The Practicality of Changing Default Authentication Mechanisms: Applied in a Workstation Environment

connectionviewΤεχνίτη Νοημοσύνη και Ρομποτική

17 Νοε 2013 (πριν από 3 χρόνια και 9 μήνες)

89 εμφανίσεις





The Practicality of
Changing Default
Authentication
Mechanisms: Applied
in a Workstation
Environment

Evaluation of the feasibility in having cheap and secure authentication

systems to replace passwords as the new de facto standard.


2011

Shawn Williams

REA 820

April 5, 2011

2

|
P a g e


Table of Contents

Introduction

................................
................................
................................
................................
....

5

Purpose

................................
................................
................................
................................
...........

6

Systems covered

................................
................................
................................
.............................

6

Personal Motivation

................................
................................
................................
........................

6

Where Did the Data Come From?

................................
................................
................................
...

8

What Kind of Information would be used for this Study?

................................
..............................

8

Why do security systems in general, fail?
................................
................................
.......................

8

Why should we stop using password based authentications for

................................
...................

9

productivity environments?
................................
................................
................................
............

9

Other popular beliefs I’ve have come across include;

................................
..............................

11

Criteria of Evaluation

................................
................................
................................
....................

12

Authentication Systems

................................
................................
................................
................

15

Chapte
r 1: Graphical Passwords

................................
................................
................................
..

16

Introduction

................................
................................
................................
..............................

16

How does the Technology Work?

................................
................................
.............................

17

Passfaces

................................
................................
................................
................................
...

18

Other Highlights

................................
................................
................................
........................

19

Pros (Passfaces)

................................
................................
................................
.........................

20

Cons (Passface)

................................
................................
................................
.........................

21

Ranking based on criteria

................................
................................
................................
.........

21

Click
-
Based Graphical Password authentication

................................
................................
......

23

Pros(Clickpoints)

................................
................................
................................
.......................

24

Cons(Click
points)

................................
................................
................................
.......................

25

Future Outlook and Conclusion of Graphical Passwords

................................
.........................

26

Chapter 2: Biometrics

................................
................................
................................
..................

27

Introduction

................................
................................
................................
..............................

27

How does the Technology Work?

................................
................................
.............................

28

Necessary Components

................................
................................
................................
............

28

Finger Print Recognition

................................
................................
................................
...........

29

How Finger Print Scanners Work?

................................
................................
........................

30

Three Types of Finger Print
Biometrics: Optical, Capacitance, & Ultrasonic

.......................

30

Pro (Optical)

................................
................................
................................
..........................

30

3

|
P a g e


Cons (Optical)

................................
................................
................................
........................

30

Pros (Capacitance)

................................
................................
................................
................

32

Cons (Capacitance)

................................
................................
................................
................

32

Pros
(Ultra Sonic)

................................
................................
................................
..................

33

Con (Ultra Sonic)

................................
................................
................................
...................

33

Ranking based on criteria

................................
................................
................................
.....

33

Face Recognition

................................
................................
................................
.......................

35

Introduction

................................
................................
................................
..........................

35

How It Works?

................................
................................
................................
.......................

35

Pros (Face Recognition)

................................
................................
................................
........

36

Cons (Face Recognition)

................................
................................
................................
........

36

Ranking Based on Criteria

................................
................................
................................
.....

37

Personal Experience with Using this Technology

................................
................................
.

38

Retina Scan

................................
................................
................................
................................

39

Introduction

................................
................................
................................
..........................

39

How Does It Work?

................................
................................
................................
...............

39

Pros (Retina)

................................
................................
................................
..........................

40

Cons (Retina)

................................
................................
................................
.........................

41

Ranking Based on Criteria

................................
................................
................................
.....

41

Ty
ping Rhythm

................................
................................
................................
..........................

42

Introduction

................................
................................
................................
..........................

42

How Does it Work

................................
................................
................................
.................

43

Pros (Typing Rhythm)

................................
................................
................................
............

43

Cons (Typing Rhythm)

................................
................................
................................
...........

44

Ranking
Based on Criteria

................................
................................
................................
.....

44

Future Outlook and Conclusion For Biometrics

................................
................................
........

45

Chapter 3: Token Based Authentication

................................
................................
......................

46

Introduction

................................
................................
................................
..............................

46

How does the Technology Work?

................................
................................
.............................

46

Hardware Token Breakdown

................................
................................
................................
....

47

Disc
onnected Tokens

................................
................................
................................
............

47

Pros (Disconnected Tokens)

................................
................................
................................
..

