Chapter 3 - User Authentication (Computer Security: Principles and Practice, 2nd Edition)

something the individual knows, possesses (token), is (static biometrics), or does (dynamic biometrics)

4 means of user authentication

A __________ authentication system attempts to authenticate an individual based on his or her unique physical characteristics

Biometric

The technique for developing an effective and efficient proactive password checker based on rejecting words on a list is based on the use of a __________ filter

Bloom

A __________ is an individual to whom a debit card is issued.

Cardholder

Authentication protocols used with smart tokens can be classified into three categories: static, dynamic password generator, and ___________

Challenge-Response

A __________ attack attempts to disable a user authentication service by flooding the service with numerous authentication attempts.

Denial-Of-Service

Voice pattern, handwriting characteristics, and typing rhythm are examples of __________ biometrics

Dynamic

__________, in the context of passwords, refers to an adversary's attempt to learn the password by observing the user, finding a written copy of the password, or some similar attack that involves the physical proximity of user and adversary.

Eavesdropping

directed at user file at the host where passwords, token passcodes, or biometric templates are stored

Host attacks (authentication issue)

An authentication process consists of the ________ step and the verification step.

Identification

A host generated random number is often called a __________.

Nonce

denying access to encrypted passwords with a shadow password file

Prevent offline dictionary attack by

With the __________ strategy a user is allowed to select their own password, but the system checks to see if the password is allowable

Proactive Password Checking

adversary repeats a previously captured user response

Replay (Authentication issue)

The __________ is the pattern formed by veins beneath the retinal surface.

Retinal Pattern

A __________ is a separate file from the user IDs where hashed passwords are kept

Shadow Password File

Objects that a user possesses for the purpose of user authentication are called ______

Tokens

In a __________ attack, an application or physical device masquerades as an authentic application or device for the purpose of capturing a user password, passcode, or biometric

Trojan horse

The process of verifying an identity claimed by or for a system entity.

User Authentication (RFC 2828 definition)

The __________ step is presenting or generating authentication information that corroborates the binding between the entity and the identifier

Verification

automatic workstation logout

countermeasure to workstation hijacking

password cracker, rule enforcement, bloom filter

proactive password checking