Authentication and Account Management

Get Started. It's Free
or sign up with your email address
Authentication and Account Management by Mind Map: Authentication and Account Management

1. Authentication Credintials

1.1. What you know: Password

1.1.1. Attacks on password Social engineering Resetting Online guessing Offline cracking Brute force Dictionary attack

1.1.2. Password defenses Creating strong passwords Managing passwords Password supplements rely on technology rather than human memory Password management applications

1.1.3. Creating strong passwords

1.1.4. Managing passwords

1.1.5. Password weakness

1.2. What you have: token and cards

1.2.1. Tokens The token and authentication server have the same agorithm and time setting

1.2.2. Cards Smart Cards one type of smart card is Common Access Card (CAC)

1.3. What you are: Biomentrix

1.3.1. Standard Biometrics Face Hands Eyes

1.3.2. Behavioral Biometrics Keystroke dynamics dwell time flight time Voice recognition Computer footprinting Geographic location Time of day ISP PC Configuration

1.3.3. Cognitive Biometrics Identify specific faces Based on life experience

2. Single SignOn

2.1. Windows Live ID

2.1.1. Centralized and uses Cookies

2.2. Open ID

2.2.1. Decentralized open source FIM

2.3. Opne Authorization (OAuth)

2.3.1. Relies on Tokens

2.4. The idea behind identity management is using a single authentication credential that is shared across multiple networks. When the networks are owned by different organizations, it is call Federated Identity Management (FIM)

3. Account Management

3.1. Group password settings

3.1.1. Password policy settings Password setting objects Enforce password history Maximum password age Minimum password age Minimum password length Complexity requirements Reversible encryption

3.1.2. Account lockout policy settings Account lockout duration Account lockout threshold Reset account lockout counter after

4. Trusted Operating Systems

4.1. Can have basic flaws

4.1.1. millions of lines of code making vulnerabilities difficult to recognize

4.1.2. do not isolate apps from each other

4.1.3. lack a facility for apps to authenticate themselves to each other

4.1.4. Cannot create a trusted path between users and apps

4.1.5. Do not use the principle of least privilege