Authentication

When we confront another person, we automatically identify that person from the physical appearance, sound of voice, mannerisms, and other characteristics. Thus, we can instantly see how much we trust this person. Using computers, we don't have such a direct contact with the other party.

Authentication is critical for the security of computer systems. Without the knowledge of the identity of a party requesting an operation, it is difficult to decide whether the operation should be allowed. To prevent computers being misused by unauthorized persons, there ought to be a checking system to identify a user and based on the results of such checking, the computer gives him the proper access right.

There are four major scenarios based on different degrees of trust:

    1. The right of an individual to self-determination as to the degree to which personal information will be shared among other individuals or organizations to control the collection, storage, and distribution of personal or organizational information.
    2. The right of an individual to self-determination as to the degree to which the individual is willing to share with others information about himself that may be compromised by unauthorized exchange of such information among other individuals or organizations
    3. The right of individuals and organizations to control the collection, storage, and distribution of their information or information about themselves.
    4. The right of individuals to control or influence what information related to them may be collected and stored and by whom and to whom that information may be disclosed.

In summary, authentication is the verification of the identity of a party who generated some data, and of the integrity of the data. A principal is the party whose identity is verified. The verifier is the party who demands assurance of the principal's identity. Data integrity is the assurance that the data received is the same as generated.

A. Authentication mechanisms differ in the assurances they provide:

    1. data was generated by the principal at some point in the past
    2. the principal was present when the data was sent
    3. the data received was freshly generated by the principal.

B. Mechanisms also differ in the number of verifiers:

    1. support for single verifier per message
    2. support for multiple verifiers.

C. whether the mechanism supports the ability of the verifier to prove to a third party that the message originated with the principal.

    We divide the authentication policy into three major categories:

    1. personal/system
    2. Internet
    3. network authentication

    1)Personal/system:

    Before the person is granted to right to get into the system, a person needs to submit his information to the computer and the computer would compare the information from the profile it has to see is the person is allowed to use the computer.

    After the user has granted the right to get into the system and the user actually gets in. We apply the Access Control List to enforce the security policy, which protects the files against illegal access. Each user has his rights with files such as "read," "write," and "delete". This control list has important information about those rights for each user and each files. This work can be done by a matrix.

    2) Internet authentication:

    there are two types of authentication:

    1. Application level (such as Telnet and FTP)
    2. Message, transactions and E-mail that require authentication of source

    Regarding sending e-mails, authentication ensures that a message appearing to be from a particular person can have originated from that person only, and that the message has not been altered. MIT distributes PGP free for non-commercial use. PGP or Pretty Good Privacy is a high-security cryptographic software application that allows people to exchange messages with both privacy and authentication. This distribution is done in cooperation with Philip Zimmermann, the author of PGP, PGP Incorporated and with RSA Data Security, Inc., which licenses patents to the public-key encryption technology on which PGP relies. more information about PGP

    3) network authentication:

    Traditional authentication methods are not suitable for use in computer networks because attackers can monitor network traffic and intercept passwords. Therefore, a strong authentication method which does not disclose passwords is in need. The Kerberos authentication system supports strong authentication on such networks.

    As a gentle introduction, think of Kerberos in terms of an exchange transaction. Kerberos issues a certificate to a user, after authenticating them over a secure link. This certificate is the "product", which the "merchant" (Kerberos) gives the "customer" (user) after authenticating them. This certificate grants the user access to certain resources, such as a file server or a database. The user must re-authenticate periodically, as the certificates eventually expire (in order to prevent someone stealing a certificate).

    More technically, Kerberos is a distributed authentication service that allows a process (a client) running on behalf of a principal (a user) to prove its identity to a verifier (an application server, or just server) without sending data across the network that might allow an attacker or the verifier to subsequently impersonate the principal. Kerberos was developed in the mid-'80s as part of MIT's Project Athena. As use of Kerberos spread to other environments, changes were needed to support new policies and patterns of use. Design of Version 5 of Kerberos(V5) began in 1989 and now it is the standard Kerberos.
    more information about Kerberos

    We need to understand the requirements of an application when choosing a method. For example, authentication for electronic mail may require support for multiple recipients and non-repudiation, but can tolerate greater latency. In contrast, poor performance would cause problems for authentication to a server responding to frequent queries.

    There are two levels at which authentication information can be passed to the server: the global access configuration file and the per-directory configuration files. Per-directory configuration means that users with write access to part of the filesystem that is being served (the Document Tree) can control access to their files as they wish. They need not have root access on the system or write access to the server's primary configuration files. Also, the per-directory configuration files are read and parsed by the server on each access, allowing run-time re-configuration. The global configuration files are only parsed on start-up or restart, which usually requires root authority. There is a speed penalty associated with using the per-directory configuration files, but that's the trade-off you have to take.

    Examples to the policy stated above:

    Mosaic 2.0 and NCSA HTTPd allow access restriction based on several criteria:

    a. Username/password-level access authorization.

    b. Rejection or acceptance of connections based on Internet address of client.

    c. A combination of the above two methods.
    more about NCSA

    other:
    Paper sites from Purdue.edu