Authentication
1 of 11
https://leocontent.umgc.edu/content/umuc/tgs/cst/cst620/2212/learning-t...
Learning Topic
Authentication
Authentication is the process by which credentials are presented and
validated to enable access. There are a number of different methods of
authentication. Passwords are the most common type of authentication
and are usually coupled with user identification (user IDs). Tokens and
certificates are often used in place of passwords to provide a higher level
of security. Tokens can contain unique identifiers (e.g., digital signatures
or keys). Tokens can also store biometric data—for example, fingerprints.
There are several different types of combinations of authentication.
Higher levels of security are generally associated with more levels of
authentication (multifactor). For example, two‐factor authentication might
include a token and a password. Kerberos is a protocol for authentication
made up of two components: a ticket (distributed by a service) for user
authentication and a key that is developed from the user's password.
Another authentication scheme is the Challenge‐Handshake
Authentication Protocol (CHAP), which uses a representation (hash) of
the user's password to authenticate.
4/24/2021, 8:44 PM
Authentication
2 of 11
https://leocontent.umgc.edu/content/umuc/tgs/cst/cst620/2212/learning-t...
Resources
Required
NIST Special Publication 800‐57 Part 1
(https://doi.org/10.6028/NIST.SP.800‐57pt1r5)
How to Authenticate Users with API Keys (/content
/umuc/tgs/cst/cst620/2212/learning‐resource‐
list/how‐to‐authenticate‐users‐with‐api‐
keys.html?ou=546459)
Has the Time Come to Kill the Password? (/content
/umuc/tgs/cst/cst620/2212/learning‐resource‐
list/has‐the‐time‐come‐to‐kill‐the‐
password‐.html?ou=546459)
Key Management Cheat Sheet (/content/umuc/tgs
/cst/cst620/2212/learning‐resource‐list/key‐
management‐cheat‐sheet.html?ou=546459)
User Authentication with OAuth 2.0 (/content
/umuc/tgs/cst/cst620/2212/learning‐resource‐
list/user‐authentication‐with‐oauth‐
2‐0.html?ou=546459)
Centralized Authentication Using OpenLDAP
(/content/umuc/tgs/cst/cst620/2212/learning‐
resource‐list/centralized‐authentication‐using‐
openldap.html?ou=546459)
Message Authentication Codes (/content
/dam/course‐content/tgs/cst/cst‐620/document
/MessageAuthenticationCodes.pdf?ou=546459)
Recommended
4/24/2021, 8:44 PM
Authentication
3 of 11
https://leocontent.umgc.edu/content/umuc/tgs/cst/cst620/2212/learning-t...
Production Best Practices: Security (/content
/umuc/tgs/cst/cst620/2212/learning‐resource‐
list/production‐best‐practices‐‐
security.html?ou=546459)
Broken Authentication and Session Management
(/content/umuc/tgs/cst/cst620/2212/learning‐
resource‐list/broken‐authentication‐and‐session‐
management.html?ou=546459)
Message Authentication and Source Privacy in
Wireless Networks (/content/dam/course‐content
/tgs/cst/cst‐620/document
/MessageAuthenticationandSourcePrivacyinWireles
sNetworks.pdf?ou=546459)
Biometrics (/content/umuc/tgs/cst/cst620
/2212/learning‐resource‐
list/biometrics.html?ou=546459)
Security How‐To: WPA2‐Enterprise on Your Home
Network (/content/dam/course‐content/tgs/cst
/cst‐620/document/SecurityHow‐ToWPA2‐
EnterpriseonYourHomeNetwork.pdf?ou=546459)
Protecting Your System: User Access Security
(/content/dam/course‐content/tgs/cst/cst‐620
/document
/ProtectingYourSystem_UserAccessSecurity.pdf?ou
=546459)
Authentication (/content/umuc/tgs/cst/cst620
/2212/learning‐resource‐
list/authentication.html?ou=546459)
Toward Secure and Dependable Message
Authentication in WSN (/content/dam/course‐
content/tgs/cst/cst‐620/document
4/24/2021, 8:44 PM
Authentication
4 of 11
https://leocontent.umgc.edu/content/umuc/tgs/cst/cst620/2212/learning-t...
/TowardsSecureandDependableMessageAuthentica
tioninWSN.pdf?ou=546459)
OWASP Top 10 for .NET Developers Part 3: Broken
Authentication and Session Management (/content
/umuc/tgs/cst/cst620/2212/learning‐resource‐
list/owasp‐top‐10‐for‐‐net‐developers‐
part‐3‐‐broken‐authentication‐a.html?ou=546459)
Activity: Message Authentication
(https://lti.umgc.edu/contentadaptor/topics
/byid/1a09f264‐6674‐48f6‐ba08‐52e0c55afc0c)
Authentication Summary (https://lti.umgc.edu
/contentadaptor/topics
/byid/d05f43a3‐3951‐4be4‐93a0‐19f898aa2b41)
Multifactor Authentication Overview
(https://lti.umgc.edu/contentadaptor/topics
/byid/1570b4eb‐fc1e‐4a09‐baef‐aa627f537e19)
Authentication and Information Assurance
(https://lti.umgc.edu/contentadaptor/topics
/byid/80eae6bf‐8f7b‐4033‐9004‐aa5b9e08c62b)
4/24/2021, 8:44 PM
Authentication
5 of 11
https://leocontent.umgc.edu/content/umuc/tgs/cst/cst620/2212/learning-t...
Check Your Knowledge
Choose the best answer to each question:
Question 1
Which of the following is the least secure password that
can be enhanced by the use of a token to supply better
security?
one‐time password
static password
dynamic password
passphrase password
Question 2
When a message is encrypted, it provides for which of the
following?
confidentiality
nonrepudiation
authentication
authorization
Question 3
If you digitally sign a message, which of the following are
4/24/2021, 8:44 PM
Authentication
6 of 11
https://leocontent.umgc.edu/content/umuc/tgs/cst/cst620/2212/learning-t...
covered?
authentication
nonrepudiation
integrity
all of the above
Question 4
When employees access the company network via remote
access, which of the following provides the most reliable
authentication?
virtual private networks
synchronous token with a one‐time password
asynchronous token with a one‐time password
both synchronous tokens and asynchronous tokens
with one‐time passwords
Question 5
Point‐to‐point authentication protocols include which of
the following?
EAP (Extensible Authentication Protocol)
CHAP (Challenge Handshake Authentication Protocol)
PAP (Password Authentication Protocol)
4/24/2021, 8:44 PM