48

Cons (Disconnected Tokens)

................................
................................
................................
.

49

4

|
P a g e


Ranking Based on Criteria

................................
................................
................................
.....

49

Co
nnected Tokens
................................
................................
................................
.................

52

Pros (Connected Tokens)

................................
................................
................................
......

53

Cons (Connected Tokens)

................................
................................
................................
.....

53

Ranking Based on Criteria

................................
................................
................................
.....

54

Co
ntactless Tokens

................................
................................
................................
...............

57

Pros (Contactless Tokens)

................................
................................
................................
.....

57

Cons (Contactless Token)

................................
................................
................................
......

57

Ranking Based on Criteria

................................
................................
................................
.....

58

Typical Life Cycle of a Token

................................
................................
................................
.....

59

Various Vendors and Types of Token Based Solutions

................................
.............................

60

Future Outlook and Conclusion For Token Based Security

................................
..................

60

Interpreting the Results

................................
................................
................................
................

61

Conclusion

................................
................................
................................
................................
.....

62

Glossary

................................
................................
................................
................................
.........

62

Work Cited

................................
................................
................................
................................
....

65























5

|
P a g e






















Introduction


Password based authentication is
without a doubt one of the oldest forms of
authentication.

Within the IT Sector, we are often reminded of all the flaws that are associated
with the username and password, and although many good suggestions have been made to
introduce strong

infrastructur
e polices that enforces strong security, because they are designed
from the

prospective of the designer, and because they don’t normally have the users’ needs in
mind,

these tactics are usually subverted by end users trying to get better usability out of t
hese

systems. For this reason, it is often very difficult to find a balance between usability and

security, and combined with the fact that most users simply do not understand
how

password

cracking
works, I believe that with all the alternative authent
icat
ion solutions out there, it i
s
6

|
P a g e


finally come

time to scrap password use in workstation environments and move on to more
current

technologies.

[20]
[21]

Purpose


In this stu
dy
, we will begin t
o explore various authentication systems and see if it is
possible

for any one of them to be

deemed
good enough

to be able to replace the current
password mechanisms

used in most systems today, thus paving the path for becoming the new
de facto standard for

both home and industry wide authentication.

Systems covered




Biometrics (finger print, iris, face recognition)



Rhythm
\
gait

based passwords



Graphical based passwords



Hardware
Tokens


Personal Motivation


As a student of IT security, we are always being told
by our instructors

the adherent
flaws of password

authentication. The attack vectors range anywhere from the
sophisticated

stealthy deployment

of key loggers, to the low tech and popular shoulder snooping.

Yet
despite that, and because

of the relative simplicity of this form of authentication, in terms o
f its
deployment, it is still

widely used as the default standard for authentication.

Personally, I’ve
always wondered why

password authentication was still the default standard despite the fact
7

|
P a g e


that there were many

new and more secure systems emerging an
d because of this, I wanted to
find out on whether

or not it is even practical to replace password authentication with that of
something better.

My first approach towards the goal of finding the perfect authentication system was one
that

would involve choo
sing a random system

based on initial assumptions

and evaluating it on
the bases of its strengths over

password security.


In the earlier phases, I was under the
assumption that any form of

authentication would be superior to password authentication and
as

such, I decided to take up

‘graphical passwords’ after hearing about them for a first time in a
lecture.


The system seemed

interesting at first because it was new to me, and as such, I started
researching it. However, in

the end, as I learned more of its

strengths and weakness, I found
that the weakness exceeded

the strengths, and while it may have been possible to fix the
systems with carefully placed

modification, the catering that it seemed to required would have
been too much trouble, and

thus deemed
this particular system impractical to use in a real
world scenario because of the

fact that the average user would not or could not make the
necessary modification to make it

work.

[14]

After that finding some, suggested to look into

biometrics as a possible solution, but having experienced flaws of this form of authentication
first hand, (since my XPS M1330 has a built in fingerprint reader) I decided to abandon the idea

of arbitrarily choosing one go
od authentication system and mod
di
ng it to meet the demands

necessary to making it work as a successor to password authentication, to the more realistic

approach of analyzing the many systems and drawing up a conclusion based on its current

setup with little modification.

8

|
P a g e


Where
Did

the Dat
a Come From?


Data
presented here was

collected
entirely from

secondary
sources

helped

me in
determining the feasibility of a particular system
.


Problems
addressed
were

being

taken into

consideration.


In addition, some of the relevant information
was

taken from various security

related books.

The scaling system, that will be introduced later, though entirely a work of my
own creation was influenced by a combination of the overall consensus of my reading, as well
my own knowledge.

