Outline for December 4, 2006

Reading: §12.2.3–12.6; 14.1–14.4

  1. Greetings and felicitations!
    1. Puzzle of the day
  2. Password aging
    1. Pick age so when password is guessed, it's no longer valid
    2. Implementation: track previous passwords vs. upper, lower time bounds
  3. Ultimate in aging: One-Time Password
    1. Password is valid for only one use
    2. May work from list, or new password may be generated from old by a function
  4. Challenge-response systems
    1. Computer issues challenge, user presents response to verify secret information known/item possessed
    2. Example operations: f(x) = x+1, random, string (for users without computers), time of day, computer sends E(x), you answer E(D(E(x))+1)
    3. Note: password never sent on wire or network
  5. Biometrics
    1. Depend on physical characteristics
    2. Examples: pattern of typing (remarkably effective), retinal scans, etc.
  6. Location
    1. Bind user to some location detection device (human, GPS)
    2. Authenticate by location of the device
  7. Identity
    1. Principal and identity
    2. Users, groups, roles
    3. Identity on the web
    4. Host identity: static and dynamic identifiers
You can also obtain a PDF version of this. Version of November 29, 2006 at 7:35 AM