CPSC 506

Computer Security I
<MEETING TIME AND INSTRUCTOR>
WEEK 1

1
Course Objectives
Appreciate the complex and multi-dimensional aspects of security
Understand the categories of attacks—in what contexts they can happen and
what kind of damage they can do.
Understand the primary defenses—what they do and don’t prevent
Be able to break down and analyze a real-world security problem
Gain basic skills in OS & Network security configuration

2
Course Topic Outline
Fundamental Concepts Cryptographic Defenses
◦ What do we mean by “Computer Security”? ◦ Secure network protocols
◦ Attacks and defenses ◦ Wi-Fi security
◦ Nature of the practice of security
Human Factors in security
Elements of the Secure Perimeter ◦ Security as a human decision-making process
◦ Authentication ◦ Organizational policy
◦ Access Control ◦ Legal and ethical factors

Network Attacks and Defenses

◦ DDOS attacks, botnets
◦ Intrusion detection
◦ Firewalls

3
What’s missing?
There are too many topics in Computer Security to cover in one course.
This first course focuses on Network and OS security.
The second course goes in depth into issues related to software security.

4
Course Grading
Weekly Written homeworks 30%
Exam 1 (4th Week) 15%
Exam 2 (8th Week) 15%
Research paper discussion 20%
Lab projects 20%

Lab projects and research papers alternate weeks.

See syllabus for details and dates.

5
The Textbook
Stallings & Brown, Computer Security:
Principles and Practice 3rd ed.
Reading assignments will be given for relevant
chapters/sections, to be completed before
lecture.

6
The Blackboard Site
All relevant slides, assignments, and communications will be posted on Blackboard. Please
familiarize yourself with the organization of this course’s Blackboard site.

Because of the importance of staying informed about course updates, it is a class requirement
to check your Lewis email account (the one that Blackboard announcements go to) once per
class day.

7
Security-related Certifications
CompTIA Security+ http://
certification.comptia.org/getCertified/certifications/security.aspx
◦ 90 minutes, 90 multiple choice and performance-based questions
◦ Recommended to have two years of experience
CISSP
◦ Much more advanced, requiring 2 years experience and a 6-hour exam
(“Master’s level”)
◦ Based on the Common Body of Knowledge
This course will help you prepare for the Security+ exam, should you wish to
take it, but there is no guarantee of covering every topic on the exam.

8
Supplementary Materials
The Lewis library provides free access to a large number of eBooks on technical subjects. I
encourage you to take advantage of it.
EBSCO eBook Academic Collection
◦ http://www.lewisu.edu/goto/gotoURL.asp?x=117
◦ Or find the link from the library website
◦ From off-campus, you’ll have to log in
◦ Make a username and save books to a personal folder

9
Questions, concerns?
<office hours go here>
Please email me for an appointment or about any concern.

10
Security Concepts
(1.1 – 1.3)

11
Real-world Security Breach #1
Ukraine Power Grid Hack
On December 23, 2015, attackers broke in and
took control of the industrial control systems at
three regional power firms in the Ukraine and
shut off the lights – 103 cities blacked out
A highly sophisticated, coordinated attack
Operators in the Prykarpattya Oblenergo control
center actually saw the mouse pointer move on
the screen and press buttons to shut off the
substation; they were powerless to stop it.
Source: https
The power control systems that were hacked ://www.wired.com/2016/03/inside-cunning-unprecedented-hack-ukr
were more secure than some in the US. aines-power-grid
/

12
Security is a broad and complex area
Security concerns enter into every aspect of the computer/network system: Applications,
Operating Systems, Servers, Routers, Network protocols, Physical Security, Human Users,
Management policies
The practice of security requires knowledge of many areas, theoretical and applied
◦ Networking, operating systems, architecture, algorithms, even machine learning

New technologies are constantly being developed and deployed, making the security landscape
ever more complex
“Bad guys’ advantage”: to cause damage, a hacker only has to find one exploitable vulnerability
in a system; to secure a system, you have to defend against all conceivable attacks.
Brings in privacy, ethical, and legal issues

13
A Definition of Computer and Network
Security

The practice of computer and network security consists of:

deploying countermeasures to protect computer-related assets from
a variety of threats.

When you’re a network or computer security professional, what are you really
paid to protect?