What Kind of Informa
tion would be used for this Study?


Mostly information regarding the various systems, their pros and cons in addition to
info
rmation
rela
ted to their cost in deployment. T
his paper will revolve around the search

for

an
effective authentication system to
replace string based passwords
,

so anything that can be
used

to prove one form of authentication over another
was of use
.

Why do security systems in general, fail?


When it comes to security, there are more than one mental model that comes into play they

include;

a)
Design model
--
the security model from the designers’ perspective and how it

should interact
with the user and the system. It is the belief

on

how the system

should work in a perfect world.

b)
User’s mental model
--
the model in which how the user

of the system believes

the security
system to work, based on assumptions.

The model differs from user

to user, some and some
users have grossly inaccurate assumptions.

9

|
P a g e


c)
system model
--
the actual way the system works.

The main reason why security systems

fail is because users and designers view security

completely differently. The policy designer usually has only security in mind and thus is solely

concerned with security and disregards usability. The end user lacks knowledge or has

completely wrong idea
on how security systems work and how hackers exploit weakness in the

system, so in tern they ignore security or attempt to bypass the policies in place in order to get

access to resources faster. [1][2]
[33]

Why should we stop using password based authentic
ations for

productivity environments?


T
here was various support and opposition against

password based authentication that
has prompted me to look at the possibility for change as

well as more than one school of
thought in t
erms of where
authentication
security is

going.
Some negative

aspects of password
based security that seemed to be common amongst other password

related papers included
these;

1. There is a problem in finding balance between usability and security.

[20][3]

a)

People use the same
passwords everywhere

[20]

b)

People use common dictionary words and password that are too simple
[20]

c)

Enforcing strong password policies may force users to write them down
[20]

2. Passwords can easily be told to others.

3. Passwords are easy to copy.

4. There

are many widely available tool of decrypting stored password information.

10

|
P a g e


5. Passwords can be captured easily during input time.

6. There are weaknesses in password reset mechanisms that hackers may be able to

exploit.

7. Passwords are the weakest link in
to any system

8.

The same passwords are constantly being reused for different systems.

[21]

There were also a few articles that tried to predict where
authentication would be going
in the

future.


Since for my purpose, I want to find a single solution (best case scenario) for a

replacement for password authentication, I will likely need to first evaluate these individual

groups that have been identified. For example, one article expresses a belief
that future

authentication systems will move from so called ‘knowledge based’ (e.g. password based

authentication) authentication to ‘memory based’ authentication (e.g. graphical passwords).

The rationale behind this was that the major weakness to knowledg
e based authentication like

passwords was that users were simply incapable of retaining over 5 different passwords and

thus
fixed
this problem by either, writing it down, disclosing it to others, or using the same

password universally across systems. As
such, the authors felt the solution would be to find or

develop systems that promoted users ability to memorize. At the same time the new system

had to be strong enough to prevent attackers from using brute force, educated guessing or

other means of by
-
pas
sing security. The study then proceeded in the evaluation of the

memorably of three systems;

1.

Picture Recognition Technologies
(AKA graphical passwords)

2.

Pseudo
-
word recognition
(same as graphical passwords except user is presented a
series

of pseudo words e
.g. ' kould' from various selection screens.

11

|
P a g e


3.

Artificial grammar learning
(a system that requires user to memories a pattern or string

of characters. e.g. JKGWYY


In the end of the study, recognition technology was proven easier for users to remember and

wa
s declared the ideal solution. [3]

In another similar study, the same kind of argument concerning memorability was
brought up,

but this time, placed it in the context of finding a memory
-
based system to replace
PIN

numbers at ATM machines.


Since workstati
ons at work have a similar degree of data
sensitivity

when it come to protecting data,
it makes sense to think that

what can be applied to
ATM’s can also be applied to

workstation pc’s. In this particular study, similar memory tests
were conducted over a p
eriod of

one

month in which users using
three

different kinds of
memory based authentication systems (and
one
using traditional PIN numbers) were required
to memorize
five

passwords. Once again, graphical

passwords proved superior in terms of
password rete
ntion by users of the group who were

given a graphical password to memorize.
[4]

However, though the arguments for memory based password seemed strong, in another

article, it was challenged by 2 other papers that brought up the notion that ‘if the user can

easily memorize graphical passwords, so could the shoulder surfer’.

