SlideShare uma empresa Scribd logo

Authentication(pswrd,token,certificate,biometric)

Transferir como PPTX, PDF
Ali Raw
Ali Raw

network sequrity

EducaçãoTecnologia
1 de 22
Authentication - Deepak Mishra - Hasan Ali
What is Authentication ? Authentication is the act of confirming the truth of an attribute of a datum or entity. This might involve confirming the identity of a person or software program, tracing the origins of an artifact, or ensuring that a product is what its packaging and labeling claims to be. Authentication often involves verifying the validity of at least one form of identification.
Authentication in simple term • Positive verification of identity (man or machine) • Verification of a person‟s claimed identity • 3 Categories: – What you know – What you have – Who you are
Review: 3 Categories • What you know – Password – PIN • What you have – e-Token – RFID – Certificate • Who you are – Biometrics
Four main types of authentication available are: Password based authentication Certificate based authentication E-Token based authentication Biometric based authentication
Password based authentication : • Password are the most common form of authentication. • Password may be a string of alphabets ,numbers and special characters • This password is compulsorily to be known by the ENTITY or the THING or a PERSON that is being Authenticated
How does the Authentication Process takes places(password).. Steps : 1. Prompts for user id and password. 2. User enters user id and password. 3. User id and password validation. 4. Authentication result back to the server. 5. Inform user accordingly.
Certificate based authentication : • A certificate is a digital document that at a minimum includes a Distinguished Name (DN) and an associated public key. • The certificate is digitally signed by a trusted third party known as the Certificate Authority (CA).Digital Certificates can then be reused for user authentication. •Certificate based authentication is stronger as compared to password based authentication. •Because here the user is expected to HAVE something(CERTIFICATE) rather than to KNOW something(PASSWORD).
Certificate based authentication is an electronic document that contains information on: (1) The Entity it belongs to… (2) The Entity it was issued by… (3) Unique serial number or some other unique identification… (4) Valid dates … (5) A Digital fingerprint…
How does the Authentication Process takes places(certificate).. Steps : 1. Creation, storage and distribution of DC(Digital Certificate). 2. Login request (user to server). 3. Server creates a random challenge. 4. User signs the random challenge. 5. Server returns an appropriate message back to the user.
E-Token based authentication : •An authentication token is a small device that generates a new random value every time it is used. •This random value becomes the basis for authentication{an alternative to a password} •Can be implemented on a USB key fob or a smart card. •Data physically protected on the device itself •May store credentials such as passwords, digital signatures and certificates, and private keys.
Usually an Authentication Token has the foll components or features: 1. Processor. 2. LCD for displaying outputs or random values. 3. Battery. 4. Small keypad for entering information. 5. Real-time clock. optional
How does the Authentication Process takes places(e-token).. Steps : 1. Creation of a token. 2. Use of token. 3. Token validation. 4. Server returns an appropriate message back to the user.
Biometric based authentication : •Biometrics (or biometric authentication) refers to the identification of humans by their characteristics such as fingerprint, voice, Iris pattern of the eye, vein pattern, etc. •Biometrics is used in computer science as a form of identification and access control. •It is also used to identify individuals in groups that are under observation.
How does the Authentication Process takes places(Biometric).. • The user database contains a sample of user’s biometric characteristics •During Authentication process, the user is required to provide a new sample of the user’s biometric. •This sample is sent to encryption. •This current sample is decrypted & compared.(if the sample matches ) •User is considered as valid one
Biometrics Process No Yes Biometric Data Collection Transmission Quality Sufficient? Yes Template Match Signal Processing, Feature Extraction, Representation Database Decision Confidence? new biometric sample is requested. No database
The common Physical characteristics are: •Fingerprint •Face •Retina •Iris •Vein pattern •Hand and finger geometry
The Behavioral characteristics are: •Keystroke dynamics •Voice •Gait • Signature dynamics
 The angle at which the pen is held  The number of times the pen is lifted  The time it takes to write the entire signature  The pressure exerted by the person while signing  The variations in the speed with which different parts of the signature are written. Signature Verification Process
Aadhaar card: One-time standardized Aadhaar enrolment establishes uniqueness of resident via „biometric de-duplication‟ – Only one Aadhaar number per eligible individual Online Authentication is provided by UIDAI – Demographic Data (Name, Address, DOB, Gender) – Biometric Data (Fingerprint, Iris, Face) Aadhaar :subject to online authentication is proof of ID Aadhaar enrollment / Update = KYC Aadhaar No. Issued, stored in Auth. Server “Verification” of KYC (Authentication)
Advantages of biometrics 1. Uniqueness 2. Universality 3. Performance 4. Measurability 5. User friendly 6. Accuracy 7. Comfort
Thank you..!