14
Vocabulary, Take 1
Asset: Threat agent or Adversary:
Something that is valuable to its owner. E.g., The (hypothetical or real) party that carries
hardware, software, networks, data, services out an attack.
Vulnerability: Risk:
A weakness in a system that could be An expectation of loss, expressed as a
exploited to violate the security policy. probability that a threat will exploit a
vulnerability with a given harmful result.
Threat:
A possible way that a system’s vulnerability Countermeasure:
may be exploited. An action taken to lessen or remove a
vulnerability, thereby increasing the security of
Attack: a system.
A threat carried out.

15
Interrelation of Concepts
Defining of Computer and Network
Security with the CIA triad
Security is about preserving the confidentiality, integrity, and availability of computer-related
assets.
1. Confidentiality
◦ Preventing unauthorized disclosure of information
◦ What’s private stays private

2. Integrity
◦ Guarding against improper modification or destruction
◦ Things don’t change that aren’t supposed to change

3. Availability
◦ Ensuring timely and reliable access to information and functionality
◦ The system continues to provide the services it’s meant to provide.

17
Security breach examples – C, I, or A?
A hospital has a database of patient medication allergies. An employee who is authorized to
view and update this database deliberately changes some entries in the database to incorrect
ones and deletes others.
◦ Primarily an integrity violation

A university’s web site suffers a denial-of-service attack that prevents students from accessing
class registration services.
◦ Primarily an availability violation

A graduate student doing research with medical patient data accidentally puts the data files in a
folder that is visible on the internet.
◦ Primarily a confidentiality violation

18
Examples of attacks damaging
Confidentiality
Sniffing a user’s password and logging in to view that user’s personal data
Intercepting and reading network traffic between computers
Malware that reads a user’s keystrokes
Using an existing account to read data that has accidentally been left uprotected

19
Attacks damaging Integrity
A student altering grades in a school database
Replacing system software with modified versions to alter their function

20
Attacks damaging Availability
Overloading a system so that it cannot function as normal
A virus that slows down the computer’s operation
Obstructing communication between machines

What about the attack on the Ukraine electrical grid? C, I, or A?

21
Two additional aspects of security
Authenticity: Being genuine; able to be verified and trusted
◦ It comes from who it says it’s from
◦ Sometimes included under “integrity”
◦ More of a user-based than system-based notion

Accountability: Actions of an entity can be uniquely traced to that entity

◦ Only comes into play in the recovery stage, not defensive stages (see below)
◦ Non-repudiation: an entity cannot deny what they have said or done

22
Level of Impact
How severe the impact of a threat is judged to be.
Low
◦ “limited effect”, “minor damage”

Moderate
◦ “serious adverse affect”, “significant damage”

High
◦ “catastrophic adverse effect”, “severe harm,” “loss of life”

Important because you can never secure everything perfectly; security practice requires
assessing the relative severity and relative likelihood of threats: risk assessment.

23
Categorizing Attacks
Active attack
◦ An attempt to alter system resources or operation

Passive attack
◦ An attempt to gain information from a system without
affecting system resources

Inside attack
◦ An attack initiated by an individual who is authorized
to access system resources, that is, inside the security
perimeter.

Outside attack
◦ An attack initiated from outside the security perimeter.

24
The Practice of Security
(1.4 – 1.6)

25
Secure System Design (1.4)
Many of our current security woes are because our computer and network systems were
designed haphazardly, or without security in mind.
Too much security work is just compensating for bad design!
Many design principles that are good for security are also good design principles in general.
The 8 principles we will discuss date back to 1975.

26
 Secure Design Principles and examples
of breaking them
1. Economy of mechanism
◦ Use the smallest, simplest set of hardware/software that does what you want.
◦ The fewer moving pieces a system has, the less there is to exploit.
◦ Antithesis: “feature creep” (in hardware as well as software)

2. Fail-safe defaults
◦ The default setting should be the one that keeps things locked down. Then they can be opened up if needed.
◦ Antithesis: The config file that ships a with database package gives everyone access by default

3. Complete mediation
◦ Every action should be checked against the access control mechanism.
◦ Antithesis: permissions are never checked again after initial authentication

4. Open design
◦ The design of a security mechanism should not be the secret part; openness allows testing and verification.
◦ Antithesis: “We don’t tell what encryption algorithm our software uses, so it’s even more secure!”

27
Secure Design Principles (cont’d)
5. Separation of Privilege
◦ Use different privilege attributes for different actions
◦ Antithesis: A single “administrator” account with permissions to do everything

6. Least Privilege
◦ Each process and user should have the minimum set of privileges needed to perform their tasks.
◦ Antithesis: users accumulate privileges over time, which are never revoked.

