Vous êtes sur la page 1sur 28

Protection Mechanism

Protection Mechanisms
1. File Protection Mechanism
2. Physical Protection Mechanism
3. User Authentication

File Protection Mechanisms


1. Anti-Virus/Malware Protection Antivirus or anti-virus software (often
abbreviated as AV), sometimes known
as anti-malware software, is computer
software used to prevent, detect and
remove malicious software. Antivirus
software was originally developed to
detect and remove computer viruses,
hence the name.

File Protection Mechanisms


2. Firewall - Firewalls are software
programs or hardware devices that
filter the traffic that flows into you PC
or your network through a internet
connection.

File Protection Mechanisms


3. Encryption Method - The word
encryption comes from the Greek
word kryptos, meaning hidden or
secret.
- is the process of encoding messages
or information in such a way that
only authorized parties can read it.

File Protection Mechanisms


4. Cloud Storage - is a model of data
storage where the digital data is
stored in logical pools, the physical
storage spans multiple servers (and
often locations), and the physical
environment is typically owned and
managed by a hosting company.

Physical Protection
Mechanisms
1. Vaults - is an architectural term for an
arched form used to provide a space
with a ceiling or roof used for storage,
especially an underground one.
- usually found in a bank or other
financial institution, which is a safe and
secure place for storing items of value.

Physical Protection
Mechanisms
2. CCTV (closed-circuit television) is a
TV system in which signals are not
publicly distributed but are
monitored, primarily for surveillance
and security purposes. CCTV relies
on strategic placement of cameras,
and observation of the camera's
input on monitors somewhere.

Physical Protection
Mechanisms
3. Sensors - is a device
that detects and responds
to some type of input from
the physical environment.
- The specific input could be
light, heat, motion,
moisture, pressure, or any
one of a great number of
other environmental
phenomena.

User Authentication
Something the user knows (password,
PIN, passphrase, mothers maiden name)

Something the user has (ID, key,


drivers license, uniform)

Something the user is (biometrics)

What is Password?
Mutually agreed-upon code words,
assumed known only to user and
system
First line of defense
Loose-Lipped Systems
ENTER USER ID: summers
INVALID USER NAME
ENTER USER ID:

Password Loopholes

Ask the user


Search for the system list of passwords

Find a valid user ID


Create a list of possible passwords
Rank the passwords from high to low
probability
Try each password
If attempt fails, try again (don't exceed
password lockout)

Attack on Passwords

Exhaustive Attack (brute-force)

18,278 passwords of 3 letters or less


1 password / millisecond would take 18
seconds (8 minutes for 4 letters, 3.5 hours for
5 letters)

Probable passwords (dictionary attack)

80,000 word dictionary would take 80


seconds
Expanded dictionary

Attack on Passwords

UK Study
(http://www.cnn.com/2002/TECH/ptech/03/13/dangerous.passwo
rds/?related)

50% passwords were family names


Celebrities/soccer stars 9% each
Pets 8%
10% reflect a fantasy
Only 10% use cryptic combinations

Attack on Passwords

Look on desk
Try no password
Try user ID
Try users name
Common words (password, private, secret)
Short dictionary
Complete English word list
Common non-English dictionaries
Dictionary with capitalization and substitutions
(0 for o and 1 for i)
Brute force (lowercase alphabet)
Brute force (full character set)

Password Selection Criteria

Use characters other than A-Z


Choose long passwords
Avoid names and words
Choose unlikely password
Change password regularly (dont reuse)
Dont write it down
Dont tell anyone

http://www.mit.edu/afs/sipb/project/doc/password
s/passwords.html

One-time passwords

What is Biometrics?
Biometrics refers to technologies
that measure and analyze human
body characteristics, such as DNA,
fingerprints, eye retinas and irises,
voice patterns, facial patterns and
hand measurements, for
authentication purposes.

Types of Biometric
Identification
1. Fingerprint Identification - an impression
or mark made on a surface by a person's
fingertip, especially as used for identifying
individuals from the unique pattern of
whorls and lines.
- is the oldest and cheapest method used
widely. It works on a same principle that
says fingerprints of different individuals are
not the same. It identifies and verifies an
individuals fingerprint with the data stored
in it.

Types of Biometric
Identification
Benefits of fingerprint biometrics
As fingerprints are impossible to lose or forget, it
is the best process to verify ones identity.
It makes our security system easier and cheaper
As it can allow a person to get inside after
verifying his identity, it can significantly reduce
the cost of keeping more security personals at
your doors.
It can easily maintain the in and out time of the
employees, calculate the working hours and send
a report to the concern departments.

Types of Biometric
Identification
Benefits of fingerprint biometrics
Unlike passwords, PIN and security codes, fingerprints
are impossible to steal or forget.
We have ten unique fingerprints, unlike one voice, one
face or two eyes.
This is the traditional as well as modern unique
identification method
Since the very earlier time, are used for continuous
identification.
Unlike voice identification and Iris scanning, Fingerprints
give us a substantial body of real world data. Based on
it, we can claim the uniqueness of each fingerprint

Types of Biometric
Identification
2. Palm Vein
Identification uses image
recognition and optical
technology to scan the
normally invisible vein pattern
of the palm, back of the hand,
fingers, etc. has the properties
of being highly accurate and
highly resistant to
counterfeiting, impersonation,
and other dishonest actions.

Types of Biometric
Identification
3. Retina Scan - It analyzes and
identifies unique blood vessel
patterns of an individual. It works on
the capillary blood vessels existing in
the back of human eye. It throws a
low-intensity light to a persons eye
to get an image pattern formed by
the blood vessels.

cont
It analyzes and identifies unique
blood vessel patterns of an
individual. It works on the capillary
blood vessels existing in the back of
human eye. It throws a low-intensity
light to a persons eye to get an
image pattern formed by the blood
vessels.

Types of Biometric
Identification
4. Face Recognition - It identifies
and analyses the face of a person. It
uses an analyzing method that easily
distinguishes the difference between
the two faces of two different
persons.

Cont

Types of Biometric
Identification
5. Voice Recognition - Speaker
identification and recognition is used
to identify an unknown speakers
identity. It verifies and tallies a
persons voice and its patterns, pitch
and speech style. . Behavioral
pattern, intensity and pitch of a voice
vary from man to man.

Summary
Authentication is something you have,
something you know, and something
you are when you add biometrics. I
think right now users see
[authentication methods] as separate
items. The technology is there, but the
idea is not.
~ Charles Kolodgy

End of Lecture!

Vous aimerez peut-être aussi