User Authentication
An operating system bases
much of its protection on knowing who a user of the system is. In real-life
situations, people commonly ask for identification from people they do not
know: A bank employee may ask for a driver's license before cashing a check, library
employees may require some identification before charging out books, and
immigration officials ask for passports as proof of identity. In-person
identification is usually easier than remote identification. For instance, some
universities do not report grades over the telephone because the office workers
do not necessarily know the students calling. However, a professor who
recognizes the voice of a certain student can release that student's grades.
Over time, organizations and systems have developed means of authentication,
using documents, voice recognition, fingerprint and retina matching, and other
trusted means of identification.
In computing, the choices are
more limited and the possibilities less secure. Anyone can attempt to log in to
a computing system. Unlike the professor who recognizes a student's voice, the
computer cannot recognize electrical signals from one person as being any
different from those of anyone else. Thus, most computing authentication
systems must be based on some knowledge shared only by the computing system and
the user.
Authentication mechanisms use
any of three qualities to confirm a user's identity.
Something the user knows. Passwords, PIN numbers, passphrases, a
secret handshake, and mother's maiden name are examples of what a user may
know.
Something the user has. Identity badges, physical keys, a driver's
license, or a uniform are common examples of things people have that make them
recognizable.
Something the user is. These authenticators, called biometrics, are
based on a physical characteristic of the user, such as a fingerprint, the
pattern of a person's voice, or a face (picture). These authentication methods
are old (we recognize friends in person by their faces or on a telephone by
their voices) but are just starting to be used in computer authentications. See
Sidebar 4-3 for a glimpse at some of the
promising approaches.
Two or more forms can be
combined for more solid authentication; for example, a bank card and a PIN
combine something the user has with something the user knows.
Related Topics
Privacy Policy, Terms and Conditions, DMCA Policy and Compliant
Copyright © 2018-2023 BrainKart.com; All Rights Reserved. Developed by Therithal info, Chennai.