AA
Uploaded byArti Ambokar
PDF, PPTX832 views

Access_Control_Systems_and_methodology

This document discusses access control systems and methodologies. It covers security clearances used by the federal government, multifactor authentication/biometrics, and passwords. Specific access control methods like fingerprints, voiceprints, retina scanning, iris scanning, and face recognition are explained. The document also discusses password cracking techniques and applications used to crack passwords like John the Ripper, Rainbow Crack, and Cain & Abel.

Embed presentation

Download as PDF, PPTX
ACCESS CONTROL SYSTEMS AND METHODOLOGY
INTRODUCTION ● JERMAINE ROBINSON M.S. Information Systems ● CHIBUZO OBIOHA M.S. Telecommunications Systems and Networks ● ARTI AMBOKAR M.S. Information Systems
OVERVIEW • ACCESS CONTROLS ARE USED IN ORDER TO PROTECT INFORMATION SYSTEMS AND DATA • 3 TYPES OF ACCESS CONTROL METHODOLOGIES ARE: • SECURITY CLEARANCES (FEDERAL GOVERNMENT) • MULTIFACTOR AUTHENTICATION/BIOMETRICS • PASSWORDS • PASSWORD CRACKING IS A METHOD OF GETTING PAST ACCESS CONTROLS • DEMONSTRATION OF JAVA PROGRAM TO CREATE PASSWORD REQUIREMENTS
WHAT IS A SECURITY CLEARANCE? SPECIAL PERMISSION THAT IS GRANTED BY FEDERAL GOVERNMENT TO PERSONNEL THAT HAVE APPROVAL TO ACCESS NETWORKS, DATA, AND INFORMATION SYSTEMS CLEARANCE LEVELS ARE CONFIDENTIAL, SECRET, AND TOP SECRET NETWORKS, DATA, AND INFORMATION SYSTEMS ALSO RECEIVE CORRESPONDING DESIGNATIONS APPLIES TO MILITARY, FEDERAL EMPLOYEES, AND FEDERAL CONTRACTORS
GETTING A CLEARANCE CLEARANCES ARE GIVEN TO PERSONNEL ON A NEED TO HAVE BASIS BIOMETRICS ARE USED AS A MEANS OF GAINING SPECIFIC INFORMATION ABOUT APPLICANTS AND ALL DATA IS STORED FOR THE DURATION OF MILITARY CAREER THE INVESTIGATION PROCESS MUST BE COMPLETED BEFORE A PERMANENT CLEARANCE IS GAINED HOWEVER TEMPORARY CLEARANCES CAN BE ISSUED INVESTIGATIONS COST FROM $200 - $15,000 REINVESTIGATIONS ARE DONE PERIODICALLY AND CLEARANCES HAVE AN EXPIRATION DATE OF 5-15 YEARS REVOCATION CAN OCCUR AT ANY TIME
SCREENING PROCESS SECURITY CLEARANCE SCREENING VIDEO ● SECURITY CLEARANCE SCREENINGS ARE USUALLY CONDUCTED UPON ENTRANCE INTO THE MILITARY ● THE MOS/AFSC/RATING (JOB) THAT ONE IS ENTERING THE MILITARY TO DO OR THE LOCATION OF THEIR PERMANENT DUTY STATION DETERMINES THE CLEARANCE LEVEL THEY WILL BE CONSIDERED FOR EXAMPLE: IF YOU ARE ENTERING THE MILITARY TO DO A NON CLEARANCE JOB BUT ARE ASSIGNED TO A LOCATION WHERE A CERTAIN CLEARANCE LEVEL IS REQUIRED YOU WILL HAVE TO RECEIVE THAT CLEARANCE BEFORE BEING SENT TO THAT DUTY STATION ● A FAIR CHANCE IS GIVEN TO DISCLOSE ALL BACKGROUND INFORMATION BEFORE IT IS DISCOVERED ● CRIMINAL,FINANCIAL, AND MENTAL HEALTH ARE EXAMPLES OF INFORMATION THAT IS LOOKED INTO
DESIGNATIONS GIVEN SECURITY DESIGNATIONS THAT ARE GIVEN TO NETWORKS, DATA, AND INFORMATION SYSTEMS ARE DONE SO WITH THE FOLLOWING GUIDELINES: -CONFIDENTIAL: REASONABLY COULD BE EXPECTED TO CAUSE DAMAGE TO THE NATIONAL SECURITY IF DISCLOSED -SECRET: REASONABLY COULD BE EXPECTED TO CAUSE SERIOUS DAMAGE TO THE NATIONAL SECURITY IF DISCLOSED -TOP SECRET: REASONABLY COULD BE EXPECTED TO CAUSE EXCEPTIONALLY GRAVE DAMAGE TO THE NATIONAL SECURITY IF DISCLOSED
PROTECTING THE ASSETS -EXAMPLE: IF AN OFFICE IS DEEMED AS “SECRET” THE OFFICE CAN CONTAIN A VAULT OR SPECIAL OFFICE WITHIN IT WHERE “TOP SECRET” ASSETS ARE STORE INCLUDING COMPUTERS -ANYTHING FROM AN ENTIRE MILITARY BASE, TO A BUILDING, TO AN OFFICE,TO A COMPUTER, TO A FILE CAN BE GRANTED A SECURITY DESIGNATION -ACCESS TO SECURE ASSETS CAN BE GRANTED ON A NEED TO ACCESS BASIS NOT JUST ON THE BASIS OF HAVING A CLEARANCE LEVEL
WAR ZONES -ANYTIME MILITARY OPERATIONS ARE BASED IN “ENEMY TERRITORY” THERE IS A LARGER RISK INVOLVED -EASIER FOR TERRORISTS TO INFILTRATE NETWORKS BASED IN THEIR HOMELAND VERSUS DOING IT HERE IN AMERICA -ACCESS TO AMERICAN INFORMATION SYSTEMS, DATA, AND NETWORKS IS AT AN EVEN HIGHER PROTECTION LEVEL
ALL ABOUT CLEARANCES ● SECURITY CLEARANCES ARE THE FEDERAL GOVERNMENT’S WAY OF CONTROLLING ACCESS TO INFORMATION SYSTEMS, NETWORKS, AND DATA ● THE PROGRAM PROVIDES A STANDARD THAT CAN BE USED ACROSS THE BOARD SO NATIONAL SECURITY CAN BE AT ITS HIGHEST ● BILLIONS OF DOLLARS ARE SPENT EVERY YEAR ON COMING UP WITH STRATEGIC NATIONAL SECURITY PLANS ● OUR NATION'S SECURITY DEPENDS ON PROTECTING ACCESS TO OUR INFORMATION SYSTEMS, DATA, AND NETWORKS
MULTIFACTOR AUTHENTICATION WHAT IS MULTIFACTOR AUTHENTICATION? WHY WE NEED MULTIFACTOR AUTHENTICATION? HOW TO REGISTER AND CONFIGURE ACCESS? Multifactor Authentication Computer Access Control Granted Access Pieces of Evidence Authentication Mechanism
WHAT IS MULTIFACTOR AUTHENTICATION? MULTI FACTOR AUTHENTICATION: A METHOD THAT CONTROLS COMPUTER ACCESS WHICH CONTAINS A SYSTEM WHERE A USER IS GIVEN ACCESS AFTER PRESENTING NUMEROUS SEPARATE PIECES OF EVIDENCE AUTHENTICATE THEMSELVES TYPICALLY CAN BE EITHER TWO OR THREE TYPES: ● KNOWLEDGE(SOMETHING THAT IS KNOWN) ● POSSESSION(SOMETHING THAT IS PRESENT) ● INHERENCE(SOMETHING THAT THEY ARE)
