| |
One of the essential security services is authentication. In this chapter, we first explore password-based authentication and see its drawbacks in section 2. More sophisticated authentication protocols ranging from one-time password schemes to mediated authentication are the topics of section 3. Until this point, the discussion is on software authentication in which no specialized hardware is employed. Section 4 summarizes two alternatives to passwords when this piece of hardware is available. Biometric authentication is based on recognizing humans with their unique characteristics using a reading hardware. A smartcard is an embedded device that contains microprocessor and memory holding secret data providing security services including authentication. Finally in section 5, we bring phishing attacks to the table as a case study to understand the reasons of difficulty for providing secure authentication.
|
|
|
