Authentication and Access Control: Practical Cryptography Methods and Tools
Cybersecurity is a critical concern for individuals and for organizations of all types and sizes. Authentication and access control are the first line of defense to help protect you from being attacked.

This book begins with the theoretical background of cryptography and the foundations of authentication technologies and attack mechanisms. You will learn about the mechanisms that are available to protect computer networks, systems, applications, and general digital technologies.

Different methods of authentication are covered, including the most commonly used schemes in password protection: two-factor authentication and multi-factor authentication. You will learn how to securely store passwords to reduce the risk of compromise. Biometric authentication—a mechanism that has gained popularity over recent years—is covered, including its strengths and weaknesses.

Authentication and Access Control explains the types of errors that lead to vulnerabilities in authentication mechanisms. To avoid these mistakes, the book explains the essential principles for designing and implementing authentication schemes you can use in real-world situations. Current and future trends in authentication technologies are reviewed.


What You Will Learn



• Understand the basic principles of cryptography before digging into the details of authentication mechanisms
• Be familiar with the theories behind password generation and the different types of passwords, including graphical and grid-based passwords
• Be aware of the problems associated with the use of biometrics, especially with establishing a suitable level of biometric matching or the biometric threshold value
• Study examples of multi-factor authentication prools and be clear on the principles
• Know how to establish authentication and how key establishment processes work together despite their differences
• Be well versed on the current standards for interoperability and compatibility
• Consider future authentication technologies to solve today's problems


Who This Book Is For

Cybersecurity practitioners and professionals, researchers, and lecturers, as well as undergraduate and postgraduate students looking for supplementary information to expand their knowledge on authentication mechanisms

1137679359
Authentication and Access Control: Practical Cryptography Methods and Tools
Cybersecurity is a critical concern for individuals and for organizations of all types and sizes. Authentication and access control are the first line of defense to help protect you from being attacked.

This book begins with the theoretical background of cryptography and the foundations of authentication technologies and attack mechanisms. You will learn about the mechanisms that are available to protect computer networks, systems, applications, and general digital technologies.

Different methods of authentication are covered, including the most commonly used schemes in password protection: two-factor authentication and multi-factor authentication. You will learn how to securely store passwords to reduce the risk of compromise. Biometric authentication—a mechanism that has gained popularity over recent years—is covered, including its strengths and weaknesses.

Authentication and Access Control explains the types of errors that lead to vulnerabilities in authentication mechanisms. To avoid these mistakes, the book explains the essential principles for designing and implementing authentication schemes you can use in real-world situations. Current and future trends in authentication technologies are reviewed.


What You Will Learn



• Understand the basic principles of cryptography before digging into the details of authentication mechanisms
• Be familiar with the theories behind password generation and the different types of passwords, including graphical and grid-based passwords
• Be aware of the problems associated with the use of biometrics, especially with establishing a suitable level of biometric matching or the biometric threshold value
• Study examples of multi-factor authentication prools and be clear on the principles
• Know how to establish authentication and how key establishment processes work together despite their differences
• Be well versed on the current standards for interoperability and compatibility
• Consider future authentication technologies to solve today's problems


Who This Book Is For

Cybersecurity practitioners and professionals, researchers, and lecturers, as well as undergraduate and postgraduate students looking for supplementary information to expand their knowledge on authentication mechanisms

64.99 In Stock
Authentication and Access Control: Practical Cryptography Methods and Tools

Authentication and Access Control: Practical Cryptography Methods and Tools

by Sirapat Boonkrong
Authentication and Access Control: Practical Cryptography Methods and Tools
Add to Wishlist
Authentication and Access Control: Practical Cryptography Methods and Tools

Authentication and Access Control: Practical Cryptography Methods and Tools

by Sirapat Boonkrong

Overview

Cybersecurity is a critical concern for individuals and for organizations of all types and sizes. Authentication and access control are the first line of defense to help protect you from being attacked.

This book begins with the theoretical background of cryptography and the foundations of authentication technologies and attack mechanisms. You will learn about the mechanisms that are available to protect computer networks, systems, applications, and general digital technologies.

Different methods of authentication are covered, including the most commonly used schemes in password protection: two-factor authentication and multi-factor authentication. You will learn how to securely store passwords to reduce the risk of compromise. Biometric authentication—a mechanism that has gained popularity over recent years—is covered, including its strengths and weaknesses.

Authentication and Access Control explains the types of errors that lead to vulnerabilities in authentication mechanisms. To avoid these mistakes, the book explains the essential principles for designing and implementing authentication schemes you can use in real-world situations. Current and future trends in authentication technologies are reviewed.


What You Will Learn



• Understand the basic principles of cryptography before digging into the details of authentication mechanisms
• Be familiar with the theories behind password generation and the different types of passwords, including graphical and grid-based passwords
• Be aware of the problems associated with the use of biometrics, especially with establishing a suitable level of biometric matching or the biometric threshold value
• Study examples of multi-factor authentication prools and be clear on the principles
• Know how to establish authentication and how key establishment processes work together despite their differences
• Be well versed on the current standards for interoperability and compatibility
• Consider future authentication technologies to solve today's problems


Who This Book Is For

Cybersecurity practitioners and professionals, researchers, and lecturers, as well as undergraduate and postgraduate students looking for supplementary information to expand their knowledge on authentication mechanisms

Product Details

ISBN-13: 9781484265697
Publisher: Apress
Publication date: 12/12/2020
Edition description: 1st ed.
Pages: 230
Product dimensions: 7.01(w) x 10.00(h) x (d)

About the Author

Sirapat Boonkrong has more than 15 fifteen years of experience in the field of information security as a student, researcher, and lecturer. After spending more than 10 years getting his education from high school to PhD in the UK, Sirapat began his career in 2006 as a full-time researcher at the National Electronics and Computer Technology Centre, Thailand. He then moved into full-time teaching at King Mongkut's University of Technology North Bangkok, Thailand and stayed there from 2009 to 2017. Sirapat is currently a full-time lecturer at the School of Information Technology and DIGITECH at Suranaree University of Technology, Thailand. His main teaching and research interests are in cyber security, authentication technologies, and cryptographic prool design.