TWO & THREE-FACTOR AUTHENTICATION TWO-FACTOR AUTHENTICATION: REQUIRE A PASSWORD AND USERNAME IN ADDITION TO SOMETHING THAT IS ONLY KNOWN TO THE USER: EXAMPLE:A PIECE OF INFORMATION ONLY THE USER SHOULD KNOW (PHYSICAL TOKEN) THREE-FACTOR AUTHENTICATION: IS NOTHING BUT SOMETHING A USER IS: EXAMPLE: ALL TYPES OF BIOMETRICS Multifactor Authentication Two-factor Authentication (something which is only known to user) Three-factor Authentication (something a user is)
BIOMETRICS - THE DEFINITION OF ‘BIO’ IS LIFE - THE DEFINITION OF ‘METRICS’ IS MEASURE - IN BIOMETRICS TECHNOLOGY IS USED TO MEASURE SOMETHING THAT IS RELATED TO LIFE EXAMPLE: PHYSICAL TRAITS THAT AN INDIVIDUAL POSSESS MAIN TYPES OF BIOMETRIC IDENTIFIERS: ● PHYSIOLOGICAL CHARACTERISTICS: FINGERPRINTS ,DNA, FACE, HAND, RETINA OR EAR FEATURES; AND ODOR ● BEHAVIORAL CHARACTERISTICS: TYPING RHYTHM, GESTURES, VOICE , MONITORING KEYSTROKES
BIOMETRIC TECHNIQUES FINGERPRINT RECOGNITION VOICE PRINTS SIGNATURE DYNAMICS RETINA SCANNING IRIS SCANNING FACE RECOGNITION
FINGERPRINT ● THERE ARE 3 BASIC PATTERNS OF FINGERPRINTS ● MINUTIAE: THE MATCHING OF TWO HUMAN FINGERPRINTS MINUTIAE REFERS TO SPECIFIC POINTS IN A FINGERPRINT, THAT CONTAIN SMALL DETAILS IN A FINGERPRINT THAT IS MOST IMPORTANT FOR FINGERPRINT RECOGNITION
THREE BASIC PATTERNS OF FINGERPRINT RIDGES ARCH LOOP WHORL ARCH: RIDGES ENTER FROM ONE SIDE OF THE FINGER, AND RISE IN THE CENTER FORMING AN ARC, AND THEN EXIT THE OTHER SIDE OF THE FINGER LOOP: RIDGES ENTER FROM ONE SIDE OF A FINGER, FORM A CURVE, AND THEN EXIT ON THAT SAME SIDE WHORL: RIDGES FORM CIRCULARLY AROUND A CENTRAL POINT ON THE FINGER
MINUTIAE RIDGE ENDING: SPOT WHERE RIDGE ENDS BIFURCATION: SPOT WHERE RIDGE SPLITS INTO TWO RIDGES SHORT RIDGE(DOT): THOSE RIDGES WHICH ARE SIGNIFICANTLY SHORTER THAN OTHER RIDGES FINGERPRINTS RECOGNITION VIDEO
Shape of Vocal Cavities Mouth Movements While Speaking Unique Voice VOICE PRINTS VOICEPRINT SYSTEM: EXACT WORDS ARE NEEDED FOR ACCESS OR A SPECIFIC EXTENDED SAMPLE IS LOGGED IN THE SYSTEM SO ONLY YOUR VOICE CAN BE PICKED UP WHEN YOU SAY THE WORDS VOICEPRINTS ARE STORED IN A SPECTROGRAM(GRAPH THAT SHOWS SOUND'S FREQUENCY ON VERTICAL AXIS AND TIME ON HORIZONTAL AXIS.
SIGNATURE DYNAMICS DONE BY ANALYZING THE SHAPE, SPEED, STROKE, PEN PRESSURE AND TIMING INFORMATION DURING SIGNING PROCESS SIGNATURE DYNAMICS VIDEO
RETINA SCANNING ● RETINA: LAYER AT THE BACK OF THE EYEBALL THAT CONTAINS CELLS THAT ARE SENSITIVE TO LIGHT AND TRIGGER NERVE IMPULSES THAT PASS THROUGH THE OPTIC NERVE TO THE BRAIN AT WHICH POINT A VISUAL IMAGE IS CREATED ● THERE ARE UNIQUE PATTERNS ON A PERSON'S RETINA BLOOD VESSELS PROCESS: 1. RETINA SCAN 2. CAST A BEAM OF INFRARED LIGHT 3. TRACE THE RETINA 4. BLOOD VESSEL ABSORB LIGHT 5. IMAGE STORED TO DATABASE
IRIS SCANNING IRIS: FLAT, COLORED, RING-SHAPED MEMBRANE BEHIND THE CORNEA OF THE EYE, WITH AN ADJUSTABLE CIRCULAR OPENING (PUPIL) IN THE CENTER. THE COLORED PATTERN OF IRIS IS GENETICAL AND COMES FROM PIGMENT CALLED MELANIN MORE MELANIN: BROWNER LESS MELANIN: BLUER TWO PEOPLE CANNOT HAVE SAME PATTERNS IRIS SCANNING VIDEO
FACE RECOGNITION 1. IDENTIFY OR VERIFY A PERSON 2. DIGITAL IMAGE OR VIDEO FRAME FROM VIDEO SOURCE 3. ALGORITHM IS USED TO MATCH FACE
SINGLE SIGN ON ● MULTIPLE SYSTEMS REQUIRE MULTIPLE SIGN-ON DIALOGUE ● CAN BE HEADACHE TO ADMINISTRATORS AND USERS ● INCREASES SIGN-ON DIALOGUE (USER MUST REPEATEDLY LOGIN TO EVERY SYSTEM)
KERBEROS KERBEROS: A COMPUTER NETWORK COMMUNICATION PROTOCOL THAT USES A ‘TICKET’ TO ALLOW NODES TO COMMUNICATE OVER A NETWORK THAT IS NOT SECURE IN ORDER TO PROVE A USER'S IDENTITY IN A SECURE WAY User logs in to gain access Ticket is generation is passed on to key distribution center Key distribution center sends response to user to decrypt TGT by password hash User response is now send to authentication service in which request for ticket is made Ticket granting service sends the reply by sending ticket
PASSWORDS -WHAT IS A USERNAME AND PASSWORD -PASSWORD STORAGE -PASSWORD CRACKING -METHODS FOR CRACKING PASSWORD -PASSWORD CRACKING APPLICATIONS -PREVENTION
WHAT IS A USERNAME AND PASSWORD? -USERNAMES ARE CREATED TO IDENTIFY YOURSELF AS A USER OF A COMPUTER DOMAIN OR SYSTEM -PASSWORDS ARE SYSTEM DESIGNED AND ARE CREATED TO PROVIDE AUTHENTICATION -PASSWORD ARE INTENDED TO BE COMPLEX AND STRONG (PASSWORDS WHICH THAT ARE ALPHANUMERIC, AND CONTAIN SPECIAL CHARACTERS) -PASSWORDS SHOULD TAKE DAYS AND YEARS TO BRING OUT THE PLAINTEXT FROM HASH
AUTHENTICATION THE 3 DIFFERENT WAYS TO AUTHENTICATE USERS OF A SYSTEM: 1. USERS PRESENT A PHYSICAL OBJECT SUCH AS A KEY CARD 2. USERS PROVE IDENTITY USING A PERSONAL CHARACTERISTIC(BIOMETRICS) 3. USERS ANSWER QUESTION ONLY THEY KNOW THE ANSWER IN THE EVENT OF YOUR PASSWORD BECOMES COMPROMISED IT CAN BE EASILY CHANGED.(I.E. A STRONG BENEFIT OF USING AUTHENTICATION THROUGH A PASSWORD)
