Identification and Authentication Flashcards

1
Q

Identification

A

Makes a claim about what someone or something is

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Authentication

A

Set of methods to establish whether a claim of identity is true

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

How can ID and authentication methods be fragile?

A

Rely on competence of person or system performing authentication

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Who we claim to be

A

Tenuous concept, based on things that can change, are not unique, or can be fabricated or faked

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Identity verification

A

Step beyond identification but short of authentication
Ex: show driver’s license, when send email, ID you provide is taken to be true and not authenticated
Reason for spam

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

Factors for authentication

A

Something you know
Something you are
Something you have
Something you do
Where you are

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

Something you know

A

Authentication factor
Ex: passwords, PINs
Somewhat weak because information may be exposed

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

Something you are

A

Authentication factor
Based on unique physical attributes of someone (biometrics)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

Something you have

A

Authentication factor
Based on physical possession, can extend into logical concepts
Ex: ID cards, software-based security tokens, access to logical devices, ie, email or cell phones

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

Something you do

A

Authentication factor
Based on actions or behaviors of individual; overlap with something you are
Ex: gait or handwriting
Higher rate of rejection of legit users

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

Where you are

A

Authentication factor
Requires person to be present at a specific location

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

Multifactor authentication

A

Uses one or more factors discussed

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

Mutual authentication

A

Both parties in a transaction authenticate each other. Typically software-based.
Digital certificates

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

Better name for a strong password?

A

Complex

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

Manual synchronization of passwords

A

Using the same password everywhere

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

What do you call the notation of elements of an image in biometrics?

A

Minutiae

17
Q

Characteristics of biometric factors (7)

A

Universality
Uniqueness
Permanence
Collectability
Performance
Acceptability
Circumvention

18
Q

Universality (biometric factor)

A

Must apply to majority of users expected to enroll

19
Q

Uniqueness (biometric factor)

A

Measure of how unique a characteristic is among individuals

20
Q

Permanence (biometric factor)

A

How well a characteristic resists change over time

21
Q

Collectability

A

How easy it is to acquire (log) a characteristic

22
Q

Performance (biometric factor)

A

How well a system functions based on factors such as speed, accuracy, and error rate

23
Q

Acceptability (biometric factor)

A

How acceptable the characteristic is to users of the system

24
Q

Circumvention (biometric factor)

A

How easy it is to trick a system by using a falsified biometric identifier

25
Q

Important metrics in biometric system

A

False acceptance rate (FAR)
False rejection rate (FRR)
Generally want these to be equal: equal error rate (EER)

26
Q

Flaws in biometric systems

A

Easy to forge some biometric identifiers, and once they’re forged it’s hard to re-enroll a user in the system
Biometric identifiers are finite
Once biometric identifier is in the system, you have little control over what happens to it