




























































































Study with the several resources on Docsity
Earn points by helping other students or get them with a premium plan
Prepare for your exams
Study with the several resources on Docsity
Earn points to download
Earn points by helping other students or get them with a premium plan
This document delves into the fundamental concepts of system access security, focusing on authentication and authorization. It explores various authentication factors, including knowledge, possession, and inherence, and provides examples of each. The document also discusses the vulnerabilities of passwords, including common attack strategies and countermeasures. It highlights the importance of strong password policies and the use of salt to enhance security. Additionally, it examines password cracking techniques and emphasizes the need for robust password management practices.
Typology: Exams
1 / 131
This page cannot be seen from the preview
Don't miss anything!





























































































2
Authorization
A widely used line of defense against intruders is a password system Virtually all multiuser systems, network-based servers, web- based ecommerce sites, and other similar services require that a user provide not only a name or identifier (ID) but also a password The ID provides security in the following ways:
authentication mechanism
Despite many security vulnerabilities, passwords remain the most commonly used user authentication technique Reasons for the persistent popularity of passwords are: Techniques that utilize client- side hardware, such as fingerprint scanners and smart card readers, require the implementation of the appropriate user authentication software to exploit this hardware on both the client and server systems Physical tokens, such as smart cards, are expensive and/or inconvenient to carry around, especially if multiple tokens are needed Schemes that rely on a single sign- on to multiple services create a single point of security risk Automated password managers that relieve users of the burden of knowing and entering passwords have poor support for roaming and synchronization across multiple client platforms, and their usability had not been adequately researched
Salt
slow hash function** User ID Salt Hash code Load Password Password File (a) Loading a new password Password File User id User ID Salt Hash code Select Salt Hashed password (b) Verifying a password Figure 10.4 UNIX Password Scheme Compare Password slow hash function