PASSWORD STORAGE WINDOWS PASSWORD FILE: WINDOWS SYSTEM FOR STORING PASSWORD FILES, WHICH IS SIMILAR TO THE WAY UNIX DOES ITS STORING. PASSWORD FILE FOR WINDOWS, IS KNOWN AS THE SECURITY ACCOUNT MANAGER(SAM) FILE, IS LOCATED IN: C:WINDOWSSYSTEM32CONFIGSAM. ONLINE PASSWORD STORAGE: MOST WEBSITES AND ONLINE SERVICES REQUIRE USERS TO LOG IN WITH A TYPICAL PASSWORD SCHEME AND PASSWORD IS STORED ON WEBSITE PASSWORD SALT: STORING THE HASHED OR ENCRYPTED VALUES FOR PASSWORDS. METHOD IS MUCH MORE SECURE THAN STORING THE PLAIN TEXT IN A PASSWORD FILE
WHAT IS PASSWORD CRACKING PASSWORD CRACKING: THE PROCESS OF EITHER GUESSING OR RECOVERING A PASSWORD FROM A STORED LOCATIONS OR FROM A DATA TRANSMISSION SYSTEM. PURPOSE: ● TO RECOVER FORGOTTEN PASSWORDS BUT WITH MALICIOUS INTENT ● USED TO GAIN UNAUTHORIZED ACCESS TO A COMPUTER SYSTEM PASSWORD CRACKING INVOLVES TWO DISTINCT PHASES: 1. ATTACKER’S INTENTION IS TO DUMP THE HASHES OF THE PASSWORDS 2. TRIES TO CRACK THOSE ACQUIRED HASHES
PASSWORD CRACKING METHODOLOGIES 1. PHISHING: EASIEST AND MOST POPULAR HACKING METHOD AND IS USED BY HACKERS TO GET SOMEONE’S ACCOUNT DETAILS. EX: DISGUISING EMAIL REQUESTS AS ONE THAT CAME FROM A REAL WEBSITE 2. SOCIAL ENGINEERING: PROCESS OF MANIPULATING SOMEONE TO TRUST YOU AND GET INFORMATION FROM THEM. EX: IF HACKER WAS TRYING TO GET THE COMPUTER PASSWORD OF A CO-WORKER OR FRIEND, HE COULD CALL HIM PRETENDING TO BE FROM THE IT DEPARTMENT AND SIMPLY ASK FOR HIS LOGIN DETAILS 3. MALWARE: KEY LOGGER OR SCREEN SCRAPER IS INSTALLED BY MALWARE. KEYLOGGER RECORDS EVERYTHING YOU TYPE AND SCREEN SCRAPER TAKES SCREEN SHOTS DURING A LOGIN PROCESS, AND THEN FORWARDS A COPY OF FILES TO HACKER 4. OFFLINE CRACKING: GUESSING WITHIN THE RESTRICTION OF THREE OR FOUR WRONG GUESSES AND LOGGING OUT OR WAITING ALLOTTED TIME PERIOD TO AVOID THE BLOCKS IN PLACE BY AN AUTOMATED GUESSING APPLICATION 5. GUESSING: MAKING INFORMED GUESSES BASED ON THE PREDICTABILITY OF THE USER.
PASSWORD CRACKING METHODOLOGIES(CONT) 6. DICTIONARY ATTACK: A BIG WORD DICTIONARY IS LOADED INTO THE CRACKING TOOL TO TEST THESE WORDS AGAINST THE USER ACCOUNT PASSWORD 7. BRUTE FORCE ATTACK: ALL POSSIBLE KEY COMBINATIONS ARE TRIED AGAINST THE PASSWORD DATABASE UNTIL THE CORRECT KEY IS DISCOVERED. USUALLY TAKES A LONG TIME 8. RAINBOW TABLE ATTACK: A VERY LARGE LIST OF PRE-COMPUTED HASHES ARE COMPARED WITH THE PASSWORD FILE TO DISCOVER ALL PASSWORDS 9. SHOULDER SURFING: HACKERS TAKE DISGUISE POSING AS A PARCEL COURIER ,MAINTENANCE SERVICE TECHNICIAN OR ANYONE ELSE THAT CAN GAIN ACCESS TO AN OFFICE SPACE OR BUILDING 10. SPIDERING : SAVVY HACKERS HAVE REALIZED THAT MANY CORPORATE PASSWORD ARE MADE OF WORDS THAT ARE CONNECTED TO THE BUSINESS ITSELF
PASSWORD CRACKING APPLICATIONS ● JOHN THE RIPPER: OPEN SOURCE PASSWORD CRACKING TOOL FOR LINUX, UNIX AND MAC OS X. A WINDOWS VERSION IS ALSO AVAILABLE. USED TO DETECT WEAK PASSWORDS(FREE) ● RAINBOW CRACK: HASH CRACKER TOOL THAT USES A LARGE SCALE TIME MEMORY TRADE OFF PROCESS FOR FASTER PASSWORD CRACKING THAN TRADITIONAL BRUTE FORCE TOOLS. TIME MEMORY TRADE OFF IS A COMPUTATIONAL PROCESS IN WHICH ALL PLAIN TEXT AND HASH PAIRS ARE CALCULATED BY USING A SELECTED HASH ALGORITHM. AFTER COMPUTATION, RESULTS ARE STORED IN THE RAINBOW TABLE (VERY TIME CONSUMING) ● CAIN & ABEL: PASSWORD CRACKING TOOL THAT IS CAPABLE OF HANDLING A VARIETY OF TASKS. WORKS AS A SNIFFER IN THE NETWORK, CRACKING ENCRYPTED PASSWORDS USING THE DICTIONARY ATTACK, RECORDING VOIP CONVERSATIONS, BRUTE FORCE ATTACKS, CRYPTANALYSIS ATTACKS, REVEALING PASSWORD BOXES, UNCOVERING CACHED PASSWORDS, DECODING SCRAMBLED PASSWORDS, AND ANALYZING ROUTING PROTOCOLS (ONLY FOR WINDOWS) ● BRUTUS: REMOTE ONLINE PASSWORD CRACKING TOOL THAT CLAIMS TO BE THE FASTEST AND MOST FLEXIBLE PASSWORD CRACKING TOOL. TOOL IS FREE, ONLY FOR WINDOWS SYSTEMS, AND WAS RELEASED OCTOBER 2000 (VERY POPULAR)
WEBSITES THAT CRACK THERE ARE MANY WEBSITES THAT HACKERS USE TO DO QUICK HACKING WHERE SIMPLE INFORMATION LIKE A URL IS SUPPOSED TO LEAD TO PASSWORDS BEING CRACKED. THESE SITES HAVE VARYING DEGREES OF SUCCESS: FACEBOOK CRACKED VIDEO
4 WAYS OF PREVENTION(s) 1. USE A PASSPHRASE 2. CHANGE PASSWORDS REGULARLY(ABOUT EVERY 3 MONTHS) 3. DO NOT USE THE SAME PASSWORD ON DIFFERENT MULTIPLE SITES 4. AVOID DICTIONARY WORDS AND NAMES
CONCLUSION ACCESS CONTROL IS VITAL TO THE PROTECTION OF ASSETS, DATA, AND INFORMATION TECHNOLOGY SECURITY CLEARANCES, PASSWORDS, MULTIFACTOR AUTHENTICATION, AND BIOMETRICS ARE ALL METHODOLOGIES THAT ARE USED TO CONTROL ACCESS IT’S IMPORTANT TO REMEMBER HACKERS ARE ALWAYS TRYING TO GET IN REGULATING ACCESS DOES NOT ALWAYS ELIMINATE THE PROBLEM BUT IT HELPS
QUESTIONS ?

