Note for first Module. Try on. Ganbatte Kudasai. Hikaru is light. I am Hikaru. And Hikaru use Kent. Kendy mean is candy, but this case, it is katana. First! A. Access Control and Methodology Access Control Basic: Access Control: Bảo vệ khỏi những truy cập trái phép (unauthorize access) Two entities: Subject: active request access to object, like user, computer... Object: passive contain data and information, such as computer, data, file... Security Principle: CIA: Confidentiality - Integrity - Availablity 3 steps: Indentification, Authentication, Authorization -> resource Logical Access: tools for IAAA ( 3 steps + acountablity) 2 steps Authenication: use public infor, like username, user number, and enter private info, such as password, PIN Strong Authentication: two factor authentication Indentification compoments: unique, naming schema, nondescriptive user, not share.
Showing posts from September, 2010
- Other Apps
- Other Apps
Today, i have got free time, remember a lesson about "Authenication methods". It is very usefull, so, i am going to school this next-week ( to be going to, not will :)). Ok, in this lessson, i like on time password (OTP). Main contents is: server store hash password (such as 1000 time) and number of hash times (N, in this example is 1000) in database client request, server send number N to client, it is number of hash time. client recevied that number N, performe hash (N-1) times password ( in this example is 999). Send it to server server recevied hash (N-1) times of password, server hash one time, then compare with database, it true, client allowed. server replace hash (N) times of password by hash (N-1) times of password from client, and number of hash times decrease one time ( N-1), in this example, 999 replace 1000. If N equal 1, password reset. I find many infomations about Kerberos: Started in project Athena ( i don`t know) Introduce in Windows 2000 Use sy