Access Control Technologies 4.3 Flashcards
Proximity Cards
Used for smart cards from close range. The card is a powerless device but inducts power from the reader. The card is not a large data storage device. It’s often used as an identifier for things like door access, library cards, payment systems. The identifier is linked to data stored elsewhere.
Smart Cards
Integrated circuit card, contact or contactless. Common on credit cards but also used for access control cards. Must have a physical card to slide into a reader to provide digital access. It has a digital certificate so you can cryptographically identify who is using the card. It is commonly paired with a PIN or password.
Biometric Factors
Becoming more common to see fingerprint scanners, retinal scanners, iris scanners, voice recognition, or facial recognition.
Biometric Acceptance Rates
Access via biometrics isn’t a perfect science. We measure how well biometrics are working by using a False Acceptance Rate (FAR), False Rejection Rate (FRR), and compare the systems by using a Crossover Error Rate (CER). CER is when FAR and FRR are equal values.
Token Generators
Uses pseudo-random pin. Its what a WoW authenticator is. Can have an actual physical item or use your phone.
HMAC Based One Time Password (HOTP)
A pre-defined list of passwords. You use a password once, and never again. Each authentication attempt consumes one password.
Tome Based One Time Password (TOTP)
Authenticate via a secret key and the time of day. They key is configured ahead of time and the timestamp is synchronized via network time protocol (NTP). They are usually on 30s timeframes. Common methods used by Google, FB, Microsoft.
Certificate Based Authentication
Smart card has a private key. Federal government uses a Personal Identity Verification (PIV) card. Has pictures, identification info. Military uses Common Access Card (CAC). Could also put a certificate on a mobile device or laptop. Uses IEEE 802.1x.