More Related Content

PPTX
Access Controls
byprimeteacher32
 
PPTX
Domain 5 - Identity and Access Management
byMaganathin Veeraragaloo
 
PDF
Access Control Presentation
byWajahat Rajab
 
PPSX
8 Access Control
byAlfred Ouyang
 
PPT
Ch07 Access Control Fundamentals
byInformation Technology
 
PPT
Information Security Principles - Access Control
byidingolay
 
PPTX
Information security
byAlaaMahmoud108
 
PDF
Incident response methodology
byPiyush Jain
 
Access Controls
byprimeteacher32
 
Domain 5 - Identity and Access Management
byMaganathin Veeraragaloo
 
Access Control Presentation
byWajahat Rajab
 
8 Access Control
byAlfred Ouyang
 
Ch07 Access Control Fundamentals
byInformation Technology
 
Information Security Principles - Access Control
byidingolay
 
Information security
byAlaaMahmoud108
 
Incident response methodology
byPiyush Jain
 

What's hot

PPTX
Digital Forensic ppt
bySuchita Rawat
 
PDF
CS6004 Cyber Forensics
byKathirvel Ayyaswamy
 
PPT
Physical Security
byKriscila Yumul
 
PDF
CISSP Prep: Ch 3. Asset Security
bySam Bowne
 
PPTX
Digital forensics
byyash sawarkar
 
PPTX
Mobile security in Cyber Security
byGeo Marian
 
PDF
Insider threat
byARCON TECHSOLUTIONS
 
PDF
An overview of access control
byElimity
 
PPTX
Brute force-attack presentation
byMahmoud Ibra
 
PPT
7. physical sec
by7wounders
 
PPTX
Seminar-Two Factor Authentication
byDilip Kr. Jangir
 
PDF
Cyber forensics and auditing
bySweta Kumari Barnwal
 
PPTX
Incident response
byAnshul Gupta
 
PPTX
Piggy Backing & Tailgating (Security)
byGAURAV. H .TANDON
 
PPTX
Domain 1 - Security and Risk Management
byMaganathin Veeraragaloo
 
PPT
2. access control
by7wounders
 
PDF
Security Awareness Training
byDaniel P Wallace
 
PPSX
Security policies
byNishant Pahad
 
PDF
BATbern48_How Zero Trust can help your organisation keep safe.pdf
byBATbern
 
PPTX
Mobile Forensics
byprimeteacher32
 
Digital Forensic ppt
bySuchita Rawat
 
CS6004 Cyber Forensics
byKathirvel Ayyaswamy
 
Physical Security
byKriscila Yumul
 
CISSP Prep: Ch 3. Asset Security
bySam Bowne
 
Digital forensics
byyash sawarkar
 
Mobile security in Cyber Security
byGeo Marian
 
Insider threat
byARCON TECHSOLUTIONS
 
An overview of access control
byElimity
 
Brute force-attack presentation
byMahmoud Ibra
 
7. physical sec
by7wounders
 
Seminar-Two Factor Authentication
byDilip Kr. Jangir
 
Cyber forensics and auditing
bySweta Kumari Barnwal
 
Incident response
byAnshul Gupta
 
Piggy Backing & Tailgating (Security)
byGAURAV. H .TANDON
 
Domain 1 - Security and Risk Management
byMaganathin Veeraragaloo
 
2. access control
by7wounders
 
Security Awareness Training
byDaniel P Wallace
 
Security policies
byNishant Pahad
 
BATbern48_How Zero Trust can help your organisation keep safe.pdf
byBATbern
 
Mobile Forensics
byprimeteacher32
 

Similar to Access_Control_Systems_and_methodology

PDF
CISSP Prep: Ch 6. Identity and Access Management
bySam Bowne
 
PDF
5. Identity and Access Management
bySam Bowne
 
PDF
CNIT 125 6. Identity and Access Management
bySam Bowne
 
PPTX
Chapter 5 Identity Access Management.pptx
byharshadrai2
 
PPTX
Authentication Methods authauthauthauthauthautha
byOlajide Kuku
 
PPT
SecurityBasics.ppt
byssuser7ec6af
 
PPTX
Survey of file protection techniques
byPrachi Gulihar
 
PPT
Authentication Authorization-Lesson-2-Slides.ppt
byMuhammadAbdullah311866
 
PPTX
Methods
by10-30-06
 
PDF
Access Control System, BMS
byMohammad Azam Khan
 
PDF
Access Controls, Firewalls, and VPNs.pdf
byanjelic
 
PPTX
Basic of Biometrics Technology
byNEHA SINGH
 
PPTX
Access Control authentication and authorization .pptx
bybirhanugirmay559
 
PDF
Security Basics
byArchitecTerra Ltd.
 
PPT
ch_01 Introduction.ppt ( information cyber security)
bykhatuajitendra2003
 
DOCX
Biometric Authentication Technology - Report
byNavin Kumar
 
PDF
IS - User Authentication
byFumikageTokoyami4
 
PPT
Information Security
byDhilsath Fathima
 
PPTX
Protection in general purpose operating system
byPrachi Gulihar
 
PPTX
P3 m2
byMatthew Horrigan
 
CISSP Prep: Ch 6. Identity and Access Management
bySam Bowne
 
5. Identity and Access Management
bySam Bowne
 
CNIT 125 6. Identity and Access Management
bySam Bowne
 
Chapter 5 Identity Access Management.pptx
byharshadrai2
 
Authentication Methods authauthauthauthauthautha
byOlajide Kuku
 
SecurityBasics.ppt
byssuser7ec6af
 
Survey of file protection techniques
byPrachi Gulihar
 
Authentication Authorization-Lesson-2-Slides.ppt
byMuhammadAbdullah311866
 
Methods
by10-30-06
 
Access Control System, BMS
byMohammad Azam Khan
 
Access Controls, Firewalls, and VPNs.pdf
byanjelic
 
Basic of Biometrics Technology
byNEHA SINGH
 
Access Control authentication and authorization .pptx
bybirhanugirmay559
 
Security Basics
byArchitecTerra Ltd.
 
