[Information Security]-Identity Authentication Technology

Others 2021-03-30 11:42:26 views: null

Abstract: Identity authentication technology is used to determine the legal identity of a user. There are password-based identity authentication technology, two-factor identity authentication, identity authentication based on x509 certificate, identity authentication based on USB key, identity authentication based on biometrics, and various identity authentication protocols, such as Kerberos, PAP for PPP protocol And CHAP etc.

table of Contents

1. Password-based authentication

2. Two-factor authentication

3. Identity authentication based on X509 certificate

4. Security authentication protocol

Kerberos

NSSK

PAP

CHAP

RADIUS

5.USB Key authentication

6. Identity authentication based on biometrics

Identity authentication technology

User identity authentication mechanism can be divided into two components: identity identification and identity authentication

Identity: the process of establishing information for users to confirm their identity

Identity authentication: the process by which the system determines the legal identity of the user

1. Password-based authentication

The password-based authentication method is that the user enters his own password, the computer verifies and gives the user the corresponding authority. In order to avoid transmitting passwords on the Internet, a challenge-response mechanism is adopted

Challenge-response mechanism

A wants to log in to B , and B needs to verify A ’s identity

1. A tells B his name, if B finds A 's record, then the next step

2.  B proposes a random number (challenge) to A as a query

3. A encrypts the random number with its own private key (which can prove identity), and the result is returned to B

4. B uses A 's public key to decrypt the result, if it is correct, the verification is passed

2. Two-factor authentication

Proving a person's identity by combining two different conditions is called two-factor authentication. The two-factor authentication mechanism usually adds a physical factor to the static password to form a secure password that others cannot copy and see through.

3. Identity authentication based on X509 certificate

The X.509 certificate-based authentication technology relies on a jointly-reliant third party to achieve authentication. The third party that can be relied on here
refers to the CA's certification body. The certification based on X.509 certificate actually transforms the trust between individuals into the trust of the individual to the organization.

4. Security authentication protocol

Kerberos

Kerberos is an authentication protocol for access by ticket. If you compare the passenger to the client and the train to the server, then the authentication process will involve two tickets.

The first step: the user buys a train ticket and goes to the window to verify

Step 2: The window verifies whether the identity information of the purchased ticket is consistent with your own identity information. If the verification is passed, you will be given another ticket

The third step: the user takes the second ticket and walks to the gate of the train, and checks whether the seat information of the train is consistent with the security inspector

Step 4: Pass the verification and get on the train successfully

NSSK

Using symmetric encryption algorithm, control through the key distribution center KDC

PAP

(PassWord Authentication Protocol, PAP) password authentication protocol, mainly for PPP protocol

CHAP

(Challenge-Handshake Authentication Protocol) The challenge-handshake authentication protocol is mainly for PPP. In addition to being used at the beginning of dial-up, it can also be used at any time after the connection is established.

RADIUS

(Remote Authentication Dial In UserService,RADIUS)

5.USB Key authentication

It uses a combination of software and hardware, a strong two-factor authentication mode with one password at a time, which solves the contradiction between security and ease of use. USB Key is a hardware device with USB interface . It has a built-in single-chip microcomputer or smart card chip, which can store the user's key or digital certificate , and use Usbkey's built-in password algorithm to realize the authentication of the user's identity

6. Identity authentication based on biometrics

For example: fingerprint recognition technology, face recognition technology, iris recognition technology, palmprint recognition technology, voice recognition technology, handwriting recognition technology

 

Guess you like

Origin blog.csdn.net/qq_39328436/article/details/115177458
Recommended
TIOBE May list: Fortran “resurrected” into Top 10
GCC 14.1 released
Ranking
B. Little Girl and Game【1300 / 回文字符串 博弈论】
CIKERS Shane 20190613
"Javascript advanced programming" study notes - the constructor and prototype
beeline hiveserver2 start
springboot - Automatically backup mysql data every day
Data Storage Full Solution--Detailed Persistence Technology
Detailed Explanation of Spring Web MVC DispatcherServlet—Official Original
TCP / IP protocol layers structure and function
Command type literal pos: unknown; Fallback type literal pos: unknown] with root cause
Design of multifunctional curtain controller with indoor anti-theft alarm
Daily
More
2024-05-08(18)
2024-05-07(34)
2024-05-06(6)
2024-05-05(0)
2024-05-04(18)
2024-05-03(8)
2024-05-02(0)
2024-05-01(4)
2024-04-30(36)
2024-04-29(5)

Code World

© 2018 codetd.com