Access Control



tải về 2.19 Mb.
trang1/15
Chuyển đổi dữ liệu01.03.2024
Kích2.19 Mb.
#56689
  1   2   3   4   5   6   7   8   9   ...   15
Lecture 04 Access control new (1)

Access Control

Access Control

  • Two parts to access control…
  • Authentication: Are you who you say you are?
  • Authorization: Are you allowed to do that?
    • Once you have access, what can you do?
    • Enforces limits on actions
  • Note: “access control” often used as synonym for authorization

Chapter 7: Authentication

Guard: Halt! Who goes there?

Arthur: It is I, Arthur, son of Uther Pendragon,

from the castle of Camelot. King of the Britons,

defeater of the Saxons, sovereign of all England!

Monty Python and the Holy Grail

Then said they unto him, Say now Shibboleth:

and he said Sibboleth: for he could not frame to pronounce it right.

Then they took him, and slew him at the passages of Jordan:

and there fell at that time of the Ephraimites forty and two thousand.

Judges 12:6

Are You Who You Say You Are?

  • Authenticate a human to a machine?
  • Can be based on…
    • Something you know
    • Something you have
      • For example, a smartcard
    • Something you are
      • For example, your fingerprint

Something You Know

  • Passwords
  • Lots of things act as passwords!

Trouble with Passwords

  • “Passwords are one of the biggest practical problems facing security engineers today.”
  • “Humans are incapable of securely storing high-quality cryptographic keys, and they have unacceptable speed and accuracy when performing cryptographic operations. (They are also large, expensive to maintain, difficult to manage, and they pollute the environment. It is astonishing that these devices continue to be manufactured and deployed.)”

tải về 2.19 Mb.

Chia sẻ với bạn bè của bạn:
  1   2   3   4   5   6   7   8   9   ...   15



Cơ sở dữ liệu được bảo vệ bởi bản quyền ©hocday.com 2024
được sử dụng cho việc quản lý
    Quê hương
BÁO CÁO
Tài liệu