Mister Disagree

AUTHENTICATION & ACCES CONTROL

Authentication = Verification of identity of someone who generated some data.

= Relates to identity verification.

= Protection against active attack (falsification of data and transactions).

- Protection of passwords
¤Don’t keep your password to anybody.
¤Don’t write or login your password at everywhere.

- Choosing a good password
¤Criteria: Hard to guess and easy to remember
¤Characteristics: Not shorter than six characters & Not patterns from the keyboard.

- Calculations on password
¤Password population, N =rs
¤Probability of guessing a password = 1/N
¤Probability of success, P=nt/N

- Password Selecting Strategies:
¤User education
¤Computer-generated passwords
¤Reactive password checking
¤Proactive password checking

- Biometrics is the measurement and statistical analysis of biological data

- In IT, biometrics refers to technologies for measuring and analysing human body characteristics for authentication purposes

- Biometric Identifiers:

1) Universality
2) Uniqueness

3) Stability

4) Collectability
5) Performance

6) Acceptability
7)Forge resistance

- Static vs. dynamic biometric methods
¤Static (also called physiological) biometric methods – authentication based on a feature that is always present
¤Dynamic (also called behavioural) biometric methods – authentication based on a certain behaviour pattern

- Major components:
¤Data collection
¤Signal processing
¤Matching
¤Decision
¤Storage
¤Transmission