Module-II
Arun Anoop M,
Asst. Professor(CSE),
MES College Of Engg.,
Kuttipuram.
02/10/15
Portions in Authentication
(Module II)
Authentication.
Authentication Methods.
Passwords.
Biometric and examples.
2 factor authentication.
Single sign on
Web cookies.
CAPTCHA
02/10/15
DEMO Section
02/10/15
http://www4.comp.polyu.edu.hk/~csd
zhang/Biocomuting/group09/BA/sysBA
.swf
http://www4.comp.polyu.edu.hk/~cs
dzhang/Biocomuting/group09/BA/wha
tBA.html
http://www4.comp.polyu.edu.hk/~csd
zhang/Biocomuting/group09/BA/appB
A.html
http://www4.comp.polyu.edu.hk/~csd
zhang/Biocomuting/gp_12/Mm.swf
http://www.godsp.com/apps_presentations/flashcon
02/10/15
Access Control
Two parts
Authentication:
Authorization:
Are you allowed to do that?
Authentication
choose your own method (and strength)
Authentication vs
Authorization
Authentication
Authorization
Authentication Methods
How
Authentication
Types
Strong
Authentication
KNOW
HAVE
ARE
*******
Something You
Know(example: PASSWORD)
Lots
o PIN
o Social security number
o Mothers maiden name
o Date of birth
o Name of your pet, etc.
ARUN ANOOP M,AP,CSE dept.,MESCE Kuttipuram
Keys vs Passwords
Crypto keys
64 bits
cryptographic keys
Then 264 keys
Choose key at
random.
Then attacker must
try about 263 keys
Passwords
8 characters long
with 256 possible
choices for each
characters.
264 possible pwds
Users do not select
passwords at random
Attacker has
263pwds to try
o
o
o
o
o
o
o
passwords
Good
frank
Fido
password
4444
Pikachu
102560
AustinStamp
Passwords?
o jfIej,43j-EmmL+y
o 09864376537263
o P0kem0N
o FSa7Yago
o 0nceuP0nAt1m8
o PokeGCTall150
Password File?
Bad
But
Salt
Passwords
Biometrics
Two categories of
biometrics:
Biometric
o You are your key
Examples
Schneier
o Fingerprint
o Handwritten signature
o Facial recognition
o Speech recognition
o Gait (walking) recognition
Are
Know
Have
Why Biometrics?
Biometric Modes
Identification
Authentication
Identification:
Enrollment vs Recognition
Enrollment phase
o Subjects biometric info put into database.
o A sample of biometric trait is captured,
Recognition phase
o Biometric system authenticates a person's
Biometric Errors
o Insult
For example
o 99% voiceprint match low fraud, high insult
o 30% voiceprint match high fraud, low insult
BIOMETRIC EXAMPLES
1)Facial
recognition
2)Finger print verification
3)Hand Geometry
4)Retina Scanning
5)Iris scanning
6)Voice Verification
7)Signature verification
ARUN ANOOP M,AP,CSE dept.,MESCE Kuttipuram
BIOMETRIC EXAMPLES
FINGERPRINTS
HAND
GEOMETRY
IRIS SCAN
BIOMETRIC ERROR RATES
BIOMETRIC CONCLUSION
Fingerprint[1]
Were
Stages
Fingerprint Comparison
Examples of loops, whorls, and arches
Minutia(points) extracted from these
features
Loop (double)
Whorl
Arch
Fingerprint: Enrollment
Enhance image
Identify points
Fingerprint: Recognition
Hand Geometry[2]
A popular biometric
Measures shape of hand
etc.
Hand Geometry
Advantages
o Quick
Iris Scan[3]
Best
for authentication.
Pattern
Captured
Stored Image
Image Pattern
Pattern
Mapping patterns
Iris Patterns
[1]
[2]
[4]
[3]
256Byte
[5]
Match
Non-match data
Provides
information on
fraud rate
Match data
Provide
information
on insult
rate
Match
To
arunanoopm@gmail.com
+919497394076