Wednesday, 9 January 2019

User Authentication in OS Security

Problem: how does the computer know who you are?

Solution: use authentication to identify
  • Something the user knows
  • Something the user has
  • Something the user is
This must be done before user can use the system

Important: from the computer's point of view...
  • Anyone who can duplicate your ID is you
  • Fooling a computer isn't all that hard...

There are two types of authentication
  • External : verify the user
             Usually username/password combination
       May require two passwords or other identification
  • Internal : verify the process
               Don't allow one users process to appear to be that of another user

Dealing with Passwords

Password should be memorable
  • Users shouldn't need to write them down!
  • Users should be able to recall them easily
Solution: use hashing to hide "real" password
  • One-way function converting password to meaningless string of digits (UNIX password hash, MD5, SHA-1)
  • Difficult to find another password that hashes to the same random-looking string
  • Knowing the hashed value and hash function gives no clue to the original password.

Authentication using bio-metrics

Use basic body properties to prove identity

Examples include
  • Fingerprints
  • Voice
  • Hand size
  • Retina patterns
  • Iris Patterns
  • Facial features
Potential problems
  • Duplicating the measurement
  • Stealing it from its original owner?


Post a Comment

Codecademy Code Foundations

Popular Posts


Android (23) AngularJS (1) Assembly Language (2) Books (10) C (75) C# (12) C++ (81) Course (1) Data Strucures (4) Downloads (1) Engineering (13) flutter (1) FPL (17) Hadoop (1) HTML&CSS (40) IS (25) Java (89) Leet Code (4) Pandas (1) PHP (20) Projects (19) Python (423) R (69) Selenium Webdriver (2) Software (14) SQL (27)