[5][6]

Other popular beliefs I’ve have come across include;




Authentication is better handled behind the scenes and should be nearly automated

since user interaction is a greatest
weakness to the system. [8]



Multi
-
factor authentication, VS single
-
sign on [7] [8]

My approach to finding the answers to this problem is to continue to find articles pro, and

12

|
P a g e


against any given technology or generalized belief and then analyze each solution

based on my

own criteria based on some things I found to be common sense, as well as idea’s I’ve picked up

from various readings. The criteria I will be using is the one given below. Each technology will

likely be given a rating out of 10 based on observa
tion and what I find.

What is the Outcome and how will this Research Benefit

Others?


If I am able to find and isolate a technology that is good enough to replace passwords,
business

owners would no longer have to run the risk of deploying risky technology

they are
unfamiliar

with.

Even if several items tie, at least by evaluating the strengths and weaknesses
of each

technology (as presented in the research) business owner’s can find a system that best
fits their

needs.


I’m not sure yet but I may actually do this kind of analysis myself.

Criteria of Evaluation


In order to determine rather or not a particular authentication method would be deemed a
worthy candidate towards succeeding passwords as the standard authenticat
ing agent, it is first
necessary to developed an ideal criteria to ranking each technology, and after undergoing
much research, the following categories have been identified and established, based on key
attributes that could be considered most desirable
among workstation users and IT staff alike
when selecting a new system. These categories include;


1.

Number of security holes

2.

Cost

3.

Ease of Use

13

|
P a g e


4.

Increase in Security

5.

Scalability

6.

Practicality of implementation and modding

7.

Access and availability (how easy is i
t to obtain)


From the 7 categories above, the various systems will then be ranked out of 10 accordingly for
a total of 70 points. The following chart below further explains and describes set features that
would grant various systems a more generalized r
anking of what would be considered, a low
score, a medium score and a high score. In the end, only systems with and overall score of 53
or higher across all categories will be considered for being a likely candidate for selection.



Number of
Exploitable
Security Holes

Score





High

0
-
3

Number of security holes
exceed the threshold of what
could be considered
acceptable and the
authentication system has
more holes then password
based security.

Medium

4
-
7

Number of Security holes only
marginally improve over
number of exploitable
password related holes.

Low

8
-
10

Very few exploitable holes
and massive improvement
over password security


Cost

Score





High

0
-
3

High maintenance and
installation costs

14

|
P a g e


Medium

4
-
7

Cost of fully
installing and
maintaining system is either
high in maintenance fees or
high in installation but not
both.

Low

8
-
10

Cost of fully installing and
maintaining system is
minimal.



Ease of use

Score





Low

0
-
3

System is so complicating that
most users
will attempt to
bypass it in order to speed up
work production.

Medium

4
-
7

System has a medium level of
complexity that can be
tolerated by most users.

High

8
-
10

Daily usage of security
mechanism is easy to use by
most users with business level
computer
skills.


Practicality

Score





Low

0
-
3

The system is complex to
troubleshoot if broken and
difficult to mod and requires
major changes to in fracture
to use.

Medium

4
-
7

System has a medium level of
setup complexity and can be
workable with effort.
Small
change to existing in fracture
may be required.

High

8
-
10

System is flexible, easy to
install with current
technologies and quick to set
up. No change to
infrastructure

mainly out of
the box solution.


15

|
P a g e



Scalability

Score





Low

0
-
3

System is
only meant to be
installed on network size it
supports and either does not
provide room for growth or
too elaborate to be practical
on smaller systems.

Medium

4
-
7

System has a workable level
of flexibility but generally
can’t handle extremes.

High

8
-
10

S
ystem is highly flexible and
can be implemented with
ease on networks of any size.


Increase Security

Score





Low

0
-
3

System provide little or no
security advantage over
password security.

Medium

4
-
7

System provides some
security advantages over
password security.

High

8
-
10

System is much more secure
then password
authentication.


Access and Availability

Score





High

8
-
10

Found in any office or
computer store.

Medium

4
-
7

Implementation exists but
special orders need to be
made.

Low

0
-
3

Only exists in theory or is a
prototype so development
overhead is need to make the
solution
.


Authentication Systems


16

|
P a g e


Now that the baseline on what the goals are of this paper, in the next few Chapters, we
will take a look at various authentication systems and in the end we should eventually have a
good idea on what systems will be good for the purposes outlined here by u
sing the
quantitative graph above and my own critical analysis as a guide.

