Authentication and Authorization Flashcards
What is Kerberos?
A protocol used in active directory services to be able to access that database from an external device.
What is LDAP?
Lightweight Directory Access Protocol.
Used in active directory services to be able to access that database from an external device.
What is Federation?
Federation provides the ability to authenticate with a network using a different service’s credentials.
Think ‘log in with google’
What is Remote Attestation?
Attestation is a way of proving that the hardware that is connecting into your network is something that you have set up and decided as trustworthy.
Remote attestation is when a device provides a report to a verification server, which will then provide that device access to the network, or reject it. This attestation report is usually encrypted and digitally signed using keys that are located on the TPM(trusted platform module) of that remote device. This report might also include a unique identifier for that hardware like a IMEI (international mobile equiment identity number)
What is a token generator? What about a TOTP?
A token generator is a useful authentication factor and can spawn a pseudo random number that is used during the login process. It might be a physical device that can fit on a keyring, or an app on your phone.
Usually this sort of technology will be used for a Time-based One-time Password algorithm(TOTP) which will be used as a factor in authentication. You will use this pseudo random number usually after or combined with your username and password. The number usually will stay valid for 30 seconds at a time.
Think google authenticator.
What it HOTP?
HMAC-based One Time Password algorithm(HOTP) is when you are provided with a one time password list and each time you use one that password is no longer valid for authentication.
Think of when you are given multiple backup emergency passwords that you must keep written down or on a piece of paper. Once you use one you can cross it out.
What authentication factors never change? and are just something you have to remember?
Such as your pin number associated with your debit card. Or a password
Static codes
What is a smart card authentication device?
A card with a built in chip on it containing a digital certificate.
Such as the chip on your debit card.
In biometrics what is FRR and FAR?
False rejection rate (FRR) is when a biometric will falsely reject a person based on their biometric values even though they are in fact offering the correct “thing they are”
False acceptance rate(FAR) is effectively the opposite, allowing people to be accepted even though they are not offering the correct “thing they are”
In biometrics what is CER?
Crossover Error Rate(CER) defines the overall accuracy of a biometric system and is the rate at which FRR and FAR are equal.
What are the 3 possible factors involved in authentication?
Something you are
Something you know
Something you have
In authentication, other then the 3 normal factors (something you are, have, know) what are the attributes you can add on?
Something can do
Someone you know
Somewhere you are
Something you exhibit
