Professional Documents
Culture Documents
Prepared for:
MOHD ZHAFRI BIN MOHD ZUKHI
Prepared by:
ADAM HAKIM BIN SHAHIDAN
(2021824824)
UITM, Kedah | 1
CSC204 – PRACTICAL APPROACH TO
OPERATING SYSTEMS ASSIGNMENT
Instruction:
5. Please refer to the guidelines in preparing the cover page for this assignment.
8. You will not receive back your assignment. Therefore, it is advisable to make your own
copy for your reference.
9. The respective student must be present upon submitting the assignment. Those who failed
to do so will be graded as ZERO.
UITM, Kedah | 2
CSC204 – PRACTICAL APPROACH TO
OPERATING SYSTEMS ASSIGNMENT
Important notes:
UITM, Kedah | 3
CSC204 – PRACTICAL APPROACH TO
OPERATING SYSTEMS ASSIGNMENT
Unauthorized users cannot access your device or network thanks to user authentication, a
security procedure. A program asks for customized passwords throughout the login process in
order to provide you permission to use it. A user's authentication is unsuccessful if they are not
authorized to log in to the network.
Advanced technology is used for user authentication. A hacker would have to go above and
beyond in order to get around the guarded network. The attacker will be discovered before they
get access if there are other cybersecurity measures in place, such as intrusion detection systems
on the network.
UITM, Kedah | 4
CSC204 – PRACTICAL APPROACH TO
OPERATING SYSTEMS ASSIGNMENT
1. Manage the connection between the human (user) and the website’s server (computer).
2. Verify users’ identities.
3. Approve (or decline) the authentication so the system can move to authorizing the user.
Users fill out the website's login form with their information, which is a reasonably basic
process. The authentication server then compares that data with all of the user credentials that are
currently on file. Users will be authenticated by the system and given access to their accounts
whenever a match is discovered. Users will be asked to input their credentials again and try again
if a match is not discovered. After multiple failed tries, the account might be marked as having
suspicious behavior, or it might need to use an alternate authentication mechanism, like a
password reset or one-time password.
UITM, Kedah | 5
CSC204 – PRACTICAL APPROACH TO
OPERATING SYSTEMS ASSIGNMENT
There are 5 common security techniques that can be used to authenticate system users:
1. Password authentication
2. Two-factor authentication
With two-factor authentication (2FA), a user must supply two distinct authentication
factors in order to prove their identity. In order to prevent unwanted access to a user's
account or device, this procedure is intended to add an additional layer of protection.
There are several different types of authentication factors that can be used in 2FA,
including:
UITM, Kedah | 6
CSC204 – PRACTICAL APPROACH TO
OPERATING SYSTEMS ASSIGNMENT
Users will be asked to enter one of the aforementioned authentication factors in addition
to their login and password when attempting to access an account or device that has 2FA
enabled. For instance, after entering their password, they might then get a one-time
passcode by SMS or a notification on their smartphone, which they would need to input
to finish the login process.
Since 2FA makes it necessary for an attacker to possess one of the other authentication
factors in addition to the user's password, it can help prevent unauthorized access to
accounts and devices. As a result, it is far more challenging for an attacker to access a
user's account or device.
With the use of the authentication technique known as single sign-on (SSO), a user can
log into different applications using just one set of login information (username and
password). Users won't have to remember numerous sets of login information for various
programs, which can make the login procedure easier for them.
The user logs in using their SSO credentials only once, as opposed to having to enter
their login information for each application. After authenticating the user's identity, the
SSO system provides them access to the various applications they are permitted to use.
Digital certificates and public keys can be safely exchanged and managed using a system
called public key infrastructure (PKI). A secure way to exchange information over the
internet is made possible by PKI, which combines public and private keys, digital
certificates, and certificate authorities (CAs).
UITM, Kedah | 7
CSC204 – PRACTICAL APPROACH TO
OPERATING SYSTEMS ASSIGNMENT
1. A user or device generates a pair of public and private keys. The private key is kept
secret, while the public key is shared with others.
2. The user or device sends their public key and identifying information (such as their
name and email address) to a certificate authority (CA).
3. The CA verifies the user's identity and issues a digital certificate, which is a digitally
signed document that contains the user's public key and identifying information.
4. The user or device stores the digital certificate and private key on their device or in a
secure location.
5. When the user wants to send an encrypted message to someone else, they use their
private key to encrypt the message. The recipient can then use the sender's public key,
which is contained in the digital certificate, to decrypt the message.
One way to verify a user's or a device's identity when using a smart card is through smart
card authentication. A smart card is a tiny plastic card with a computer chip on it that is
used to store and process data.
When using a smart card for authentication, data that confirms the user's or device's
identification is stored on the card. When a user tries to log into a system or service, they
must insert their smart card into a card reader, which scans the data on the card and
verifies the user's or device's identification using that information.
Smart card authentication can be applied in a variety of situations, such as when making
payments, gaining access to secure computer systems, or establishing identity for other
UITM, Kedah | 8
CSC204 – PRACTICAL APPROACH TO
OPERATING SYSTEMS ASSIGNMENT
UITM, Kedah | 9