Chapter 1:
Graphical Passwords

Introduction


Traditionally, passwords have been used for years and they usually were made up of a
secret string of chars that would be prompted by a systems login screen when ever
authentication was required to access some kind of secured resource. For a long time, th
is had
been adequate enough in environments
where people only had to


Figure 1.0.0

Problem with Passwords

[20
]


memorize a single combinati
on of
usernames and passwords.
However,
today’s world is different such that many of
us now need to memorize many s
ets of
user
-
password combinations, forcing users
to shy away from using secure practices and
doing things like creating overly simplistic passwords and using the same passwords for
multiple systems. As such, system administrators responded by creating str
ict password
policies which forced users to create user unfriendly passwords in which they usually forgot.
17

|
P a g e


For these reasons, users often debunked to the even less secure practice of writing things
down. This generally seemed to be the common problem wit
h traditional passwords, so while
searching for solutions, graphical passwords seemed to be a good place to start since it plays on
the human’s natural ability to more easily remember pictographically images over, texts,
numbers and symbols and as mentione
d earlier, it has been a common belief by many experts
that security can be solved if a system is developed that plays on the humans ability to
memorize. Such systems as a whole are often regarded as memory based authentication
systems. In this first wri
ting, we will look at and examine how various flavours of graphical
passwords work, their strengths and weaknesses, and finally, we will rank it accordingly to see if
it would make a good replacement for the current text based password system.

[20]

How doe
s the Technology Work?


In general, graphical
-
based authentication takes on many forms. But they usually all
have the same distinguishing component in which in order for a user to initiate the
authentication process, that user must ‘click’ a series of gra
phics, colors, or patterns as opposed
to difficult to remember text, in order for authentication to take place. As I began exploring
there various forms graphical based password could take place, there were two predominate
forms I discovered, and for the
purpose of this report and because of the fact that all other
systems seem to have stemmed off these dominate two, I will only talk about its most common
iterations. The first being often referred to as “
Passface
s”, which uses the theory that human
beings

are more easier able to memorize a persons’ face then other forms of pictures or even
names. (If you really think about it, when you first meet someone new, you never memorize
their name right away, their face however is often difficult to forget). The
second type is the
18

|
P a g e


initial and first graphical based authentication system developed by unnamed computer science
researchers at Rutgers University
-
Camden. In this version of the system, users authenticate
themselves by clicking on certain points on a pict
ure in sequential order only the user knows.

Passface
s


This is most likely the most marketed and predominate form of graphical
based authentication today mostly because of its great support for
Windows systems. As mentioned earlier, is makes the use of
a series of
randomized faces, in which the user sets up as a password in order to
make up the
Passface
. The faces are usually randomly selected from a
large bass of hundreds of faces. But only 9 are displayed on a screen at a
time in which the user selec
ts a single face.

Once the user selects and clicks on a face, the screen refreshes and a new
host of nine faces are randomly fished out from the much larger pool of


faces, a few (1 or 2 faces will always be from the users selected
Passface
).

Figure
1.0.1

Passface
s on phone

[25]

The user then clicks on his/her next face in the
Passface

string, and this process repeats until
the full
Passface

string is selected. If the series of selected faces match the string stored in the
database, the user is grant
ed access to the resource.

[9]
[10]





19

|
P a g e




Figure 1.0.
2



Passface

usage on smartphones

[25]





Figure 1.0.3

Typical topology of how
Passface
s can replace passwords in a workstation
through active directory.

[10]

Other Highlights




Workstation
Authentication (LAN)



Passface
s Client replaces Windows password logon


20

|
P a g e




Off
-
line authentication for roaming notebooks



Remote Authentication (via Web browser)



Integrates with Microsoft IIS (Internet Information Services) Web Server for remote (browser)
access



All major Web browsers supported without plug
-
ins or software installation



Works seamlessly with "Basic Authentication" (e.g. Outlook Web Access) or forms based
authentication



Remote email via Outlook Web Access



Applications hosted through Citrix
Metaframe



Custom Web Applications



Intranets and Extranets

[10]

Pros

(
Passface
s)



Easy implementation



Solve the problem presented by users not being able to memorize passwords



Works on existing technology and OS’s



No possibility of lost written down
passwords or authentication tokens getting in the
wrong hands



Support for 2
-
factor authentication



Low cost of ownership



Lower costly password reset rate

21

|
P a g e




Known to have greatly hammered the effects and success rate of phishing
[4][5][6]

Con
s (
Passface
)



Easy
for others to shoulder snoop



The selected predetermined image can be guessed if the preferences of the user is
known.



Time to complete the authentication process is slower th
a
n traditional password
authentication. Due to multiple screen selection
VS

one
and in the case of slower
machines, the graphics may take time to load.



If Brute force methods are developed, the number of randomized faces are lower then
the number of combinations that can be created with text
-
based passwords.

