Ch. 3 - Vocab

Question 1

biometric

Answer 1

attempts to authenticate an individual based on their unique physical characteristics

Question 2

challenge-response protocol

Answer 2

computer generates a challenge, while the smart token generates a response

Question 3

claimant

Answer 3

party to be authenticated

Question 4

credential

Answer 4

data structure that binds an identity to a token possessed by a subscriber

Question 5

credential service provider

Answer 5

provides an electronic credential to the subscriber

Question 6

dynamic biometric

Answer 6

characteristics based on what you do, these includes voice and signature

Question 7

enroll

Answer 7

extraction of a set of biometric features that can be stored as a set of number

Question 8

hashed password

Answer 8

password and salt serve as inputs to a hashing algorithm to produce a hash code

Question 9

identification

Answer 9

individual uses a biometric sensor but presents no additional information

Question 10

memory card

Answer 10

can store but not process data, usually has a magnetic strip in the back

Question 11

nonce

Answer 11

an arbitrary number that can be used just once in a cryptographic communication

Question 12

password

Answer 12

a memorized secret, typically a string of characters, usually used to confirm the identity of a user

Question 13

rainbow table

Answer 13

a table consisting a list of hash values corresponding to a large number possible passwords with each salt value

Question 14

registration authority

Answer 14

trusted entity that vouches for the identity of an applicant to a CSP

Question 15

relying party

Answer 15

the party who uses authenticated information provided by the verifier to make access control decisions

Question 16

salt

Answer 16

a random value combined with a password to generate a hash, making it more difficult to apply a dictionary attack

Question 17

shadow password file

Answer 17

a separate place for hashed password from user IDs, needs root permissions to access this

Question 18

smart card

Answer 18

a physical electronic authorization device, used to control access to a resource

Question 19

static biometric

Answer 19

characteristics based on who you are; these include the hand, face, finger, retina, and iris

Question 20

subscriber

Answer 20

is provided a credential by the CSP

Question 21

token

Answer 21

objects that a user possesses for the purpose of user authentication

Question 22

user authentication

Answer 22

user’s identity is verified and this identity is used to make access control decisions

Question 23

verification

Answer 23

user enters a PIN and uses a biometric sensor

Question 24

verifier

Answer 24

party verifying that identity