This site is 100% ad supported. Please add an exception to adblock for this site.

access control continued

Start Studying!

Terms

undefined, object
copy deck
The two key components required to implement access control are
identification and authentication, which help to Strong identification and authentication help to protect a system from unauthorized access.
A system recognizes a valid user on the basis of their identification, how is this done.
This is usually in the form of a user ID. A user ID must be presented to, and validated by, the system before access is granted to the user.
How can user IDs assist with the administration of system access
They can be used to assign users to user groups, such as groups for different work units or network privileges, for example.
What are ways to identify or authenticated a persona ID
such as a password or PIN, such as an ATM card or a smart card. A user's unique physical characteristics can also be used to confirm identity by using retina or fingerprint scans.
Three types of password used for authenticating users are
one-time passwords
static passwords
dynamic passwords
one-time passwords
A one-time password (OTP) is valid for a single logon and is discarded, never to be repeated. This is the most secure form of password.
static passwords
Once a static password is allocated to a user, it remains the same between login sessions. However, it should expire after a predefined period or if it remains unused for a prolonged term.
dynamic passwords
Dynamic passwords are uniquely generated for a limited period of time or for each new login session. The user usually holds a separate PIN number, which they can use to access a password generator application that uses an algorithm to create the new password. However, there is always the chance that the password will be regenerated at some point in the future.
Why should System administrators use password-generation algorithms
to ensure that users choose a sufficiently complex password for a specific security level. This reduces the risk of the password being compromised by hackers.
How should passwords may be generated
from smart cards or memory cards called tokens
There are four types of tokens: Name them
static password tokens
synchronous dynamic password tokens
asynchronous dynamic password tokens
challenge-response tokens
static password tokens
A static password token first authenticates the user ID, and then authenticates the user's data to the system.
synchronous dynamic password tokens
A synchronous dynamic password token creates a new password for the user at designated intervals. This password is encrypted using private encryption and is stored in the system with the user's PIN. The system recognizes a user's PIN and private encryption key, and so judges whether the password was created within a valid time window.
asynchronous dynamic password tokens
The asynchronous dynamic password token creates a new password for the user at sporadic intervals. This password is encrypted with private encryption and is stored in the system with the user's PIN. The system recognizes a user's PIN and private encryption key, and confirms the validity of the password
challenge-response tokens
If challenge-response tokens are used, the user receives a challenge string from the system and places this string with their personal PIN into the token. The token transmits a challenge-response to the system, which the system uses to determine whether to authenticate the user based on this data.
How are Biometrics database
used
not correct
The development of fast, reliable computer-processing and data-sensing technologies has enabled the growth of biometrics from
to the use of fingerprints to a range of physical
The characteristics that can be used for biometric authentication include
facial scans
fingerprints
hand geometry
handwritten signature dynamics
iris scans
palm scans
retina scans
voice scans
Biometrics uses a "one-to-many" approach to identify a user
it compares the user's physical characteristics to the contents of a database.
Biometric systems' performances are classified in three ways:
False Rejection Rate (FRR)
False Acceptance Rate (FAR)
Crossover Error Rate (CER)
False Rejection Rate (FRR)
FRR establishes the percentage of valid users, or subjects, who are falsely rejected. FRR increases when system sensitivity is increased.
False Acceptance Rate (FAR)
FAR establishes the percentage of invalid users, or subjects, who are falsely accepted. FAR increases when system sensitivity in decreased.
Crossover Error Rate (CER)
CER - also known as Equal Error Rate (EER) - is the point at which the False Rejection Rate equals the False Acceptance Rate. This is seen as the optimum performance of a biometric system.
What affect the performance of biometric systems.
Acceptability, enrollment time, and the throughput rate of data
Acceptability
ensures that the system's biometric techniques do not infringe upon the privacy or the physical and psychological state of the system user.
Enrollment time
is the amount of time it takes for a user to be initially recognized by the system.
throughput rate
is the rate by which recognized system users can be identified and authenticated.
k
k
Start Studying!

Deck Info

28

permalink