[4][5][6]

Ranking based on

criteria


Cat
eg
ory

Score

Reason




Number of security holes


8

The kinds of attacks performed
on graphical passwords are the
same as that seen on text based
passwords. Overall count of
holes is less. (2
-
3 known holes)
They include
b
ruteforce

(hard to
do but possible), shoulder
snooping and smart password
guessing.

Cost


8

Software solution is low as well
as
maintenance
. The costs of
password resets is also much
lower then text based systems
because people usually
remember their
Passface
.

E
ase of Use


10

Very easy to use, no computer
skills or manual required.

Increase in Security

6

Offers improvement in areas
22

|
P a g e



like, reduced phishing, harder to
develop cracking software for,
and eliminates passwords from
being written down. However,
one major flaw is the possibility
of the success rate of shoulder
sniffing increasing since
memorability of faces also
applies to t
he shoulder sniffer as
well. There is also the possibility
of brute force attacks. If a
hacker were to find a way to
brute force
Passface
s, the much
smaller combination of
Passface
s
would potentially make it
possible to crack in no time.
However, as of
now
Passface

cracking is only theory and has
not been done en mass yet.
There was also an issue that
arise where hackers were able to
intelligently guess
Passface
s be
knowing little about the user.
For example, for a 5 screen
selection of faces, each wit
h a
grid 3X3, a guy may select the
most attractive girl in each
selection for his password. In a
similar example, people are
often know to select
Passface
s of
those the same nationality they
were
. As such, other then
having the system automatically
choos
e
Passface
s for users, there
is very little methods that can be
used to enforce good password
policy’s as there are with text
-
based passwords.
E.g.

in text
base passwords, if users keep
choosing simple passwords like
‘password’ as there login.
Admins may
enforce a policy to
does not also dictionary words.
It

s much harder to do this kind
of filtering on graphics since the
computer can’t interpret human
faces like humans can.

[4][5][10]

Scalability

8

Very scalable, works in all
23

|
P a g e



environments and can even
be
applied to end devices like
smart
-
phones and laptops.

Practicality of implementation
and modding (How much
change to existing infrastructure
is needed)

8

Require little change to
infrastructure
, and server
software is readily available for
Windows. Cl
ient software must
also be installed on individual
clients.

Access and Availability

7

Enterprise based software
solutions are readily available
but special orders must be place
to acquire them.


Overall Score = 55


Click
-
Based Graphical Password
authentication


The original implementation of graphical passwords relied on the user’s ability to
memorize certain points on a picture in which they would click in sequence in order to
authenticate themselves. These individually locations are often refer
red to as ‘click points’ and
they can either be chosen randomly by the system, or specified by the users. This iteration also
has a means of preventing and mitigatin
g the effects of shoulder snoop
ing. Basically, how this
works is that a user clicks image
s within images. Example, if a user clicks on a certain shape
within another shaper, though user and system recognize what image w
as clicked, to the
should snoop
er, they would be confused on what shape was actually clicked, the inner or outer
shape. When

multiple click points are added to the equation, the difficulty in following what
shape is being clicked on increase by a large order of magnitude.

[16]
[26]



24

|
P a g e



Figure 1.0.
4

a complex image in which a user sets a series of shap
es to be used as a
clickpoint




Figure 1.0.
5

a ser
ies of user defined clickpoints

[26]


Pros
(Clickpoints)



Solve the problem presented by users not being able to memorize passwords



No possibility of lost written down passwords or authentication tokens getting in the
wrong h
ands

25

|
P a g e




Support for 2
-
factor authentication



Lower costly password reset rate



Known to have greatly hammered the effects and success rate of phishing



Has anti
-
shoulder snooping measures

[16]
[26]

Cons
(Clickpoints)



The selected predetermined image can be guessed if the preferences of the user is
known.



Time to complete the authentication process is slower then traditional password
authentication. Due to multiple screen selection
VS

one and in the case of slower
mac
hines, the graphics may take time to load.



Possible brute force tools have been created for use again single image click
-
based
password systems



Not as widely available as
Passface
s



May require costs allocated for development (since most click based schemes

are
prototypes and research projects)

[16]
[26]


Cat
eg
ory

Score

Reason

Number of security holes


8

The kinds of attacks performed
on graphical passwords are the
same as that seen on text based
passwords. Overall count of
holes is less. (2
-
3 known holes)

They include Bruteforce (hard to
do but possible), and smart
password guessing

Cost


3

There are not many suits as
complete and readily available
for this type of graphical
26

|
P a g e


password technology. With that
said, cost allocated for personal
tuning and
maybe even catered
development costs may be
required.