ch_01 Introduction.ppt ( information cyber security)
bykhatuajitendra2003
 
Biometric Authentication Technology - Report
byNavin Kumar
 
IS - User Authentication
byFumikageTokoyami4
 
Information Security
byDhilsath Fathima
 
Protection in general purpose operating system
byPrachi Gulihar
 
P3 m2
byMatthew Horrigan
 

Access_Control_Systems_and_methodology

  • 1.
  • 2.
    INTRODUCTION ● JERMAINE ROBINSON M.S.Information Systems ● CHIBUZO OBIOHA M.S. Telecommunications Systems and Networks ● ARTI AMBOKAR M.S. Information Systems
  • 3.
    OVERVIEW • ACCESS CONTROLSARE USED IN ORDER TO PROTECT INFORMATION SYSTEMS AND DATA • 3 TYPES OF ACCESS CONTROL METHODOLOGIES ARE: • SECURITY CLEARANCES (FEDERAL GOVERNMENT) • MULTIFACTOR AUTHENTICATION/BIOMETRICS • PASSWORDS • PASSWORD CRACKING IS A METHOD OF GETTING PAST ACCESS CONTROLS • DEMONSTRATION OF JAVA PROGRAM TO CREATE PASSWORD REQUIREMENTS
  • 4.
    WHAT IS ASECURITY CLEARANCE? SPECIAL PERMISSION THAT IS GRANTED BY FEDERAL GOVERNMENT TO PERSONNEL THAT HAVE APPROVAL TO ACCESS NETWORKS, DATA, AND INFORMATION SYSTEMS CLEARANCE LEVELS ARE CONFIDENTIAL, SECRET, AND TOP SECRET NETWORKS, DATA, AND INFORMATION SYSTEMS ALSO RECEIVE CORRESPONDING DESIGNATIONS APPLIES TO MILITARY, FEDERAL EMPLOYEES, AND FEDERAL CONTRACTORS
  • 5.
    GETTING A CLEARANCE CLEARANCESARE GIVEN TO PERSONNEL ON A NEED TO HAVE BASIS BIOMETRICS ARE USED AS A MEANS OF GAINING SPECIFIC INFORMATION ABOUT APPLICANTS AND ALL DATA IS STORED FOR THE DURATION OF MILITARY CAREER THE INVESTIGATION PROCESS MUST BE COMPLETED BEFORE A PERMANENT CLEARANCE IS GAINED HOWEVER TEMPORARY CLEARANCES CAN BE ISSUED INVESTIGATIONS COST FROM $200 - $15,000 REINVESTIGATIONS ARE DONE PERIODICALLY AND CLEARANCES HAVE AN EXPIRATION DATE OF 5-15 YEARS REVOCATION CAN OCCUR AT ANY TIME
  • 6.
    SCREENING PROCESS SECURITY CLEARANCESCREENING VIDEO ● SECURITY CLEARANCE SCREENINGS ARE USUALLY CONDUCTED UPON ENTRANCE INTO THE MILITARY ● THE MOS/AFSC/RATING (JOB) THAT ONE IS ENTERING THE MILITARY TO DO OR THE LOCATION OF THEIR PERMANENT DUTY STATION DETERMINES THE CLEARANCE LEVEL THEY WILL BE CONSIDERED FOR EXAMPLE: IF YOU ARE ENTERING THE MILITARY TO DO A NON CLEARANCE JOB BUT ARE ASSIGNED TO A LOCATION WHERE A CERTAIN CLEARANCE LEVEL IS REQUIRED YOU WILL HAVE TO RECEIVE THAT CLEARANCE BEFORE BEING SENT TO THAT DUTY STATION ● A FAIR CHANCE IS GIVEN TO DISCLOSE ALL BACKGROUND INFORMATION BEFORE IT IS DISCOVERED ● CRIMINAL,FINANCIAL, AND MENTAL HEALTH ARE EXAMPLES OF INFORMATION THAT IS LOOKED INTO
  • 7.
    DESIGNATIONS GIVEN SECURITY DESIGNATIONSTHAT ARE GIVEN TO NETWORKS, DATA, AND INFORMATION SYSTEMS ARE DONE SO WITH THE FOLLOWING GUIDELINES: -CONFIDENTIAL: REASONABLY COULD BE EXPECTED TO CAUSE DAMAGE TO THE NATIONAL SECURITY IF DISCLOSED -SECRET: REASONABLY COULD BE EXPECTED TO CAUSE SERIOUS DAMAGE TO THE NATIONAL SECURITY IF DISCLOSED -TOP SECRET: REASONABLY COULD BE EXPECTED TO CAUSE EXCEPTIONALLY GRAVE DAMAGE TO THE NATIONAL SECURITY IF DISCLOSED
  • 8.
    PROTECTING THE ASSETS -EXAMPLE:IF AN OFFICE IS DEEMED AS “SECRET” THE OFFICE CAN CONTAIN A VAULT OR SPECIAL OFFICE WITHIN IT WHERE “TOP SECRET” ASSETS ARE STORE INCLUDING COMPUTERS -ANYTHING FROM AN ENTIRE MILITARY BASE, TO A BUILDING, TO AN OFFICE,TO A COMPUTER, TO A FILE CAN BE GRANTED A SECURITY DESIGNATION -ACCESS TO SECURE ASSETS CAN BE GRANTED ON A NEED TO ACCESS BASIS NOT JUST ON THE BASIS OF HAVING A CLEARANCE LEVEL
  • 9.
    WAR ZONES -ANYTIME MILITARY OPERATIONS AREBASED IN “ENEMY TERRITORY” THERE IS A LARGER RISK INVOLVED -EASIER FOR TERRORISTS TO INFILTRATE NETWORKS BASED IN THEIR HOMELAND VERSUS DOING IT HERE IN AMERICA -ACCESS TO AMERICAN INFORMATION SYSTEMS, DATA, AND NETWORKS IS AT AN EVEN HIGHER PROTECTION LEVEL