Recomendados

User authentication
User authenticationUser authentication
User authentication
CAS
 
Authentication techniques
Authentication techniquesAuthentication techniques
Authentication techniques
IGZ Software house
 
Authentication
AuthenticationAuthentication
Authentication
primeteacher32
 
Symmetric and asymmetric key
Symmetric and asymmetric keySymmetric and asymmetric key
Symmetric and asymmetric key
Triad Square InfoSec
 
Intrusion detection
Intrusion detectionIntrusion detection
Intrusion detection
CAS
 
Password Cracking
Password CrackingPassword Cracking
Password Cracking
Sagar Verma
 
Web Security
Web SecurityWeb Security
Web Security
Dr.Florence Dayana
 
Secure Socket Layer (SSL)
Secure Socket Layer (SSL)Secure Socket Layer (SSL)
Secure Socket Layer (SSL)
Samip jain
 

Recomendados

User authentication
User authenticationUser authentication
User authentication
CAS
 
Authentication techniques
Authentication techniquesAuthentication techniques
Authentication techniques
IGZ Software house
 
Authentication
AuthenticationAuthentication
Authentication
primeteacher32
 
Symmetric and asymmetric key
Symmetric and asymmetric keySymmetric and asymmetric key
Symmetric and asymmetric key
Triad Square InfoSec
 
Intrusion detection
Intrusion detectionIntrusion detection
Intrusion detection
CAS
 
Password Cracking
Password CrackingPassword Cracking
Password Cracking
Sagar Verma
 
Web Security
Web SecurityWeb Security
Web Security
Dr.Florence Dayana
 
Secure Socket Layer (SSL)
Secure Socket Layer (SSL)Secure Socket Layer (SSL)
Secure Socket Layer (SSL)
Samip jain
 
Cryptography
CryptographyCryptography
Cryptography
jayashri kolekar
 
CYBER SECURITY : DIGITAL SIGNATURE,
CYBER SECURITY : DIGITAL SIGNATURE,CYBER SECURITY : DIGITAL SIGNATURE,
CYBER SECURITY : DIGITAL SIGNATURE,
ShivangiSingh241
 
Intrusion detection and prevention system
Intrusion detection and prevention systemIntrusion detection and prevention system
Intrusion detection and prevention system
Nikhil Raj
 
Kerberos
KerberosKerberos
Kerberos
Sparkbit
 
Network Security Fundamentals
Network Security FundamentalsNetwork Security Fundamentals
Network Security Fundamentals
Rahmat Suhatman
 
SSL
SSLSSL
SSL
Badrul Alam bulon
 
Kerberos
KerberosKerberos
Kerberos
Sutanu Paul
 
Computer security concepts
Computer security conceptsComputer security concepts
Computer security concepts
G Prachi
 
Electronic mail security
Electronic mail securityElectronic mail security
Electronic mail security
Dr.Florence Dayana
 
Hash Function
Hash Function Hash Function
Hash Function
ssuserdfb2da
 
public key infrastructure
public key infrastructurepublic key infrastructure
public key infrastructure
vimal kumar
 
Kerberos
KerberosKerberos
Kerberos
RafatSamreen
 
Network security
Network securityNetwork security
Network security
quest university nawabshah
 
Intrusion detection system ppt
Intrusion detection system pptIntrusion detection system ppt
Intrusion detection system ppt
Sheetal Verma
 
Message Authentication Code & HMAC
Message Authentication Code & HMACMessage Authentication Code & HMAC
Message Authentication Code & HMAC
Krishna Gehlot
 
