2.4 Summarize authentication and authorization design concepts Flashcards
Directory Service
Similar to a database but is used for fast and efficient data retrieval
LDAP
Lightweight Directory Access Protocol
The authentication, authorization, control for Active Directory.
AWS Managed Microsoft AD
This is related to Microsoft Active Directory.
Federation/Identity Federation
Management system for identifying and gaining access to multiple enterprises with one log in credential. Third party Credentials
Attestation
Organization checking credentials that it was supplied.
TOTP
Time-based One-Time Password
A password that is time
HOTP
HMAC-based One-Time Password
A algorithm password that is authenticated with a server. (Hash password that can have credentials for a long time. Think of IG one time passwords.
SMS (authentication)
Short Message Service
a Multifactor authentication by sending a verification to your phone.
Token Key/Dynamic Key
Token Keys rely on something physical you have like a card that has pin code. Dynamic key is the same thing but changes.
Static Codes
Codes that don’t change. Standard is that all static codes have crypto graphic protection.
Authentication Application
A app such as “Google Authentication” that issues a one time password for user authentication
Push Notifications
A notification will appear on the users devices and the user can deny or allow access from the notification.
Phone Calls (Authentication)
You receive a phone call to authenticate.
Smart Card Authentication
Card that has a chip (ICC) and within that ICC there is a long cryptographic token that cant be copied. Also there is pin associated with it.
Biometrics
getting authentication through unique body parts on a human.
Two part process:
Enrollment: turning biological parts into numeric value, which the template
Authenticate: Numeric value validated by computer
