Section 19: Authentication Flashcards
what are the five different kinds of authentication?
Knowledge
Ownership
Characteristic
Location
Action
Username and password are only considered ________ authentication
single-factor
Time-based one time password
a password is computed from a shared secret and current time
HMAC based on time password
a password is computed from a shared secret and is synchronized between the client and the server
context aware authentication
process to check the user’s or system’s attributes or characteristics prior to allowing it to connect (limiting time or day you can log on or location)
Single sign on
a default user profile for each user is created and linked with all of the resources needed
Federated Identity Management
A single identity is created for a user and shared with all of the organizations in a federation
Cross Certification
Utilizes a web of trust between organizations where each one certifies the other (smaller batch of corporations)
Trusted ThirdiParty
Organizations are able to place their trust in a single third part
SAML
Built upon XML and used for authentication (Security Assertion Markup Language)
OpenID
An open standard and decentralized protocol to authenticate users (Google uses this)
802.1x
Standardized framework used for port based authentication (uses RADIUS and TACACS+, your choice)
802.1x is great for preventing
Rogue devices
LDAP
Database used to centralize information about clients and objects on the network (active directory is Microsoft’s version of this)
Kerberos
An authentication protocol used by Windows to provide for two-way or mutual authentication (port 88) a domain controller can be a single point of failure for Kerberos (to combat people have primary and secondary DC)