Professional Documents
Culture Documents
CHAPTER NO.2
Identification, Authentication
And
Operational Security
2
CHAPTER 2:- SYLLABUS
3 Access controls:
4 Biometrics
DTEL 3
CHAPTER-2 SPECIFIC OBJECTIVE / COURSE OUTCOME
DTEL 4
LECTURE 1:- Identification….. Password Selection
•Easy to remember
•Contain user_ID
•Name of family member, favorite sports team, etc….
•If we know more about the user then there is a better chance
of discovering their password.
•It is always a combination of uppercase, lowercase, number
and special symbol.
•It is difficult to attack
•Problem with such type of password is difficult to remember.
•Organizational user always change their user id and
Password to make system secure.
•Many user have many accounts & password
DTEL 5
LECTURE 1:- Identification….. Role of People in Security
•Password selection
•Dumpster Diving
•Access by Non-Employee
•Security Awareness
DTEL 6
LECTURE 1:- Identification…..
THANK YOU
DTEL 7
LECTURE 2:- Identification….. Piggybacking & Shoulder Surfing
Piggybacking
The simple tactic of following closely behind a person who has
just used their own access card or PIN to gain physical access
to the facility without having to know the access code or
having to acquire an access card
Shoulder surfing
Involves the attacker directly observing the individual entering
sensitive information on a form, keypad, or keyboard
DTEL 8
LECTURE 2:- Identification….. Dumpster Diving
DTEL 9
LECTURE 2:- Identification…..
THANK YOU
DTEL 10
LECTURE 3:- Identification….. Installing unauthorized software
DTEL 11
LECTURE 3:- Identification….. Access By Non-Employee
12
DTEL 12
LECTURE 3:- Identification….. Security Awareness
13
DTEL 13
LECTURE 3:- Identification…..
THANK YOU
DTEL 14
LECTURE 4:- Identification….. Individual User Responsibility
THANK YOU
DTEL 16
LECTURE 5:- Identification….. Securities policies
Policies
Standards
Guidelines
Procedures
17
DTEL 17
LECTURE 5:- Identification….. Securities policies
Policies
These are made by management of an organization on
particular issue
These are high-level, broad statement of what the
organization wants to accomplished.
Standards
These are compulsory element to implement the policy.
This provide the specific details on how to implement the
policy.
Other standard may be set by the organization for its own
goal.
18
DTEL 18
LECTURE 5:- Identification….. Securities policies
Guidelines
These are recommendation related to the policy.
This is not compulsory steps.
Procedures
These are step-by-step instruction for how to implement
policies in the organization.
These describe exactly how employees are expected to act in
a given situation.
19
DTEL 19
LECTURE 5:- Identification….. Securities policies
20
DTEL 20
LECTURE 5:- Identification…..
THANK YOU
DTEL 21
LECTURE 6:- Identification….. Physical Security
DTEL 22
LECTURE 6:- Identification….. Physical Barrier
23
DTEL 23
LECTURE 6:- Identification…..
THANK YOU
DTEL 24
LECTURE 7:- Identification….. Social Engineering
25
DTEL 25
LECTURE 7:- Identification….. Social Engineering
•It is useful to
Train the people .
Educate the people
Provide help to people.
Provide different techniques that avoid the attack.
26
DTEL 26
LECTURE 7:- Identification…..
THANK YOU
DTEL 27
LECTURE 8:- Identification….. Biometrics access control.
28
DTEL 28
LECTURE 8:- Identification….. Biometrics access control.
29
DTEL 29
LECTURE 8:- Identification….. Biometrics access control.
Working :
Any biometric access control system will consists of a
biometric access control reader or scanner.
This is the unit which captures the raw data in the form of
fingerprint or information from iris scan, etc. This data is then
analyzed & compared to the person's characteristics against
the previously enrolled record.
If the two records match, the person is authenticated. And if
the time is within the authorized period for entry, the device
will signal & release the electric door lock.
The most common aspect of biometrics being used for
access control is fingerprints.
Though in more secure areas like defense areas and
airports, government areas, etc. iris scanning systems, and
other hi-tech approaches are being used. 30
DTEL 30
LECTURE 8:- Identification…..
THANK YOU
DTEL 31
LECTURE 9:- Identification….. Biometrics (Example).
32
DTEL 32
LECTURE 9:- Identification….. Biometrics (Example).
33
DTEL 33
LECTURE 9:- Identification….. Biometrics (Example).
34
DTEL 34
LECTURE 9:- Identification…..
THANK YOU
DTEL 35
LECTURE 10:- Identification….. Biometrics (Example).
36
DTEL 36
LECTURE 10:- Identification….. Biometrics (Example).
37
DTEL 37
LECTURE 10:- Identification…..
THANK YOU
DTEL 38
References Books:
cryptography and Network security by atul kahate
Compute security principle and practice by william
stalling
References Web:
http://www.pgpi.org/doc/pgpintro
http://www.emailtrackerpro.com
http://www.kmint21.com
http://www.jjtc.com/Steganography/tools.html
DTEL 39