Wednesday, 9 January 2019

User Authentication in OS Security

Problem: how does the computer know who you are?

Solution: use authentication to identify
  • Something the user knows
  • Something the user has
  • Something the user is
This must be done before user can use the system

Important: from the computer's point of view...
  • Anyone who can duplicate your ID is you
  • Fooling a computer isn't all that hard...

There are two types of authentication
  • External : verify the user
             Usually username/password combination
       May require two passwords or other identification
  • Internal : verify the process
               Don't allow one users process to appear to be that of another user


Dealing with Passwords

Password should be memorable
  • Users shouldn't need to write them down!
  • Users should be able to recall them easily
Solution: use hashing to hide "real" password
  • One-way function converting password to meaningless string of digits (UNIX password hash, MD5, SHA-1)
  • Difficult to find another password that hashes to the same random-looking string
  • Knowing the hashed value and hash function gives no clue to the original password.

Authentication using bio-metrics

Use basic body properties to prove identity

Examples include
  • Fingerprints
  • Voice
  • Hand size
  • Retina patterns
  • Iris Patterns
  • Facial features
Potential problems
  • Duplicating the measurement
  • Stealing it from its original owner?


0 Comments:

Post a Comment

Popular Posts

Categories

Android (21) AngularJS (1) Books (3) C (75) C++ (81) Data Strucures (4) Engineering (13) FPL (17) HTML&CSS (38) IS (25) Java (85) PHP (20) Python (83) R (68) Selenium Webdriver (2) Software (13) SQL (27)