7. Least Common Mechanism

◦ Minimize the functions shared between users
◦ Antithesis: Most users are in the same class with a broad spectrum of permissions.

8. Psychological acceptability
◦ The security mechanism should not be so annoying that it makes users turn it off or circumvent it.
◦ Antithesis: The security mechanism locks the screen for highly frequent operations.

28
Attack Surface (1.5)
The set of reachable points that can potentially be targets of attack in a system is known as its
attack surface.
Examples:
◦ Open network ports
◦ Web applications
◦ Input processing code
◦ Machines on a network with a public IP address.

A core principle of securing systems is minimizing the attack

surface: reducing the number of things exposed to a potential
attacker.

29
Practice of Security (1.6)
Security is no accident.
Need for a principled, rigorous approach in order to manage complexity and not be caught off-
guard (remember the bad guys’ advantage)
Making systems secure is not a one-shot job, but a process that continuously analyzes new data
and incorporates feedback.

30
Three Types of Security Activities
Prevention
◦ What you do before an attack happens
◦ Analysis of the assets and configuration, finding potential vulnerabilities
Which one
◦ Putting defenses in place to create a secure perimeter. should take
Detection
priority?
◦ What you do during an attack
◦ Determining that an attack is happening or has happened
◦ Recording evidence and taking rapid action to mitigate the attack and its effects

Response
◦ What you do after an attack
◦ Recovering from the incident, restoring trust and normal services
◦ Using evidence collected during detection to start an investigation

31
Three Stages of Security Practice
The approach to securing systems can be divided up into three logical stages:
Specification
◦ Understanding the system’s function and developing a policy to clarify what secure operation consists
of.

Implementation
◦ Choosing and deploying countermeasures.

Assurance
◦ Continuous testing to gain confidence that the system is secured as claimed.
◦ Information fed back into the cycle.

32
User Authentication
(Ch. 3)

33
Two pillars of defense
Two elements go a long way toward defining the secure perimeter:
User Authentication: who can use the system and its resources
◦ Think “logging in”, but in a broader context

Access Control: what users are allowed to do (data they may access and actions they may
perform)
◦ Key term: “permissions”

A system that does not have these two elements in some form has no security.
The type of authentication and access control a system has implicitly defines its security policy.

34
User Authentication
User authentication is about access for providing use of resources; it’s about
proving that the user herself is who she claims to be.

Technologies for user authentication are typically the first line of defense of any
computer system—the “front door”

35
Fundamental Principle of Authentication
Permissions in computer systems are given on the basis of identity.

So we need methods of establishing the identity of users or system entities with

high confidence
◦ This is the first line of defense of a system: who we “let in”

36
Definition of User Authentication
User Authentication is the process of verifying the identity of a user to a system.
It has two steps:
1. Identification step
◦ “Who are you?”
◦ Most commonly: username

2. Verification step
◦ “Prove it.”
◦ Many possibilities: Password, two-factor authentication, challenge-response, verification email, token
(card + PIN), biometrics

37
What do User ID’s really do?
Apart from passwords, user ID’s themselves are a security mechanism.
They define which users are allowed to access the system.
They define which privileges and which resources can be accessed by each user.
◦ Thus, they are a key part of the definition of the system security policy.

They help social norms about identity and private property carry over into the computer realm.
◦ When a person logs in to their personal account, they are acting as themselves
◦ Provides basic accountability

38
Assurance Level in Authentication
NIST SP-800-63-2 defines four levels of Very High Confidence
confidence in asserted identity: ◦ Multiple factors plus in-person registration
Little or no confidence ◦ Example: access to a law-enforcement database
◦ Example: Discussion board registration, simple
username and password

Some Confidence
◦ Secure authentication protocol, e.g. verification Expected level of impact of an authentication
code through traceable email address error: Low, medium, and high.
◦ Example: online payment of a cable bill
◦ The security professional must consider how
High Confidence serious an authentication error would be, and
◦ At least two independent authentication deploy an authentication system that achieves a
techniques (two-factor)
matching level of confidence.
◦ Example: Patent attorney submits application to
Patent Office

39
Four means of proving user identity
• Something the individual knows:
◦ password, a personal identification number (PIN), or answers to a prearranged set of questions.

• Something the individual possesses:

◦ Examples include electronic keycards, smart cards, and physical keys. This type of authenticator is
referred to as a token.