Ease of Use


10

Very easy to use, no computer
skills or manual required.

Increase in Security


7

Offers improvements in areas
like, reduced possibility of
phishing, keyloggers, etc. Some
implementati
ons even have anti
-
shoulder snoop
ing

measures.
How
ever
, this
form

of graphical
based passwords is still
susceptible to brute force
clicking algorithms.

Scalability


8

Can be fit into any size system.
It simply replaces the password
authentication
process with its
own.

[26]

Practicality of implementation
and modding (How much
change to existing infrastructure
is needed)

8

Require little change to
infrastructure
, and server
software is readily available for
Windows. Client software must
also be
installed on individual
clients.

Access and Availability

3

Hard to find and mostly
unavailable.


Overall Score = 47


Future Outlook and Conclusion

of Graphical Passwords


After taking a look into both kinds of graphical passed authentication methods, I’
ve
come to conclude that the
Passface

method is superior to click
-
based authentication most due
to the fact that it is already readily available for purchase. Though click
-
based authentication is
likely to be more secure, I don’t think it would be wise fo
r any company to jump in to this yet
because since most of it is still in beta stages, the overall development cost does not seem to
justify its
two

vulnerabilities VS
three
. Overall, both systems are very promising and scalable,
27

|
P a g e


they are also very easy t
o deploy and use and its possible for use to see more use of this
technology is some shape or form in the near future.

Chapter 2:
Biometrics

Introduction


Often r
eg
arded as one of the stronger forms of authentication and one that has more
recently began
being implemented in many roaming devices today, Biometrics encompasses a
broad scope of technologies in which provides user authentication by using the unique physical
or behavioural based traits as a means of verifying who individuals are. Some forms of

physical
based biometric technologies include, the ever popular finger print recognition, face
recognition
,
vascular pattern/vein geometry recognition, iris recognition, retina recognition
and DNA scan identification. Some forms of behavioural based au
thenticating technologies
include voice recognition and typing rhythm. For the purpose of this section, I will be looking
into the more widely available biometric systems for each of the two categories and then
proceed to identify the superior technology
of the overall. Technologies that will be explored in
this section of this report will include;



Finger print recognition (3 subcategories based on sensor technologies)



Face recognition



Retina recognition



Rhythm based technologies


But before getting into

individual systems, lets first take an overall look at how biometrics in
general work an features that are shared amongst all systems.

[9][11]

28

|
P a g e


How does the Technology Work?


Although the underlining layers on all biometric based technology achieve the sam
e functions
through different means, they all encompass 3 phases in which are required to works. The
three phases are;

1.

Enrolment

The process of scanning and registering a unique individualist trait that will
be used as an personal access key.

[11][13]

2.

Sto
rage

Once the enrolment process is completed, the information scanned is
converted into a digital signature which is then either stored on the device itself or on
the hard disk of the system in encrypted form.

[11][13]

3.

Comparison

After both the enrolment o
f new traits is stored, authentication can now
be ready to be used. During authentication, the users typically allows the scanner to
analyze their individualist trait. That trait is that compared against those signature
image(s) stored during enrolment.

If there is a match, the user is granted authorization
to the specified resource.
[11]
[13]

Necessary Components


In order for the 3 phases above to be achieved, several components are also required
so
that those goals could be achieved
. The first component needed, as mentioned earlier is the
sensor
. The sensor is typically used for capturing unique imprints during the enrolment phase
and is usually a piece of hardware that can be integrated o
r an added add
-
on to a system.
In
addition
, it is also used in the scanning of users who wish to authenticate themselves. The
second component necessary for biometric technology to take place is the
computer
that
29

|
P a g e


stores and compares the scanned images. However, it should be noted that not all bi
ometric
devices require the PC to perform those function and may actually store enrolment images on
the device instead (advantages to this would be that the stored encrypted image would be
much more difficult to access the image to performing brute force c
racking). And the final
component required for biometric authentication to work is
software
that actually interacts
with the sensor and storage device and performs the actual image comparison.

[22]

Now that the you know a bit about the generalities about

biometrics overall, it’s now time to
get into specifics so that we can later analyzes their strengths and weaknesses in comparison to
password based security.

[9][11]

Finger Print Recognition


Today finger print recognition is one of the most widely deployed form of biometrics
authentication and in recent years has been integrated into devices such as
USB

thumb drives
and laptops, in which much of its success in smaller scaled devices I believe
may be attributed
to the fact that;

1.

Finger Print Biometrics is the least expensive form of biometrics

2.

