Add to collection(s) Add to saved
  1. No category
Uploaded by dotale9668

Module 1 - 5b Network Authentication

advertisement 
Module 1 – 5b Network Authentication
Public Key Infrastructure (PKI)
DoD PKI Program
-
Program providing secure access to its communications networks
PKI Credentials
-
Program provides most members with 3 types of credentials
o Identity credential or certificate for each employee CAC
o Email encryption
o Digital signature certificate
PKI Keys
-
-
Public key cryptography makes use of 2 keys
o Private and public
 Private Key: used to decrypt and to encrypt messages between the
communicating machines
 Kept secret
 Public Key: used for both encryption and verification of signature
 Freely available
Symmetric Key: handles both encryption and decryption
Asymmetric Key: consist of a public key and private key
o Provide advantage of authentication and nonrepudiation
Certification Authority (CA)
-
Serves as the root of trust to authenticate the identity of individuals, computers, and other
entities in the network
Registration Authority (RA)
-
Certified by root CA to issue certificates for users permitted by the CA
Certificate Database
-
Saves certificate requests issued and revoked certificates from RA and CA
Certificate Store
-
Saves issued certificates and pending or rejected certificate requests from the local computer
Key Archival Server
-
Saves encrypted private keys in a certificate database for disaster recover purposes
Certification revocation List (CRL)
Module 1 – 5b Network Authentication
-
Revoking a certificate before its expiration date
Middleware
-
General term for computer software providing services to software applications beyond those
from the OS
CAC Middleware
-
Application serving as the interface between the host’s applications and CAC
CAC Data
CAC Management
-
Set functions necessary to manage the card the middleware environment, such as PIN changes
and PIN timeout
DoD Smart Card
-
Replaced uniformed services privilege and ID card
Special smart card issued by DoD and contains data about member
Need PIN to access information on CAC
Authentication Factors
Something you know
Password Policy
-
Dictates how passwords in an organization will be structured
Password Construction
-
Required combo of characters, letters, numbers, and special characters
Password History
Duration
Protection of Passwords
Consequences
Something you are
-
Physical, genetic, or human characteristics
o Biometric authentication is widely regarded as the hardest to forge or spoof
o Cost more than other methods
Module 1 – 5b Network Authentication
Something you have
-
Something only you should physically possess
Somewhere you are
-
Location can be used as an authentication factor
Something you do
-
Performance-based version of authentication
Multifactor Authentication
-
The use of two or more authentication factors
Related documents
T-1 TABLE OF CONTENTS
T-1 TABLE OF CONTENTS
White Modern Certificate
White Modern Certificate
Activity 4- Final (Evidence)
Activity 4- Final (Evidence)
Download
advertisement