Access Control Access Control - Two parts to access control…
- Authentication: Are you who you say you are?
- Authorization: Are you allowed to do that?
- Once you have access, what can you do?
- Enforces limits on actions
- Note: “access control” often used as synonym for authorization
Chapter 7: Authentication Guard: Halt! Who goes there? Arthur: It is I, Arthur, son of Uther Pendragon, defeater of the Saxons, sovereign of all England! Monty Python and the Holy Grail Then said they unto him, Say now Shibboleth: and he said Sibboleth: for he could not frame to pronounce it right. Then they took him, and slew him at the passages of Jordan: and there fell at that time of the Ephraimites forty and two thousand. Judges 12:6 Are You Who You Say You Are? - Authenticate a human to a machine?
- Can be based on…
- Something you know
- Something you have
- Something you are
- For example, your fingerprint
Something You Know - Passwords
- Lots of things act as passwords!
Trouble with Passwords - “Passwords are one of the biggest practical problems facing security engineers today.”
- “Humans are incapable of securely storing high-quality cryptographic keys, and they have unacceptable speed and accuracy when performing cryptographic operations. (They are also large, expensive to maintain, difficult to manage, and they pollute the environment. It is astonishing that these devices continue to be manufactured and deployed.)”
Chia sẻ với bạn bè của bạn: |