• Something the individual is (static biometrics):

◦ Examples include recognition by fingerprint, retina, and face.

• Something the individual does (dynamic biometrics):

◦ recognition by voice pattern, handwriting characteristics, typing rhythm.

Can be used alone or in combination. Do any seem inherently more secure? To what extent does
this depend on the quality of implementation?

40
Password-based Authentication (3.2)
The most commonly used user authentication technique.
At account creation, user is assigned a user ID, then chooses a password.
At authentication time, must enter the correct password associated with that ID.
Many security problems…but not likely to go away anytime soon.

41
How Passwords are Stored and Checked
User passwords must never be stored in unencrypted (plaintext) form.
◦ Anyone who has gains access to the system can read all the passwords.

Idea 1: store passwords in encrypted form and have the system decrypt them to check them
when the user logs in.
◦ However, decryption requires a key.
◦ Where should the key be stored? If an attacker can break in and obtain the key, it’s no benefit over
storing plaintext.

Is there a way to check if the user has entered the correct password, without ever decrypting it?
◦ Yes, using secure hash functions
◦ The system never stores passwords directly, but only hashes of the passwords
◦ When user’s types their password, it is hashed and compared to the stored hash.

42
43
Attacks against hashed-password
authentication
The obvious way to attack password-based authentication is to try guessing passwords.
Trying to guess a password at the login prompt is called an online password attack.
◦ To protect against this, systems insert delays and lockout after a number of wrong password guesses
◦ Online attacks are usually not effective unless the password is very easy to guess.

If an attacker breaks into the machine and steals the password database, they can carry out a
much more serious offline attack.
◦ Can hash and try passwords directly against the database, as fast as possible, on their own machine—
no delays or lockout.
◦ Attacker usually has a large dictionary of common passwords to try—offline dictionary attack.

How can we reduce the effectiveness of offline attacks?

1. Use a hash function that is slow to compute, to limit the number of guesses the attacker can make
2. Use salt in the hashing.

44
What is hash salting?
Many people use common, insecure passwords or the same password for multiple accounts
◦ “password”, “letmein”, “qwerty123”, “fluffy”, etc.

If an attacker gains access to a password file with a large number of usernames and passwords,
with high probability some of them will be common/poorly chosen passwords
◦ All they have to do is try hashing a bunch of common passwords to see if any of them match!
◦ High probability of obtaining recovering at least one user’s password, and further access to the system.
◦ Remember, it’s no use trying to keep the hash function secret – there aren’t that many that are trusted
to be secure (mostly the SHA-2 and SHA-3 families)

Solution: hash each user’s password together with a different, randomly generated string
known as the “salt”.
◦ The salt is not encrypted; it is displayed in the password file.

45
The password file /etc/shadow in Unix

46
Why salt helps
Even if two or more users choose the same password, the hash will be different, because the
salt is different.
Forces an attacker to try passwords separately for each user on each system
◦ Without, attacker can hash one password and check against all users’ hashes.

Salting can also be thought of as making a different hash function for each user.

47
 The 25 most common passwords of
2016
1. 123456 6. 1234567890 11. qwertyuiop 16. 7777777 21. google
2. 123456789 7. 1234567 12. mynoob 17. 1q2w3e4r 22. 1q2w3e4r5t
3. qwerty 8. password 13. 123321 18. 654321 23. 123qwe
4. 12345678 9. 123123 14. 666666 19. 555555 24. zxcvbnm
5. 111111 10. 987654321 15. 18atcskd2w 20. 3rjs1la7qe 25. 1q2w3e

Source: http://www.huffingtonpost.com/entry/2016-most-common-passwords_us_587f9663e4b0c147f0bc299d

48
The math of guessing passwords
The number of passwords of length , from an alphabet of size , is .
The expected number of guesses to find a password is half the total number of passwords.
◦ Why?

Example: 8 characters, lowercase letters and numbers:

◦ 36-character alphabet
◦ 368 = 2,821,109,907,456

49
Offline Attacks: Rainbow Tables
Attackers can precompute hashes for all possible salts for as many passwords as possible, storing
them in an efficient lookup table, known as a rainbow table.
◦ Hashes can be looked up in the table much more quickly than they can be computed, overcoming the
obstacle of slow hash functions.