  • 10.
    ALL ABOUT CLEARANCES ●SECURITY CLEARANCES ARE THE FEDERAL GOVERNMENT’S WAY OF CONTROLLING ACCESS TO INFORMATION SYSTEMS, NETWORKS, AND DATA ● THE PROGRAM PROVIDES A STANDARD THAT CAN BE USED ACROSS THE BOARD SO NATIONAL SECURITY CAN BE AT ITS HIGHEST ● BILLIONS OF DOLLARS ARE SPENT EVERY YEAR ON COMING UP WITH STRATEGIC NATIONAL SECURITY PLANS ● OUR NATION'S SECURITY DEPENDS ON PROTECTING ACCESS TO OUR INFORMATION SYSTEMS, DATA, AND NETWORKS
  • 11.
    MULTIFACTOR AUTHENTICATION WHAT IS MULTIFACTOR AUTHENTICATION? WHYWE NEED MULTIFACTOR AUTHENTICATION? HOW TO REGISTER AND CONFIGURE ACCESS? Multifactor Authentication Computer Access Control Granted Access Pieces of Evidence Authentication Mechanism
  • 12.
    WHAT IS MULTIFACTOR AUTHENTICATION? MULTIFACTOR AUTHENTICATION: A METHOD THAT CONTROLS COMPUTER ACCESS WHICH CONTAINS A SYSTEM WHERE A USER IS GIVEN ACCESS AFTER PRESENTING NUMEROUS SEPARATE PIECES OF EVIDENCE AUTHENTICATE THEMSELVES TYPICALLY CAN BE EITHER TWO OR THREE TYPES: ● KNOWLEDGE(SOMETHING THAT IS KNOWN) ● POSSESSION(SOMETHING THAT IS PRESENT) ● INHERENCE(SOMETHING THAT THEY ARE)
  • 13.
    TWO & THREE-FACTOR AUTHENTICATION TWO-FACTORAUTHENTICATION: REQUIRE A PASSWORD AND USERNAME IN ADDITION TO SOMETHING THAT IS ONLY KNOWN TO THE USER: EXAMPLE:A PIECE OF INFORMATION ONLY THE USER SHOULD KNOW (PHYSICAL TOKEN) THREE-FACTOR AUTHENTICATION: IS NOTHING BUT SOMETHING A USER IS: EXAMPLE: ALL TYPES OF BIOMETRICS Multifactor Authentication Two-factor Authentication (something which is only known to user) Three-factor Authentication (something a user is)
  • 14.
    BIOMETRICS - THE DEFINITIONOF ‘BIO’ IS LIFE - THE DEFINITION OF ‘METRICS’ IS MEASURE - IN BIOMETRICS TECHNOLOGY IS USED TO MEASURE SOMETHING THAT IS RELATED TO LIFE EXAMPLE: PHYSICAL TRAITS THAT AN INDIVIDUAL POSSESS MAIN TYPES OF BIOMETRIC IDENTIFIERS: ● PHYSIOLOGICAL CHARACTERISTICS: FINGERPRINTS ,DNA, FACE, HAND, RETINA OR EAR FEATURES; AND ODOR ● BEHAVIORAL CHARACTERISTICS: TYPING RHYTHM, GESTURES, VOICE , MONITORING KEYSTROKES
  • 15.
    BIOMETRIC TECHNIQUES FINGERPRINT RECOGNITION VOICEPRINTS SIGNATURE DYNAMICS RETINA SCANNING IRIS SCANNING FACE RECOGNITION
  • 16.
    FINGERPRINT ● THERE ARE3 BASIC PATTERNS OF FINGERPRINTS ● MINUTIAE: THE MATCHING OF TWO HUMAN FINGERPRINTS MINUTIAE REFERS TO SPECIFIC POINTS IN A FINGERPRINT, THAT CONTAIN SMALL DETAILS IN A FINGERPRINT THAT IS MOST IMPORTANT FOR FINGERPRINT RECOGNITION
  • 17.
    THREE BASIC PATTERNSOF FINGERPRINT RIDGES ARCH LOOP WHORL ARCH: RIDGES ENTER FROM ONE SIDE OF THE FINGER, AND RISE IN THE CENTER FORMING AN ARC, AND THEN EXIT THE OTHER SIDE OF THE FINGER LOOP: RIDGES ENTER FROM ONE SIDE OF A FINGER, FORM A CURVE, AND THEN EXIT ON THAT SAME SIDE WHORL: RIDGES FORM CIRCULARLY AROUND A CENTRAL POINT ON THE FINGER
  • 18.
    MINUTIAE RIDGE ENDING: SPOTWHERE RIDGE ENDS BIFURCATION: SPOT WHERE RIDGE SPLITS INTO TWO RIDGES SHORT RIDGE(DOT): THOSE RIDGES WHICH ARE SIGNIFICANTLY SHORTER THAN OTHER RIDGES FINGERPRINTS RECOGNITION VIDEO
  • 19.
    Shape of Vocal Cavities Mouth Movements While Speaking Unique Voice VOICE PRINTS VOICEPRINTSYSTEM: EXACT WORDS ARE NEEDED FOR ACCESS OR A SPECIFIC EXTENDED SAMPLE IS LOGGED IN THE SYSTEM SO ONLY YOUR VOICE CAN BE PICKED UP WHEN YOU SAY THE WORDS VOICEPRINTS ARE STORED IN A SPECTROGRAM(GRAPH THAT SHOWS SOUND'S FREQUENCY ON VERTICAL AXIS AND TIME ON HORIZONTAL AXIS.
  • 20.
    SIGNATURE DYNAMICS DONE BYANALYZING THE SHAPE, SPEED, STROKE, PEN PRESSURE AND TIMING INFORMATION DURING SIGNING PROCESS SIGNATURE DYNAMICS VIDEO
  • 21.