Web Security
Web SecurityWeb Security
Web Security
Dipika Bambhaniya
 
Security models
Security models Security models
Security models
LJ PROJECTS
 
18CS2005 Cryptography and Network Security
18CS2005 Cryptography and Network Security18CS2005 Cryptography and Network Security
18CS2005 Cryptography and Network Security
Kathirvel Ayyaswamy
 
Message authentication
Message authenticationMessage authentication
Message authentication
CAS
 
Web authentication & authorization
Web authentication & authorizationWeb authentication & authorization
Web authentication & authorization
Alexandru Pasaila
 
Authentication Technologies
Authentication TechnologiesAuthentication Technologies
Authentication Technologies
Nicholas Davis
 
Biometric authentication ppt by navin 6 feb
Biometric authentication ppt by navin 6 febBiometric authentication ppt by navin 6 feb
Biometric authentication ppt by navin 6 feb
Navin Kumar
 

Mais conteúdo relacionado

Mais procurados

Intrusion detection system ppt
Intrusion detection system pptIntrusion detection system ppt
Intrusion detection system ppt
Sheetal Verma
 
Web authentication & authorization
Web authentication & authorizationWeb authentication & authorization
Web authentication & authorization
Alexandru Pasaila
 

Mais procurados (20)

Cryptography
CryptographyCryptography
Cryptography
 
CYBER SECURITY : DIGITAL SIGNATURE,
CYBER SECURITY : DIGITAL SIGNATURE,CYBER SECURITY : DIGITAL SIGNATURE,
CYBER SECURITY : DIGITAL SIGNATURE,
 
Intrusion detection and prevention system
Intrusion detection and prevention systemIntrusion detection and prevention system
Intrusion detection and prevention system
 
Kerberos
KerberosKerberos
Kerberos
 
Network Security Fundamentals
Network Security FundamentalsNetwork Security Fundamentals
Network Security Fundamentals
 
SSL
SSLSSL
SSL
 
Kerberos
KerberosKerberos
Kerberos
 
Computer security concepts
Computer security conceptsComputer security concepts
Computer security concepts
 
Electronic mail security
Electronic mail securityElectronic mail security
Electronic mail security
 
Hash Function
Hash Function Hash Function
Hash Function
 
public key infrastructure
public key infrastructurepublic key infrastructure
public key infrastructure
 
Kerberos
KerberosKerberos
Kerberos
 
Network security
Network securityNetwork security
Network security
 
Intrusion detection system ppt
Intrusion detection system pptIntrusion detection system ppt
Intrusion detection system ppt
 
Message Authentication Code & HMAC
Message Authentication Code & HMACMessage Authentication Code & HMAC
Message Authentication Code & HMAC
 
Web Security
Web SecurityWeb Security
Web Security
 
Security models
Security models Security models
Security models
 
18CS2005 Cryptography and Network Security
18CS2005 Cryptography and Network Security18CS2005 Cryptography and Network Security
18CS2005 Cryptography and Network Security
 
Message authentication
Message authenticationMessage authentication
Message authentication
 
Web authentication & authorization
Web authentication & authorizationWeb authentication & authorization
Web authentication & authorization
 

Destaque

Authentication Technologies
Authentication TechnologiesAuthentication Technologies
Authentication Technologies
Nicholas Davis
 

Destaque (20)

Authentication Technologies
Authentication TechnologiesAuthentication Technologies
Authentication Technologies
 
Biometric authentication ppt by navin 6 feb
Biometric authentication ppt by navin 6 febBiometric authentication ppt by navin 6 feb
Biometric authentication ppt by navin 6 feb
 
A study on biometric authentication techniques
A study on biometric authentication techniquesA study on biometric authentication techniques
A study on biometric authentication techniques
 
Authentication Systems
Authentication SystemsAuthentication Systems
Authentication Systems
 
Kerberos
KerberosKerberos
Kerberos
 
Security threats
Security threatsSecurity threats
Security threats
 
Unique identification authority of india uid
Unique identification authority of india uidUnique identification authority of india uid
Unique identification authority of india uid
 
