reserved

点击进入文档下载页（PDF格式）

共40页，可试读14页，点击继续阅读 ↓↓

点击下载（PDF格式）

浏览记录