Please enable JavaScript.
Coggle requires JavaScript to display documents.
Other Authentication Tech. (Biometrics (Problems (False readings, Can’t be…
Other Authentication Tech.
Biometrics
Definition
verification
of identity through the measurement of
physical
attributes or
behavior
.
Attributes
Physical attributes or Static biometric
EX: face, hand geometry, fingerprint, Iris, and retinal pattern.
Dynamic biometric
(something the person does, his/her behaviour)
EX:
fingerwriting, gesture, handwriting ,heartbeat, keystroke (Typing style), signature and voice recognition.
Problems
False readings
Can’t be modified when compromised
Expensive
:no_entry: In terms of accuracy, iris can achieve the better result with a low
false accept rate
and a
false reject rate
.
Smart Cards
Portable devices with a CPU, I/O ports, and some nonvolatile memory
Can carry out computation required by public key algorithms and transmit directly to the host
Some use biometrics data about the user instead of the PIN
Token
Definition
device or password generator is usually a hand-held device that generates a password.
types
Synchronous
The device and the server synchronize their time. Based on the time, a password is generated.
The devices (usually) re-synch on a successful authentication.
Drawback: if a user does not authenticate for a long time (usually months), the synchronization may be lost and require manual (admin) action.
Asynchronous
Use a challenge-response method
Server send a message
User enter a pin or password
Token calculates a password and display it
User enter displayed password to server
Non-repeating challenges from the host is used
:star:Problems with challenge/response schemes
Key database is extremely sensitive
This can be avoided if public key algorithms are used