Famous result of (Oeschlin 2003): Cracked 99.9% of all alphanumeric Windows password hashes
in 13.8 seconds, using a 1.4 GB table.
Using a long enough salt makes rainbow tables infeasible.
However, password crackers continue to become more sophisticated
◦ John the Ripper: well-maintained open-source password cracking tool

50
Summary of Password Weaknesses
Passwords can be lost/forgotten
Users can intentionally share or otherwise fail to protect passwords
Passwords can sometimes be guessed, especially if weak or reused
Passwords transmitted across a network may be subject to eavesdropping
Password files can be obtained at a system break-in, providing an easy target for offline
dictionary attacks
Password reset mechanisms may be a weak link

51
Attacks on Password-based
Authentication
STEALING PASSWORDS GUESSING PASSWORDS

Shoulder surfing Online Guessing

Phishing Offline Dictionary attack
Keylogging
Network Eavesdropping
Email access-reset

52
Strategies for strengthening password-
based authentication
Implement a system policy to require a minimum complexity or length of passwords or reject
bad passwords
Implement a policy of changing passwords regularly and not reusing previous passwords.
Make password reset use a second factor besides e-mail access.
Educate users on good password-choice strategies, and the consequences of choosing weak
passwords
Use password managers
◦ Allows unique, highly random passwords to be chosen for each account without the burden of
remembering; the password “vault” should be locked with a single, strong master password.
◦ Of course, the code of the password manager has to be trusted as well

Use an encrypted connection anywhere passwords may be transmitted

◦ Never use unencrypted telnet or FTP connections to log in to a remote machine

53
Benefit of requiring multiple character
classes
4-digit PIN: 104 = 10,000 possibilities
6-character password, lowercase a-z only: 266 = 308,915,776 possible passwords
6-character password, lower and uppercase: 526 = 19,770,609,664 passwords
(64 times as many passwords)
All 95 printable ASCII characters (including space): 95 6 = 735,091,890,625
Perhaps more importantly, if not required to use special characters, people tend to choose
passwords that are easy to guess (dictionary words)

54
Windows Password Policy Management
Accessible from “Local Security
Policy” or “Group Policy Editor”
apps

“Reversible encryption” means

the password is not hashed but
encrypted with a key so it can be
decrypted. Never do this!

55
Try this

http://www.passwordmeter.com/

56
Beyond Passwords

57
Two important terms
Multi-factor Authentication
Multi-factor authentication refers to authentication protocols that use more than one method
for establishing a user’s identity.
◦ Example: password + text message code
◦ All tests must be passed before the user is given access
◦ Can be chosen from the same or different of the four ways (knows, has, is, does)
◦ Thought to provide additional security over single-factor authentication.
◦ Forging or stealing two means of identification is more difficult than just one

Challenge-response Protocol
An authentication protocol which is carried out by the server asking questions and the user
giving responses
◦ Unlike passwords, the secret itself is never transmitted; rather, the client is asked to compute something
based on the secret.

58
Token-based Authentication (3.2)
Something the user “has”, unique for purposes of identification
Examples:
◦ Keys
◦ Prox card
◦ ATM card
◦ Pseudo-random number generator
◦ Diploma

Potential advantage over passwords: not as easy to disseminate

◦ If your token is lost, you (probably) know it and can freeze your account
◦ Should be something difficult to duplicate (either physically or functionally) or to extract information
from.
◦ But this also entails additional expense, which is why tokens are not used as often as passwords.

59
A Primitive Token: Memory Card
Card with a magnetic strip encoding user information:
◦ Account number, name, expiration date

Provides access to significant financial resources!

A two-factor authentication method: Card + PIN
Better than being able to pull out cash with nothing but a username and
password.
Weakness: The information on the strip can be easily read and copied.
Weakness: There are not that many different PINs to guess
Source: wikispaces.com

60
Real-world security threat: ATM
skimming
There have been incidents of thieves installing their
own card reader and keypad overlays on ATM’s,
allowing them to both copy the card information and
record the PIN when it is typed.

61
Smart Cards
A smart card is a token that has not just a memory strip but an embedded microprocessor.
◦ (Plus, obviously, some means of input/output, such as contacts or a radio)

A smart card can participate in a dynamic challenge-response protocol, in which identity can be
proven without revealing secret information.
◦ The chip never gives out its secret key.

Even if one or more authentication sessions are eavesdropped on, the information cannot be
used to impersonate the user.

62
Example smart-card authentication using
public-key cryptography
1. Reader scans the user’s identification (name/account number), which is forwarded to the
bank.
2. Bank, which has user’s public key, sends a random string as a challenge message.
3. The smart card’s microprocessor signs the challenge message using its embedded secret key
and outputs the signature.
4. The bank uses the public key to verify the signature and the identity of the user.