    RETINA SCANNING ● RETINA:LAYER AT THE BACK OF THE EYEBALL THAT CONTAINS CELLS THAT ARE SENSITIVE TO LIGHT AND TRIGGER NERVE IMPULSES THAT PASS THROUGH THE OPTIC NERVE TO THE BRAIN AT WHICH POINT A VISUAL IMAGE IS CREATED ● THERE ARE UNIQUE PATTERNS ON A PERSON'S RETINA BLOOD VESSELS PROCESS: 1. RETINA SCAN 2. CAST A BEAM OF INFRARED LIGHT 3. TRACE THE RETINA 4. BLOOD VESSEL ABSORB LIGHT 5. IMAGE STORED TO DATABASE
  • 22.
    IRIS SCANNING IRIS: FLAT,COLORED, RING-SHAPED MEMBRANE BEHIND THE CORNEA OF THE EYE, WITH AN ADJUSTABLE CIRCULAR OPENING (PUPIL) IN THE CENTER. THE COLORED PATTERN OF IRIS IS GENETICAL AND COMES FROM PIGMENT CALLED MELANIN MORE MELANIN: BROWNER LESS MELANIN: BLUER TWO PEOPLE CANNOT HAVE SAME PATTERNS IRIS SCANNING VIDEO
  • 23.
    FACE RECOGNITION 1. IDENTIFY ORVERIFY A PERSON 2. DIGITAL IMAGE OR VIDEO FRAME FROM VIDEO SOURCE 3. ALGORITHM IS USED TO MATCH FACE
  • 24.
    SINGLE SIGN ON ●MULTIPLE SYSTEMS REQUIRE MULTIPLE SIGN-ON DIALOGUE ● CAN BE HEADACHE TO ADMINISTRATORS AND USERS ● INCREASES SIGN-ON DIALOGUE (USER MUST REPEATEDLY LOGIN TO EVERY SYSTEM)
  • 25.
    KERBEROS KERBEROS: A COMPUTER NETWORKCOMMUNICATION PROTOCOL THAT USES A ‘TICKET’ TO ALLOW NODES TO COMMUNICATE OVER A NETWORK THAT IS NOT SECURE IN ORDER TO PROVE A USER'S IDENTITY IN A SECURE WAY User logs in to gain access Ticket is generation is passed on to key distribution center Key distribution center sends response to user to decrypt TGT by password hash User response is now send to authentication service in which request for ticket is made Ticket granting service sends the reply by sending ticket
  • 26.
    PASSWORDS -WHAT IS AUSERNAME AND PASSWORD -PASSWORD STORAGE -PASSWORD CRACKING -METHODS FOR CRACKING PASSWORD -PASSWORD CRACKING APPLICATIONS -PREVENTION
  • 27.
    WHAT IS AUSERNAME AND PASSWORD? -USERNAMES ARE CREATED TO IDENTIFY YOURSELF AS A USER OF A COMPUTER DOMAIN OR SYSTEM -PASSWORDS ARE SYSTEM DESIGNED AND ARE CREATED TO PROVIDE AUTHENTICATION -PASSWORD ARE INTENDED TO BE COMPLEX AND STRONG (PASSWORDS WHICH THAT ARE ALPHANUMERIC, AND CONTAIN SPECIAL CHARACTERS) -PASSWORDS SHOULD TAKE DAYS AND YEARS TO BRING OUT THE PLAINTEXT FROM HASH
  • 28.
    AUTHENTICATION THE 3 DIFFERENTWAYS TO AUTHENTICATE USERS OF A SYSTEM: 1. USERS PRESENT A PHYSICAL OBJECT SUCH AS A KEY CARD 2. USERS PROVE IDENTITY USING A PERSONAL CHARACTERISTIC(BIOMETRICS) 3. USERS ANSWER QUESTION ONLY THEY KNOW THE ANSWER IN THE EVENT OF YOUR PASSWORD BECOMES COMPROMISED IT CAN BE EASILY CHANGED.(I.E. A STRONG BENEFIT OF USING AUTHENTICATION THROUGH A PASSWORD)
  • 29.
    PASSWORD STORAGE WINDOWS PASSWORDFILE: WINDOWS SYSTEM FOR STORING PASSWORD FILES, WHICH IS SIMILAR TO THE WAY UNIX DOES ITS STORING. PASSWORD FILE FOR WINDOWS, IS KNOWN AS THE SECURITY ACCOUNT MANAGER(SAM) FILE, IS LOCATED IN: C:WINDOWSSYSTEM32CONFIGSAM. ONLINE PASSWORD STORAGE: MOST WEBSITES AND ONLINE SERVICES REQUIRE USERS TO LOG IN WITH A TYPICAL PASSWORD SCHEME AND PASSWORD IS STORED ON WEBSITE PASSWORD SALT: STORING THE HASHED OR ENCRYPTED VALUES FOR PASSWORDS. METHOD IS MUCH MORE SECURE THAN STORING THE PLAIN TEXT IN A PASSWORD FILE
  • 30.
    WHAT IS PASSWORDCRACKING PASSWORD CRACKING: THE PROCESS OF EITHER GUESSING OR RECOVERING A PASSWORD FROM A STORED LOCATIONS OR FROM A DATA TRANSMISSION SYSTEM. PURPOSE: ● TO RECOVER FORGOTTEN PASSWORDS BUT WITH MALICIOUS INTENT ● USED TO GAIN UNAUTHORIZED ACCESS TO A COMPUTER SYSTEM PASSWORD CRACKING INVOLVES TWO DISTINCT PHASES: 1. ATTACKER’S INTENTION IS TO DUMP THE HASHES OF THE PASSWORDS 2. TRIES TO CRACK THOSE ACQUIRED HASHES
  • 31.
