Skip to main content

Secure User Authentication: Might Makes Right

Secure User Authentication: Might Makes Right

 

User authentication is the most basic form of security. The logic behind it is pretty simple - user authentication gives you the ability to prove your identity and allows you to access the information and resources you are entitled to use. If your authentication is weak, it doesn't matter how strong your encryption is, there may as well be no encryption at all.


While the benefits of adopting Bring Your Own Device as your mobile policy are appealing -- from increased productivity to lower costs -- a BYOD policy can also leave your corporate network more vulnerable than ever. The breaches regularly featured in the news remind us that all networks, no matter how large or small, risk being exposed to unauthorized users every day. Whether it's one device or multiple devices, companies must put a security policy in place to help prevent these breaches and take action once they do occur.

While security plans need to be customized for a company's needs with multiple layers of security, user authentication is always the front line of protection.

Lock The Door


User authentication is the most basic form of security. The logic behind it is pretty simple -- user authentication gives you the ability to prove your identity and allows you to access the information and resources you are entitled to use. If your authentication is weak, it doesn't matter how strong your encryption is, or how sophisticated your security protocols are, or how impenetrable the hardware is that protects the encryption key, there may as well be no encryption at all.

When it comes to user authentication, stronger is always better (although it comes at a cost of convenience). Proving your identity involves using one or more of three possible factors:

    something you know (passwords, PINs, etc.)

    something you are (biometric: face, finger, voice, retina, etc.)

    something you own (driver's license, token, corporate badge, etc.)

The first two factors are fairly straightforward and commonly used, but ownership is a trickier concept in authentication. In the digital world, it sometimes means owning a piece of data such as a cryptographic key, rather than something physical.

If you ask a group of professionals which authentication factor is best, you will likely come across conflicting opinions. For example, some consider passwords better than biometrics, while others will argue the opposite, but who is correct? Is there one factor that is better than all of the others? The answer is -- it depends.

The Factors


It depends on what criteria you are using to measure the authentication mechanism against, and there are many dimensions to consider. For example you could compare biometrics and passwords with respect to accuracy, convenience, ability to share, presence of a live person, usability, susceptibility to replay attacks, and so on. Your decision on what is important will determine which single factor is best.

When looking at authentication factors independently, you will see that there are advantages and disadvantages of each option, but when they are combined, they can be quite complementary. A weakness in one factor can actually be compensated by a strength of another, so when combined, something much stronger is created than either factor on its own could possibly attain. Every organization should identify what attacks are most likely, which they are most vulnerable to, and then identify what factors protect against those threats best.

For example, with software-based authentication, passwords would secure an encryption key, but don't protect adequately against threats such as key loggers, replay attacks, sharing, dictionary attacks, or even guessing. Most security schemes can't effectively deal with password sharing and guessing, but people intuitively create easy to remember passwords, use the same password for multiple accounts and share them with co-workers, family and friends, which leaves a large void in a secure network.

Often, unauthorized users don't have to do much more than guess to obtain access to secure networks. On the flip side, with fingerprint authentication, you run the risk of an attacker finding a latent print and creating a mock finger or the system producing a false positive. However, when the factors are combined, the resulting two-factor authentication is much more resistant to threats. For example, sharing, guessing and key logging attacks are not effective against the biometric, while the accuracy of password authentication (which is 100 percent) compensates for the inherent matching errors that accompany biometric technology.

Although it may not be the most convenient option, you can always count on multi-factor authentication to be stronger and more secure than single-factor authentication.



Comments

  1. UnknownNovember 3, 2012 at 3:16 AM

    The first two factors are fairly straightforward and commonly used, but ownership is a trickier concept in authentication. In the digital world, it sometimes means owning a piece of data such as a cryptographic key, rather than something physical.

    ReplyDelete

Post a Comment

Popular posts from this blog

How to use ng-href directive in AngularJS

ng-Href Directive                  ng-Href directive is hyper link markup to a text in angularJs. This hyperlink will change able to implement dynamic url {{hash}} value. Hash value to assign in a controller to happened user click event fire to assign dynamic url. This Value is undefined means it will return to 404 page. ng-Href directive Example  HTML:      <div ng-app="anchor">     <div ng-controller="anchorController">         <a ng-href="http://www.google.com" ng-click="show($event)">Anchor Tag</a>     </div>   </div> Javascript :  var anch = angular.module('anchor', []); anch.controller('anchorController',['$scope', '$window', function($scope, $window){     $scope.show = function(obj) {       $window.open(obj.target.href);     } }]); Result :  Demo
4 comments
Read more

A simple start and stop timer counter in angularjs

     AngularJs using to create a start and stop counting timer functionality application. This application is need the following directive like $interval and $filter , We create default time object is display current timer clock functions.         A timer counter is have three functionality as below that start, stop and reset. A start function is called to start the $ interval directive to active so now counter is begin, This moment you are unable to proceed a reset logic.         Stop function is is call to $ interval belongs one of the method like cancel , This method make corresponding active interval prose is stop it. Reset function is call to reset all scope value is to be zero. HTML: <div ng-app="timerApp">     <div ng-controller="timerController">         Current Time : {{time}} <br/>         <hr/>                <Button ng-click="timer_start()">Start</Button>         <Button ng-click=&
Post a Comment
Read more

How has lockdown impacted Indian farmers?

How has lockdown impacted Indian farmers?             Generally compare to other sectors it's not major impacted by our Indian farmers but we acceptable minor impacts. Here we separate major two farming cultures one is mono farming culture another one poly farming culture. Mono farming :             The major impacts from our Indian farmer for monoculture. Here I have briefly explained what are the things we had faced our local farmers. Here I explain two different crops type: Daily crops : * We harvest more than 100-kilo grams daily crops like brinjal but we unable to sell those in local markets. * We are unable to reach urban markets. * We don't have enough transport facilities. * We unable buy require fertilizer and other complements * In the early stage we are facing manpower shortage but later it's not an issue. * We unable to do value-added products. * Waste is very high for somedays Sessional Crops: * We major affect transport pr
Post a Comment
Read more