Advanced Operating Systems: Lecture 40 - Mr. Farhan Zaidi
Bạn đang xem bản rút gọn của tài liệu. Xem và tải ngay bản đầy đủ của tài liệu tại đây (340.16 KB, 10 trang )
CS703 Advanced
Operating Systems
By Mr. Farhan Zaidi
Lecture No.
40
Overview of today’s lecture
User authentication
Password based authentication
UNIX password scheme
One-time password schemes
Challenge response authentication
Biometrics and other authentication schemes
Access control and authorization
Access control matrix
Authentication
Usually done with passwords.
This is usually a relatively weak form of authentication,
since it’s something that people have to remember
Empirically is typically based on wife’s/husband’s or kid’s
name, favorite movie name etc.
Passwords should not be stored in a directly-readable form
Use some sort of one-way-transformation (a “secure
hash”) and store that
if you look in /etc/passwords will see a bunch of gibberish
associated with each name. That is the password
Problem: to prevent guessing (“dictionary attacks”) passwords
should be long and obscure
unfortunately easily forgotten and usually written down.
Authentication (2)
Unix password security
Encrypt passwords
One time passwords
Lamport’s clever scheme (Read Tanenbaum for details)
Challenge-Response based authentication
Used in PPP and many other applications
Authentication alternatives
Badge or key
Does not have to be kept secret. usually some sort of picture
ID worn on jacket (e.g., at military bases)
Should not be forgeable or copy-able
Can be stolen, but the owner should know if it is
(but what to do? If you issue another, how to invalidate
old?)
This is similar to the notion of a “capability” that we’ll see later
Biometrics
Biometrics
Example features:
Authentication of a person based on a physiological or behavioral
characteristic.
Face, Fingerprints, Hand geometry, Handwriting,
Iris, Retinal, Vein, Voice.
Strong authentication but still need a “Trusted Path”.
Access control
Context
System knows who the user is
User has entered a name and password, or other info
Access requests pass through gatekeeper
OS must be designed so monitor cannot be bypassed
User
process
Reference
monitor
?
Resource
Decide whether user can apply operation to resource
Access control matrix [Lampson]
Objects
Subjects
…
File 1
File 2
File 3
File n
User 1
read
write
-
-
read
User 2
write
write
write
-
-
User 3
-
-
-
read read
write
read
write read
…
User m read
Two implementation concepts
Access control list (ACL)
Store column of matrix
with the resource
Capability
User holds a “ticket” for
each resource
File 1 File 2
…
User 1
read
write
-
User 2
write
write
-
User 3
-
-
read
read
write
write
…
User m
Access control lists are widely used, often with groups
Some aspects of capability concept are used in Kerberos, …