    PASSWORD CRACKING METHODOLOGIES 1. PHISHING:EASIEST AND MOST POPULAR HACKING METHOD AND IS USED BY HACKERS TO GET SOMEONE’S ACCOUNT DETAILS. EX: DISGUISING EMAIL REQUESTS AS ONE THAT CAME FROM A REAL WEBSITE 2. SOCIAL ENGINEERING: PROCESS OF MANIPULATING SOMEONE TO TRUST YOU AND GET INFORMATION FROM THEM. EX: IF HACKER WAS TRYING TO GET THE COMPUTER PASSWORD OF A CO-WORKER OR FRIEND, HE COULD CALL HIM PRETENDING TO BE FROM THE IT DEPARTMENT AND SIMPLY ASK FOR HIS LOGIN DETAILS 3. MALWARE: KEY LOGGER OR SCREEN SCRAPER IS INSTALLED BY MALWARE. KEYLOGGER RECORDS EVERYTHING YOU TYPE AND SCREEN SCRAPER TAKES SCREEN SHOTS DURING A LOGIN PROCESS, AND THEN FORWARDS A COPY OF FILES TO HACKER 4. OFFLINE CRACKING: GUESSING WITHIN THE RESTRICTION OF THREE OR FOUR WRONG GUESSES AND LOGGING OUT OR WAITING ALLOTTED TIME PERIOD TO AVOID THE BLOCKS IN PLACE BY AN AUTOMATED GUESSING APPLICATION 5. GUESSING: MAKING INFORMED GUESSES BASED ON THE PREDICTABILITY OF THE USER.
  • 32.
    PASSWORD CRACKING METHODOLOGIES(CONT) 6. DICTIONARYATTACK: A BIG WORD DICTIONARY IS LOADED INTO THE CRACKING TOOL TO TEST THESE WORDS AGAINST THE USER ACCOUNT PASSWORD 7. BRUTE FORCE ATTACK: ALL POSSIBLE KEY COMBINATIONS ARE TRIED AGAINST THE PASSWORD DATABASE UNTIL THE CORRECT KEY IS DISCOVERED. USUALLY TAKES A LONG TIME 8. RAINBOW TABLE ATTACK: A VERY LARGE LIST OF PRE-COMPUTED HASHES ARE COMPARED WITH THE PASSWORD FILE TO DISCOVER ALL PASSWORDS 9. SHOULDER SURFING: HACKERS TAKE DISGUISE POSING AS A PARCEL COURIER ,MAINTENANCE SERVICE TECHNICIAN OR ANYONE ELSE THAT CAN GAIN ACCESS TO AN OFFICE SPACE OR BUILDING 10. SPIDERING : SAVVY HACKERS HAVE REALIZED THAT MANY CORPORATE PASSWORD ARE MADE OF WORDS THAT ARE CONNECTED TO THE BUSINESS ITSELF
  • 33.
    PASSWORD CRACKING APPLICATIONS ● JOHNTHE RIPPER: OPEN SOURCE PASSWORD CRACKING TOOL FOR LINUX, UNIX AND MAC OS X. A WINDOWS VERSION IS ALSO AVAILABLE. USED TO DETECT WEAK PASSWORDS(FREE) ● RAINBOW CRACK: HASH CRACKER TOOL THAT USES A LARGE SCALE TIME MEMORY TRADE OFF PROCESS FOR FASTER PASSWORD CRACKING THAN TRADITIONAL BRUTE FORCE TOOLS. TIME MEMORY TRADE OFF IS A COMPUTATIONAL PROCESS IN WHICH ALL PLAIN TEXT AND HASH PAIRS ARE CALCULATED BY USING A SELECTED HASH ALGORITHM. AFTER COMPUTATION, RESULTS ARE STORED IN THE RAINBOW TABLE (VERY TIME CONSUMING) ● CAIN & ABEL: PASSWORD CRACKING TOOL THAT IS CAPABLE OF HANDLING A VARIETY OF TASKS. WORKS AS A SNIFFER IN THE NETWORK, CRACKING ENCRYPTED PASSWORDS USING THE DICTIONARY ATTACK, RECORDING VOIP CONVERSATIONS, BRUTE FORCE ATTACKS, CRYPTANALYSIS ATTACKS, REVEALING PASSWORD BOXES, UNCOVERING CACHED PASSWORDS, DECODING SCRAMBLED PASSWORDS, AND ANALYZING ROUTING PROTOCOLS (ONLY FOR WINDOWS) ● BRUTUS: REMOTE ONLINE PASSWORD CRACKING TOOL THAT CLAIMS TO BE THE FASTEST AND MOST FLEXIBLE PASSWORD CRACKING TOOL. TOOL IS FREE, ONLY FOR WINDOWS SYSTEMS, AND WAS RELEASED OCTOBER 2000 (VERY POPULAR)
  • 34.
    WEBSITES THAT CRACK THEREARE MANY WEBSITES THAT HACKERS USE TO DO QUICK HACKING WHERE SIMPLE INFORMATION LIKE A URL IS SUPPOSED TO LEAD TO PASSWORDS BEING CRACKED. THESE SITES HAVE VARYING DEGREES OF SUCCESS: FACEBOOK CRACKED VIDEO
  • 35.
    4 WAYS OF PREVENTION(s) 1.USE A PASSPHRASE 2. CHANGE PASSWORDS REGULARLY(ABOUT EVERY 3 MONTHS) 3. DO NOT USE THE SAME PASSWORD ON DIFFERENT MULTIPLE SITES 4. AVOID DICTIONARY WORDS AND NAMES
  • 36.
    CONCLUSION ACCESS CONTROL ISVITAL TO THE PROTECTION OF ASSETS, DATA, AND INFORMATION TECHNOLOGY SECURITY CLEARANCES, PASSWORDS, MULTIFACTOR AUTHENTICATION, AND BIOMETRICS ARE ALL METHODOLOGIES THAT ARE USED TO CONTROL ACCESS IT’S IMPORTANT TO REMEMBER HACKERS ARE ALWAYS TRYING TO GET IN REGULATING ACCESS DOES NOT ALWAYS ELIMINATE THE PROBLEM BUT IT HELPS
  • 37.