Access Control - Computer and Network Security - Lecture Slides, Slides of Computer Science

These are the Lecture Slides of Computer and Network Security which includes Authorization, Social Security Number, Trouble with Passwords, Cryptographic Keys, Dictionary Attack, Bad Passwords, Password Experiment, Random Characters etc. Key important points are: Access Control, Authentication, Authorization, Social Security Number, Trouble with Passwords, Cryptographic Keys, Dictionary Attack, Bad Passwords, Password Experiment, Random Characters

Typology: Slides

2012/2013

Uploaded on 03/22/2013

dhimant
dhimant 🇮🇳

4.3

(8)

128 documents

1 / 140

Toggle sidebar

This page cannot be seen from the preview

Don't miss anything!

bg1
Part 2 Access Control 1
Access Control
Docsity.com
pf3
pf4
pf5
pf8
pf9
pfa
pfd
pfe
pff
pf12
pf13
pf14
pf15
pf16
pf17
pf18
pf19
pf1a
pf1b
pf1c
pf1d
pf1e
pf1f
pf20
pf21
pf22
pf23
pf24
pf25
pf26
pf27
pf28
pf29
pf2a
pf2b
pf2c
pf2d
pf2e
pf2f
pf30
pf31
pf32
pf33
pf34
pf35
pf36
pf37
pf38
pf39
pf3a
pf3b
pf3c
pf3d
pf3e
pf3f
pf40
pf41
pf42
pf43
pf44
pf45
pf46
pf47
pf48
pf49
pf4a
pf4b
pf4c
pf4d
pf4e
pf4f
pf50
pf51
pf52
pf53
pf54
pf55
pf56
pf57
pf58
pf59
pf5a
pf5b
pf5c
pf5d
pf5e
pf5f
pf60
pf61
pf62
pf63
pf64

Partial preview of the text

Download Access Control - Computer and Network Security - Lecture Slides and more Slides Computer Science in PDF only on Docsity!

Part 2  Access Control 1

Access Control

Part 2  Access Control 2

Access Control

 Two parts to access control

 Authentication: Who goes there?

o Determine whether access is allowed

o Authenticate human to machine

o Authenticate machine to machine

 Authorization: Are you allowed to do that?

o Once you have access, what can you do?

o Enforces limits on actions

 Note: Access control often used as synonym for

authorization

Part 2  Access Control 4

Who Goes There?

 

Part 2  Access Control 5

Who Goes There?

 How to authenticate a human to a machine?

Part 2  Access Control 7

Who Goes There?

 How to authenticate a human to a machine?

 Can be based on…

o Something you know

 For example, a password

Part 2  Access Control 8

Who Goes There?

 How to authenticate a human to a machine?

 Can be based on…

o Something you know

 For example, a password

o Something you have

 For example, a smartcard

Part 2  Access Control 10

Something You Know

 

Part 2  Access Control 11

Something You Know

 Passwords

Part 2  Access Control 13

Something You Know

 Passwords

 Lots of things act as passwords!

o PIN

Part 2  Access Control 14

Something You Know

 Passwords

 Lots of things act as passwords!

o PIN

o Social security number

Part 2  Access Control 16

Something You Know

 Passwords

 Lots of things act as passwords!

o PIN

o Social security number

o Mother’s maiden name

o Date of birth

Part 2  Access Control 17

Something You Know

 Passwords

 Lots of things act as passwords!

o PIN

o Social security number

o Mother’s maiden name

o Date of birth

o Name of your pet, etc.

Part 2  Access Control 19

Trouble with Passwords

 “Passwords are one of the biggest practical

problems facing security engineers today.”

Part 2  Access Control 20

Trouble with Passwords

 “Passwords are one of the biggest practical

problems facing security engineers today.”

 “Humans are incapable of securely storing high-

quality cryptographic keys, and they have

unacceptable speed and accuracy when performing

cryptographic operations. (They are also large,

expensive to maintain, difficult to manage, and they

pollute the environment. It is astonishing that these

devices continue to be manufactured and deployed.)”