Aadhaar at 5th_elephant_v3
Aadhaar at 5th_elephant_v3Aadhaar at 5th_elephant_v3
Aadhaar at 5th_elephant_v3
 
Srikanth Nadhamuni
Srikanth NadhamuniSrikanth Nadhamuni
Srikanth Nadhamuni
 
Aadhaar
AadhaarAadhaar
Aadhaar
 
practical risks in aadhaar project and measures to overcome them
practical risks in aadhaar project and measures to overcome thempractical risks in aadhaar project and measures to overcome them
practical risks in aadhaar project and measures to overcome them
 
What database
What databaseWhat database
What database
 
Uid
UidUid
Uid
 
Facebook style notifications using hbase and event streams
Facebook style notifications using hbase and event streamsFacebook style notifications using hbase and event streams
Facebook style notifications using hbase and event streams
 
E commerce data migration in moving systems across data centres
E commerce data migration in moving systems across data centres E commerce data migration in moving systems across data centres
E commerce data migration in moving systems across data centres
 
Building tiered data stores using aesop to bridge sql and no sql systems
Building tiered data stores using aesop to bridge sql and no sql systemsBuilding tiered data stores using aesop to bridge sql and no sql systems
Building tiered data stores using aesop to bridge sql and no sql systems
 
Aesop change data propagation
Aesop change data propagationAesop change data propagation
Aesop change data propagation
 
Hadoop at aadhaar
Hadoop at aadhaarHadoop at aadhaar
Hadoop at aadhaar
 
Building the Flipkart phantom
Building the Flipkart phantomBuilding the Flipkart phantom
Building the Flipkart phantom
 
Computer security threats & prevention
Computer security threats & preventionComputer security threats & prevention
Computer security threats & prevention
 

Semelhante a Authentication(pswrd,token,certificate,biometric)

Basic of Biometrics Technology
Basic of Biometrics Technology Basic of Biometrics Technology
Basic of Biometrics Technology
NEHA SINGH
 
Access Control Presentation
Access Control PresentationAccess Control Presentation
Access Control Presentation
Wajahat Rajab
 
Authenticationtechnologies 120711134100-phpapp01
Authenticationtechnologies 120711134100-phpapp01Authenticationtechnologies 120711134100-phpapp01
Authenticationtechnologies 120711134100-phpapp01
Hai Nguyen
 
Bio-metrics Authentication Technique
Bio-metrics Authentication TechniqueBio-metrics Authentication Technique
Bio-metrics Authentication Technique
Rekha Yadav
 
Biometrics n authentication divices kerja khursus
Biometrics n authentication divices kerja khursusBiometrics n authentication divices kerja khursus
Biometrics n authentication divices kerja khursus
SMK Hamid Khan Tapah
 
Authentication technologies
Authentication technologiesAuthentication technologies
Authentication technologies
Nicholas Davis
 

Semelhante a Authentication(pswrd,token,certificate,biometric) (20)

Authentication
AuthenticationAuthentication
Authentication
 
Eds user authenticationuser authentication methods
Eds user authenticationuser authentication methodsEds user authenticationuser authentication methods
Eds user authenticationuser authentication methods
 
Basic of Biometrics Technology
Basic of Biometrics Technology Basic of Biometrics Technology
Basic of Biometrics Technology
 
Access Control Presentation
Access Control PresentationAccess Control Presentation
Access Control Presentation
 
Biometrics Authentication Technology by Sayak Das
Biometrics Authentication Technology by Sayak DasBiometrics Authentication Technology by Sayak Das
Biometrics Authentication Technology by Sayak Das
 
Keystroke dynamics
Keystroke dynamicsKeystroke dynamics
Keystroke dynamics
 
Authenticationtechnologies 120711134100-phpapp01
Authenticationtechnologies 120711134100-phpapp01Authenticationtechnologies 120711134100-phpapp01
Authenticationtechnologies 120711134100-phpapp01
 
MAIN_BIOMETRIC.pdf
MAIN_BIOMETRIC.pdfMAIN_BIOMETRIC.pdf
MAIN_BIOMETRIC.pdf
 
Cryptography in user authentication
Cryptography in user authenticationCryptography in user authentication
Cryptography in user authentication
 