Table of Contents

Chapter 1: Introduction to Cryptography

Covers basic principles of cryptography which forms a part of authentication mechanisms. This chapter is included in this book because it is necessary to understand basic principles of cryptography prior to getting into the detail of authentication mechanisms.

What is “Security”?

The CIA Model

Principles of Cryptography

Symmetric Cryptography

Asymmetric Cryptography

Hybrid Cryptosystem

Cryptographic Hash Functions

Digital Signature

Chapter 2: Public Key Infrastructure

It is not possible to have a book on authentication without mentioning public key infrastructure (PKI), which is the foundation of security mechanisms for transactions on the Internet. The aim of this chapter is the understanding of the process and components, especially certificate authorities and digital certificates, which are necessary in many of today’s authentication technologies.

PKI’s Uses and Benefits

PKI Framework

Certificate Exchange

PKI Process

Chapter 3: Methods and Threats of Authentication

Brings the readers into the world of authentication with an introduction to different authentication methods including the widely accepted something-you-know, something-you-have and something-you-are. Unfortunately, they are not without any security problems. The chapter, therefore, provides explanation of potential threats to these authentication technologies, too.

What is Authentication?

Factors of Authentication

Something You Know

Something You Have

Something You Are

Other Factors of Authentication

Threats of Authentication

Chapter 4: Password-Based Authentication

Passwords are the most popular and most commonly used authentication mechanism. It is, therefore, necessary to understand theories behind password generation and different types of passwords, including graphical and grid-based passwords. One of the main aims of this chapter is to explain the problems with traditional passwords and newly studied problem with grid-based passwords. This chapter also discusses the principles of secure password storing methods during which a new and more secure storing scheme is introduced.

Passwords

Storing Passwords

Dynamic Salt Generation and Placement

Grid-Based Passwords

Chapter 5: Biometric Authentication

In recent years, we have seen that authentication technologies have stepped into the field of biometrics. Biometric authentication is discussed together with how the efficiency of biometric-based authentication methods can be measured. This chapter also touches on the problems of biometrics, especially the suitable level of biometric matching or the biometric threshold value. Finally, a method and an example for finding a suitable biometric threshold is illustrated.

What is Biometrics?

Biometric Authentication

Performance Metrics of Biometric Authentication

Finding a Biometric Threshold

Biometric Authentication Use Cases

Chapter 6: Multi-Factor Authentication

Explains a mechanism known as multi-factor authentication. It has become a well-known fact that one-factor authentication, especially the password-only authentication method is not adequate enough. Multi-factor authentication is when more than one method or one type of authentication credential is used in the authentication process. It is increasingly used in verifying user’s identity to access information systems with the belief that it provides better security. This chapter provides the explanation of the principles and examples of multi-factor authentication prools.

Issues with Traditional Authentication

Two-Factor Authentication

Common Authentication Factors

Is Two-Factor Authentication More Secure?

Where is Two-Factor Authentication Used?

Multi-Factor Authentication

Multi-Factor Authentication for Internet Banking

Multi-Factor Biometric-Based Authentication

Multi-Factor Authentication Evaluation

Chapter 7: Authentication and Key Establishment Prools

The aim of this chapter is to establish how authentication and key establishment processes work together despite their differences. Classical authentication and key establishment prools that applied symmetric cryptography and asymmetric cryptography are discussed in order to point out their weaknesses. Potential solutions and more secure versions of these classic prools are also provided, not with the expectation that the readers will use them but with the hope that they will understand how vulnerabilities can be spotted and what mechanisms can be used to fix them. Apart from the classical schemes, today’s authentication and key establishment schemes are explained in secure socket layer (SSL) and Kerberos. Moreover, from the lessons learned from the past prools, principles for designing more secure authentication mechanisms are given.

Authentication Prools

Andrew Secure RPC Prool

Needham-Schroeder Prool

Needham-Schroeder Public Key Prool

Secure Socket Layer (SSL)

Kerberos

Designing an Authentication Prool

Chapter 8: Current and Future Trends of Authentication

This chapter attempts to look into the future to see how authentication process will evolve and be developed. Several upcoming processes are: continuous authentication, where users are frequently authenticated during a session; cancellable authentication, where users are not required to enroll their true biometric information; and adaptive multi-factor authentication, which is how authentication factors dynamically change according to different context.

What the World is Doing

Continuous Authentication

Cancellable Authentication

Adaptive Multi-Factor Authentication

From the B&N Reads Blog
Page 1 of

Related Subjects

Computers
Computers - General & Miscellaneous
Computer Security
Computers
Computers - General & Miscellaneous
Computer Security

Customer Reviews