Vous êtes sur la page 1sur 1

LQ3: Explain and give example of what is Authentication methods?

Access control consists of all policies and procedures a company uses to prevent improper access to systems by unauthorized insiders and outsiders. To gain access a user must be authorized and authenticated. Authentication refers to the ability to know that a person is who he or she claims to be. Access control software is designed to allow only authorized user to use system or to access date using some method for authentication. Authentication is often established by using passwords known only to authorized users. An end user uses a password to log on to a computer system and may also use passwords for accessing specific system and files. However, users often forget passwords, share them, or choose poor passwords that are easy to guess, which compromises security. Password systems that are too rigorous hinder employee productivity. When employee must change complex passwords frequently, they often take shortcuts, such as choosing passwords that are easy to guess or writing down their passwords at their workstations in plain view. Passwords can also be sniffed if transmitted over a network or stolen through social engineering. New authentication technologies, such as tokens, smart cards, and biometric authentication, overcome some of these problems. A token is a physical device, similar to an identification card, that is designed to prove the identity of a single user. Tokens are small gadgets that typically fit on key rings and display passcodes that change frequently. A smart card is a device about the size of a credit card that contains a chip formatted with access permission and other date.( Smart cards are also used in electronic payment system.) A reader device interprets the date on the smart cards and allows or denies access. Biometric authentication uses systems that read and interpret individual human traits, such as fingerprints, irises, and voices, in order to grant or deny access. Biometric authentication is based on the measurement of a physical or behavioral trait that makes each individual unique. It compares a persons unique characteristics, such as the fingerprints, face or retinal image, against a stored profile of these characteristics to determine whether there are two any differences between these characteristics and the stored profile. If the two profiles match, access is granted. Fingerprint and facial recognition technologies are just beginning to be used for security applications. PC laptops are starting to be equipped with fingerprint identification devices. But this can be very dangerous