Lecture 23: May 19, 2021
Reading
:
text
, §13.5–13.9, 16.1
Due
: Homework 4, due May 24; Lab 3, due May 26
Password aging
Pick age so when password is guessed, it’s no longer valid
Implementation: track previous passwords vs. upper, lower time bounds
Ultimate in aging: One-Time Password
Password is valid for only one use
May work from list, or new password may be generated from old by a function
Challenge-response systems
Computer issues challenge, user presents response to verify secret information known/item possessed
Example operations:
f
(
x
) =
x
+1, random, string (for users without computers), time of day, computer sends
E
(
x
), you answer
E
(
D
(
E
(
x
))+1)
Note: password never sent over network
Biometrics
Depend on physical characteristics
Examples: pattern of typing (remarkably effective), retinal scans, etc.
Location
Bind user to some location detection device (human, GPS)
Authenticate by location of the device
Multi-factor authentication
Access Control Lists
Full access control lists
Abbreviations (UNIX method)
Matt Bishop
Office: 2209 Watershed Sciences
Phone: +1 (530) 752-8060
Email:
[email protected]
ECS 135, Computer Security
Version of May 20, 2021 at 11:57PM
You can also obtain a PDF version of this.