Date security identifcation and authentication
Date security identifcation and authenticationDate security identifcation and authentication
Date security identifcation and authentication
 
Information and network security 47 authentication applications
Information and network security 47 authentication applicationsInformation and network security 47 authentication applications
Information and network security 47 authentication applications
 
Bio-metrics Authentication Technique
Bio-metrics Authentication TechniqueBio-metrics Authentication Technique
Bio-metrics Authentication Technique
 
Biometrics
BiometricsBiometrics
Biometrics
 
Electronic Authentication, More Than Just a Password
Electronic Authentication, More Than Just a PasswordElectronic Authentication, More Than Just a Password
Electronic Authentication, More Than Just a Password
 
Biometrics n authentication divices kerja khursus
Biometrics n authentication divices kerja khursusBiometrics n authentication divices kerja khursus
Biometrics n authentication divices kerja khursus
 
Authentication technologies
Authentication technologiesAuthentication technologies
Authentication technologies
 
Identity Proofing to provision accurately
Identity Proofing to provision accuratelyIdentity Proofing to provision accurately
Identity Proofing to provision accurately
 
Chapters_1_2.ppt
Chapters_1_2.pptChapters_1_2.ppt
Chapters_1_2.ppt
 
Biometric Authentication PPT
Biometric Authentication PPTBiometric Authentication PPT
Biometric Authentication PPT
 
Broken Authentication and Authorization(1).pptx
Broken Authentication and Authorization(1).pptxBroken Authentication and Authorization(1).pptx
Broken Authentication and Authorization(1).pptx
 

Último

The basics of sentences session 3pptx.pptx
The basics of sentences session 3pptx.pptxThe basics of sentences session 3pptx.pptx
The basics of sentences session 3pptx.pptx
heathfieldcps1
 
Jual Obat Aborsi Hongkong ( Asli No.1 ) 085657271886 Obat Penggugur Kandungan...
Jual Obat Aborsi Hongkong ( Asli No.1 ) 085657271886 Obat Penggugur Kandungan...Jual Obat Aborsi Hongkong ( Asli No.1 ) 085657271886 Obat Penggugur Kandungan...
Jual Obat Aborsi Hongkong ( Asli No.1 ) 085657271886 Obat Penggugur Kandungan...
ZurliaSoop
 

Último (20)

The basics of sentences session 3pptx.pptx
The basics of sentences session 3pptx.pptxThe basics of sentences session 3pptx.pptx
The basics of sentences session 3pptx.pptx
 
On National Teacher Day, meet the 2024-25 Kenan Fellows
On National Teacher Day, meet the 2024-25 Kenan FellowsOn National Teacher Day, meet the 2024-25 Kenan Fellows
On National Teacher Day, meet the 2024-25 Kenan Fellows
 
Application orientated numerical on hev.ppt
Application orientated numerical on hev.pptApplication orientated numerical on hev.ppt
Application orientated numerical on hev.ppt
 
Wellbeing inclusion and digital dystopias.pptx
Wellbeing inclusion and digital dystopias.pptxWellbeing inclusion and digital dystopias.pptx
Wellbeing inclusion and digital dystopias.pptx
 
Understanding Accommodations and Modifications
Understanding Accommodations and ModificationsUnderstanding Accommodations and Modifications
Understanding Accommodations and Modifications
 
Accessible Digital Futures project (20/03/2024)
Accessible Digital Futures project (20/03/2024)Accessible Digital Futures project (20/03/2024)
Accessible Digital Futures project (20/03/2024)
 
Exploring_the_Narrative_Style_of_Amitav_Ghoshs_Gun_Island.pptx
Exploring_the_Narrative_Style_of_Amitav_Ghoshs_Gun_Island.pptxExploring_the_Narrative_Style_of_Amitav_Ghoshs_Gun_Island.pptx
Exploring_the_Narrative_Style_of_Amitav_Ghoshs_Gun_Island.pptx
 
Jual Obat Aborsi Hongkong ( Asli No.1 ) 085657271886 Obat Penggugur Kandungan...
Jual Obat Aborsi Hongkong ( Asli No.1 ) 085657271886 Obat Penggugur Kandungan...Jual Obat Aborsi Hongkong ( Asli No.1 ) 085657271886 Obat Penggugur Kandungan...
Jual Obat Aborsi Hongkong ( Asli No.1 ) 085657271886 Obat Penggugur Kandungan...
 