Why does this prevent skimming attacks?

◦ Every challenge message is different; so even though an eavesdropper records all sent messages,
without the secret key, they cannot authenticate a future session.
◦ Tamper-resistant hardware helps keep the secret key from being extracted.

63
Which password-based attacks does a
smart card prevent?
Shoulder surfing Eavesdropping: Man-in-the-middle
◦ Knowing only the PIN or password isn’t enough ◦ If a session is fully intercepted the attacker can
modify the transaction for that session
Phishing
◦ User doesn’t know information in smart card, so Online Guessing
can’t be enticed to reveal it ◦ Probability of success drastically reduced, since
secret is no longer a human-chosen password
Keylogging
◦ As long as the token isn’t compromised, logging Offline Dictionary attack
the password alone isn’t enough ◦ The server doesn’t have the information to verify
the client’s identity
Email reset
◦ Resetting password alone isn’t enough

64
What if the token is stolen?
STEALING PASSWORDS GUESSING PASSWORDS

Shoulder surfing Online Guessing

Phishing Offline Dictionary attack
Keylogging
Network Eavesdropping
Email access-reset

65
Biometric Authentication:
Something the user is or does
Static (is): Face, hand, retina, finger, iris
Dynamic (does): voice, signature, typing

All done by pattern-matching - machine learning algorithms

66
Basic Operation of a Biometric
Authentication System
Enrollment/registration phase: user presents the characteristic to the system (face, fingerprint,
eyeball, etc.)
◦ From the raw biometric data, the system extracts features, which are used to generate a template for
that user.
◦ Multiple samples may be taken, to construct a more accurate or robust template

Identification phase (at logon): user presents the characteristic to the system
◦ Feature extraction is performed again to generate a template, and this template is
compared to the user’s stored template to get a match score.
◦ If the score is higher than a predetermined threshold, the user is let in, otherwise
rejected

67
Accuracy of Biometric Authentication
For the first time, we have to consider issues of accuracy: biometric identification systems make
mistakes.
The error in biometric systems is two-sided. This means there are two ways the system can make
a mistake:
False match: The wrong person is let in
False nonmatch: The right person is locked out.
Which is worse?

All biometric systems involve a security-convenience tradeoff.

68
Overlapping
bell curves
The horizontal axis is the
match score; the further
right, the better the match.
The two bell curves represent
the range of match scores for
imposters and genuine users,
respectively.
If there is any overlap, perfect
identification is impossible.
The system must be
configured with a decision
threshold: access is denied
for any score below the
threshold.
69
Cost versus accuracy of biometric
characteristics

70
Case Study: The UAE’s Iris ID Program
The UAE has experienced rapid growth as a tourist and temporary worker destination.
Needed an efficient and accurate border control system.
◦ Of particular interest to the UAE was preventing expelled persons from re-entering the country.
◦ Passports and visas can be forged
◦ Iris scanning was chosen as the most efficient, safe, and foolproof system.

All expelled foreigners are subjected to an iris scan, taken with an infrared camera; the scan
information is stored in a centralized database.
Iris scanners installed at all 17 air, land, and sea ports into the UAE; each person
entering is scanned and their iris is matched against the entire database.
Claims that the system has prevented the return of > 300,000 deportees since 2003.
Potential adversary countermeasure: dilating eye drops.

71
Pluses and Minuses of Biometric
Authentication
Users don’t have to carry or remember anything; one’s own body is one’s proof of identity.
Very difficult to copy or steal credentials (but see fingerprints)
Biometric systems are currently more expensive to develop and deploy than other methods.
Inaccuracy is a potential source of both inconvenience and loss of security.

72
User Authentication – Summary
Definition and goals of user authentication
Implementation of password-based authentication
◦ Secure password selection
◦ Hashes and salt

Multi-factor and Challenge/response authentication

◦ How can they potentially provide higher confidence?

Token-based authentication
◦ Attributes needed for a secure token
◦ Potential advantages compared with password-based authentication
◦ Compare/contrast memory card and smart card as tokens

Biometric authentication
◦ Potential strengths and weaknesses compared to other methods

73
Assignments
1. Read through Chapters 1 & 3 of the textbook
2. Homework 1, posted on Blackboard
3. Reading research Paper and Discussion Board question
Research Paper reading and hands-on lab activities will be assigned on alternating weeks.

74