2. Topics
User name and password, Managing
passwords, choosing password
Role of people in Security
Access controls
Biometrics
3. User name and password, Managing
passwords, choosing password
Username : Identification (who u are ? )
Password : Authentication (proof for identification )
Managing Password :
1) Never reveal your passwords to others
2) Use different passwords for different accounts
3) Use long password
4) Make passwords that are hard to guess
Choosing Password :
Digits should be there. Eg. “john2212”.
Use special symbols Eg. “john#2212”.
Use lower and upper case letters Eg. “”JohN#2212”.
4. Role of people in Security
◦ Password Selection
◦ Piggybacking
◦ Shoulder Surfing
◦ Dumpster Diving
◦ Installing Unauthorized S/W and H/W.
◦ Access by Non employees
◦ Security Awareness
◦ Individual user responsibilities
5. Password selection:-
1. Use mix of upper and lower case letters, numbers, punctuation
and special symbols
2. Don't use your login name
3. Don't use your first or last name
4. Don't use a password of all digits, or the entire same letter
Piggybacking:-To establish a wireless Internet connection by using
another subscriber's wireless Internet access service without the
subscriber's explicit permission or knowledge.
• Shoulder Surfing:-It is a procedure where an attacker position
themselves in such a way that he is able to observe the authorized
user entering the correct access code.
• Dumpster Diving:-Dumpster diving is looking for information in
someone else's trash.
Installing Unauthorized S/W and H/W:-when users download
various software's from Internet they are unaware about origin of
software and who upload it. Problem with such downloaded
software's is that they come with harmful codes.
6. • Access by Non employees :- Attacker may get physical
access to data and obtain enough information about how
to enter into computer system.
• Security Awareness :-
1. Avoid access of online banking while using unsecured
or public wifi.
2. Avoid opening email links or attachments from
strangers.
3. Use complex password that cannot be hacked easily.
• Individual user responsibilities :-
◦ Lock the door of the workspace.
◦ Do not leave sensitive information unprotected.
7. Access controls
Access control:- Prevent the unauthorized use of
resources.
Access Control Principles
Authentication
Authorization
Audit
Authentication:- Authentication determines whether the
user is permitted to access the system or not.
Authorization:- A security administrator maintains an
authorization database that specifies which resources is
allowed for this user.
Audit:- Auditing function monitors and keeps a record of
user accesses to system resources.
9. BIOMETRIC
Biometric is nothing but a authentication technology in
which human physical characteristics are used to
uniquely identify a person.
10. The major biometric form factors today used are
Hand-print
Fingerprint
Eye retina
Hand-print:- Hand-print verification examine the
measurement of hand, Length of fingers, thickness of
hand, shape of curve, depth of skin and use that as a
information to allow the access.