On_Translating_a_Tamil_Poem_by_A_K_Ramanujan.pptx
On_Translating_a_Tamil_Poem_by_A_K_Ramanujan.pptxOn_Translating_a_Tamil_Poem_by_A_K_Ramanujan.pptx
On_Translating_a_Tamil_Poem_by_A_K_Ramanujan.pptx
 
This PowerPoint helps students to consider the concept of infinity.
This PowerPoint helps students to consider the concept of infinity.This PowerPoint helps students to consider the concept of infinity.
This PowerPoint helps students to consider the concept of infinity.
 
How to Add New Custom Addons Path in Odoo 17
How to Add New Custom Addons Path in Odoo 17How to Add New Custom Addons Path in Odoo 17
How to Add New Custom Addons Path in Odoo 17
 
NO1 Top Black Magic Specialist In Lahore Black magic In Pakistan Kala Ilam Ex...
NO1 Top Black Magic Specialist In Lahore Black magic In Pakistan Kala Ilam Ex...NO1 Top Black Magic Specialist In Lahore Black magic In Pakistan Kala Ilam Ex...
NO1 Top Black Magic Specialist In Lahore Black magic In Pakistan Kala Ilam Ex...
 
How to setup Pycharm environment for Odoo 17.pptx
How to setup Pycharm environment for Odoo 17.pptxHow to setup Pycharm environment for Odoo 17.pptx
How to setup Pycharm environment for Odoo 17.pptx
 
How to Manage Global Discount in Odoo 17 POS
How to Manage Global Discount in Odoo 17 POSHow to Manage Global Discount in Odoo 17 POS
How to Manage Global Discount in Odoo 17 POS
 
How to Give a Domain for a Field in Odoo 17
How to Give a Domain for a Field in Odoo 17How to Give a Domain for a Field in Odoo 17
How to Give a Domain for a Field in Odoo 17
 
2024-NATIONAL-LEARNING-CAMP-AND-OTHER.pptx
2024-NATIONAL-LEARNING-CAMP-AND-OTHER.pptx2024-NATIONAL-LEARNING-CAMP-AND-OTHER.pptx
2024-NATIONAL-LEARNING-CAMP-AND-OTHER.pptx
 
UGC NET Paper 1 Mathematical Reasoning & Aptitude.pdf
UGC NET Paper 1 Mathematical Reasoning & Aptitude.pdfUGC NET Paper 1 Mathematical Reasoning & Aptitude.pdf
UGC NET Paper 1 Mathematical Reasoning & Aptitude.pdf
 
Single or Multiple melodic lines structure
Single or Multiple melodic lines structureSingle or Multiple melodic lines structure
Single or Multiple melodic lines structure
 
HMCS Max Bernays Pre-Deployment Brief (May 2024).pptx
HMCS Max Bernays Pre-Deployment Brief (May 2024).pptxHMCS Max Bernays Pre-Deployment Brief (May 2024).pptx
HMCS Max Bernays Pre-Deployment Brief (May 2024).pptx
 
Interdisciplinary_Insights_Data_Collection_Methods.pptx
Interdisciplinary_Insights_Data_Collection_Methods.pptxInterdisciplinary_Insights_Data_Collection_Methods.pptx
Interdisciplinary_Insights_Data_Collection_Methods.pptx
 

Authentication(pswrd,token,certificate,biometric)

