Chapter 4 - 02 - Discuss Identity and Access Management (IAM) - 06_ocred.pdf
Document Details
Uploaded by barrejamesteacher
null
EC-Gouncil
Tags
Full Transcript
Certified Cybersecurity Technician Exam 212-82 Identification, Authentication, and Authorization Types of Authentication: Smart Card Authentication & Smart card is a small computer chip device that s ° ° o holds a users’ personal information required to authenticate them Users have to insert their s...
Certified Cybersecurity Technician Exam 212-82 Identification, Authentication, and Authorization Types of Authentication: Smart Card Authentication & Smart card is a small computer chip device that s ° ° o holds a users’ personal information required to authenticate them Users have to insert their smart cards into the card reader machines and enter their personal identification number (PIN) to authenticate themselves A c Smart card authentication is a cryptography-based authentication and provides stronger security than password authentication Copyright © by E L All Rights Reserved. Reproduction is Strictly Prohibited. Types of Authentication: Smart Card Authentication Organizations use the smart card technology to ensure strong authentication. Smart cards can store password files, authentication tokens, one-time password files, biometric templates, etc. This technology is used with another authentication token, thus providing a multifactor authentication. This enables an efficient logical access security. This technology is applied in VPN authentication, email and data encryption, electronic signatures, secure wireless logon, and biometric authentication. A smart card consists identification. These identification number card. Smart cards also of a small computer chip that stores cards are inserted into a machine (PIN) is inputted for processing the help in storing public and the private personal information of the user for for authentication and a personal authentication information on the keys. Smart card authentication is a cryptography-based authentication and provides stronger security than password authentication. The main advantage of using a smart card is that it eliminates the risk of credentials being stolen from a computer as they are stored in the card’s chip itself. However, only a limited amount of information can be stored in the card’s microchip. Advantages of smart cards: = Highly secure technology: The smart card technology uses efficient encryption authentication methods, thus increasing the security of the card. = Easy to carry: Smart cards are easy to carry and a user simply needs to know the PIN of the card. Module 04 Page 486 and Certified Cybersecurity Technician Copyright © by EC-Gouncil All Rights Reserved. Reproduction is Strictly Prohibited. Certified Cybersecurity Technician Exam 212-82 Identification, Authentication, and Authorization = Reduced chances of deception by users: A smart card enables users to store information such as their fingerprint and other biometric details, thereby allowing organizations to recognize their employees. Disadvantages of smart cards: = Easily lost: Since smart cards are small in size, the chances of losing them are very high. = Security issues: Losing a smart card puts its owner’s information and identity at great risk. = High cost of production: As smart cards technologies; their production cost is high. Module 04 Page 487 have microchips and other encryption Certified Cybersecurity Technician Copyright © by EG-Council All Rights Reserved. Reproduction is Strictly Prohibited. Certified Cybersecurity Technician Identification, Authentication, and Authorization Exam 212-82 Types of Authentication: Single Sign-on (SSO) Authentication @A) L@ J Q It allows a user to authenticate themselves to multiple servers on a network with a single password without re-entering it every time Advantages No need to remember passwords of multiple applications or systems Reduces the time for entering a username and password @ Reduces the network traffic to the centralized server @ Users need to enter credentials only once for multiple applications Types of Authentication: Single Sign-on (SSO) Authentication As the name suggests, it allows the users to access multiple applications using a single username and password. The SSO stores the credentials of a user in an SSO policy server. An example of SSO is Google applications. Users can access all Google applications using a single user name and password combination. Consider Google as a central service. This central service creates a cookie for all users logging in for the first time in any of the applications present in the central service. When the user attempts to access other applications of the central service, it eliminates the need for the user to enter the credentials again due to the cookie which has already been created. The system checks the credentials using the created cookie. User sesssssianannns..,.................).....................> ~ PESERRES———_N u [ & User V. l'lllllllllllllll) Il‘lI'llllllllllll.) Single Sign-on (SSO) Authentication i APPLICATION F EMAILSERVER l DATABASESERVER SERVER Figure 4.15: Single Sign-On (SSO) Authentication Advantages of SSO: * Reduces the chances of reauthentication, thereby increasing the productivity. * Removes the chances of phishing. * Provides a better management of applications owing to a centralized database. * Assists with the account lifecycle. Provisioning and simplified by the availability of a single source of truth. Module 04 Page 488 deprovisioning of accounts is Certified Cybersecurity Technician Copyright © by EC-Gouncil All Rights Reserved. Reproduction is Strictly Prohibited. Certified Cybersecurity Technician Exam 212-82 Identification, Authentication, and Authorization = No need to remember passwords of multiple applications or systems. = Reduces the time for entering a username and password. Disadvantages of SSO: = Losing credentials has a high impact as all the applications of the central service become unavailable. = There are many vulnerability issues related with the authentication for all the applications. = |tis an issue in multiuser computers and requires the implementation of certain security policies to ensure security. Module 04 Page 489 Certified Cybersecurity Technician Copyright © by EG-Council All Rights Reserved. Reproduction is Strictly Prohibited.