  • 2. What is Authentication ? Authentication is the act of confirming the truth of an attribute of a datum or entity. This might involve confirming the identity of a person or software program, tracing the origins of an artifact, or ensuring that a product is what its packaging and labeling claims to be. Authentication often involves verifying the validity of at least one form of identification.
  • 3. Authentication in simple term • Positive verification of identity (man or machine) • Verification of a person‟s claimed identity • 3 Categories: – What you know – What you have – Who you are
  • 4. Review: 3 Categories • What you know – Password – PIN • What you have – e-Token – RFID – Certificate • Who you are – Biometrics
  • 5. Four main types of authentication available are: Password based authentication Certificate based authentication E-Token based authentication Biometric based authentication
  • 6. Password based authentication : • Password are the most common form of authentication. • Password may be a string of alphabets ,numbers and special characters • This password is compulsorily to be known by the ENTITY or the THING or a PERSON that is being Authenticated
  • 7. How does the Authentication Process takes places(password).. Steps : 1. Prompts for user id and password. 2. User enters user id and password. 3. User id and password validation. 4. Authentication result back to the server. 5. Inform user accordingly.
  • 8. Certificate based authentication : • A certificate is a digital document that at a minimum includes a Distinguished Name (DN) and an associated public key. • The certificate is digitally signed by a trusted third party known as the Certificate Authority (CA).Digital Certificates can then be reused for user authentication. •Certificate based authentication is stronger as compared to password based authentication. •Because here the user is expected to HAVE something(CERTIFICATE) rather than to KNOW something(PASSWORD).
  • 9. Certificate based authentication is an electronic document that contains information on: (1) The Entity it belongs to… (2) The Entity it was issued by… (3) Unique serial number or some other unique identification… (4) Valid dates … (5) A Digital fingerprint…
  • 10. How does the Authentication Process takes places(certificate).. Steps : 1. Creation, storage and distribution of DC(Digital Certificate). 2. Login request (user to server). 3. Server creates a random challenge. 4. User signs the random challenge. 5. Server returns an appropriate message back to the user.
  • 11. E-Token based authentication : •An authentication token is a small device that generates a new random value every time it is used. •This random value becomes the basis for authentication{an alternative to a password} •Can be implemented on a USB key fob or a smart card. •Data physically protected on the device itself •May store credentials such as passwords, digital signatures and certificates, and private keys.
  • 12. Usually an Authentication Token has the foll components or features: 1. Processor. 2. LCD for displaying outputs or random values. 3. Battery. 4. Small keypad for entering information. 5. Real-time clock. optional
  • 13. How does the Authentication Process takes places(e-token).. Steps : 1. Creation of a token. 2. Use of token. 3. Token validation. 4. Server returns an appropriate message back to the user.
  • 14. Biometric based authentication : •Biometrics (or biometric authentication) refers to the identification of humans by their characteristics such as fingerprint, voice, Iris pattern of the eye, vein pattern, etc. •Biometrics is used in computer science as a form of identification and access control. •It is also used to identify individuals in groups that are under observation.
  • 15. How does the Authentication Process takes places(Biometric).. • The user database contains a sample of user’s biometric characteristics •During Authentication process, the user is required to provide a new sample of the user’s biometric. •This sample is sent to encryption. •This current sample is decrypted & compared.(if the sample matches ) •User is considered as valid one
  • 16. Biometrics Process No Yes Biometric Data Collection Transmission Quality Sufficient? Yes Template Match Signal Processing, Feature Extraction, Representation Database Decision Confidence? new biometric sample is requested. No database
  • 17. The common Physical characteristics are: •Fingerprint •Face •Retina •Iris •Vein pattern •Hand and finger geometry
  • 18. The Behavioral characteristics are: •Keystroke dynamics •Voice •Gait • Signature dynamics
  • 19.  The angle at which the pen is held  The number of times the pen is lifted  The time it takes to write the entire signature  The pressure exerted by the person while signing  The variations in the speed with which different parts of the signature are written. Signature Verification Process
  • 20. Aadhaar card: One-time standardized Aadhaar enrolment establishes uniqueness of resident via „biometric de-duplication‟ – Only one Aadhaar number per eligible individual Online Authentication is provided by UIDAI – Demographic Data (Name, Address, DOB, Gender) – Biometric Data (Fingerprint, Iris, Face) Aadhaar :subject to online authentication is proof of ID Aadhaar enrollment / Update = KYC Aadhaar No. Issued, stored in Auth. Server “Verification” of KYC (Authentication)
  • 21. Advantages of biometrics 1. Uniqueness 2. Universality 3. Performance 4. Measurability 5. User friendly 6. Accuracy 7. Comfort