The small size of the scanner used for print captures. (Recall earlier that one aspect for
an authentication technology to be a success is that the chang
e must not greatly impact
infrastructure of what already exists. A large sensor may have physical implication to
infrastructure that may deter people from implementing the technology. )

With that said, it would be interesting to see how it would fair in a

workstation environment.
But first let’s look at how it works and the 3 forms this technology comes in.


30

|
P a g e


How Finger Print Scanners Work?


There are 3 main types of scanners used in finger print biometrics and they all work in
completely different way to

map out the unique ridges and values in a fingerprint.

[9][11]

Three Types of Finger Print Biometrics
: Optical,
Capacitance
, & Ultrasonic


Optical
in this implementation, the capturing of the finger print image is done by a charged
coupled device (same ca
pture technology used in digital cameras and camcorders). The CCD is
essentially a collection of light
-
sensitive diodes that generate electrical signals in the presence
of light. The light
-
sensitive diodes are also
referred

to as photosites
, and each individual
photosite is responsible for recording a single pixel of light. When combined together with
other photosites, they
merge together and form an image
. In the case of the scanner used in
finger print biometrics, the

image captured is t
ypically the

inverted image of the human finger
print. After capturing the print, the software usually attempts to clean up the image by making
the ridges more defined by darkening them etc. If the image taken is too bad, the scanner
would request a resc
an until a desired image is captured.

[1
7
]

Pro

(Optical)




Most readily available form of biometric technology on the market



Cheaper than most other forms of biometrics

Cons

(Optical)




Higher fault rate among competing finger print biometrics



E
asier to fool

then Capacitance and Ultrasonic scanning

[
17
]

31

|
P a g e




Capacitance
scanning is another method in which the human finger print can be recorded.
However, instead of using light

to

capture the various ridges and values that make up the print,
it uses a small elect
rical current that
is responsible for recording the depth of the ridges
.




Figure

2.0.0

Capacitance Circuitry diagram

[17]


In the above diagram, it outlines how the sensor makes use of the values and ridges to
complete a circuit.

[1
7
]


“The sensor above is typically made up of one or more
semiconductor

chips containing an
array of tiny cells. Each cell includes two conductor plates, with an insulating layer.
The sensor
is connected to an
integrator
, an electrical circuit built around
an
inverting operational
amplifier
. The inverting amplifier is a complex semiconductor device, made up of a number of
transistor
s, resistors and capacitors.” [1
7
]

The function of the amplifier is to alter a supply of
voltage based on the relative voltages

of two inputs, called the inverting terminal and non
-
32

|
P a g e


inverting terminal.

The non
-
inverting terminal is what grounds the current, and the inverted
terminal is connected to a reference voltage supply and feedback loop. The feedback loop,
which is also co
nnected to the amplifier output, includes the two conductor plates.”

[17]


The two conductor plates illustrated above is what form the bases of the capacitor, and the
fingerprints’ surface acts as the third. Because of the fact that the valley’s in a fi
ngerprint
create pockets of air between the plates, it causes the varying distance between the capacitor
plates to change in total capacitance (ability to store electrical charge). With that, the capacitor
in a cell

under a ridge will always have greater

capacitance than a cell under a
valley
.”


[17]

During scanning voltage output is read and depending on a cells charge the software is able to
determine rather or not a surface area on the finger is a ridge are a valley. After reading all the
cells undern
eath the finger and sensors, the processor is able to generate an image of what the
fingerprint looks

like
.

[17][9]

Pros

(
Capacitance)




the ability to measure depth makes capacitive scanners harder to fool the optical
scanners.



The semiconductor chip used
in this technology is physically smaller then the CCD unit in
optical scanners. So the overall scanner can be made more compact.

[17]

Cons

(Capacitance)




More expensive then optical sensor biometrics


Ultrasonic

sensors use very high frequency sound waves that bounce off the surface area of
the finger and recreate the image of the prints. The technology behind this is similar to how
33

|
P a g e


bats use echo location in the wild to home in on food. If the refracted sound
wave comes back
soon, it means the object is close by. In the case of a finger print, this could mean the presence
of a ridge.

[9]
[18]

Pros

(Ultra Sonic)




High accuracy

Con

(Ultra Sonic)



Expensive



Some people don’t like the feel of the ultrasonic waves

Ranking based on criteria


Category

Score

Reason




Number of security holes


8
-
9.5

Not many security holes aside
from the fact that it may put
the lives of its users in danger
in such that an attacker may
cut off the finger of a user to
gain access to a resource. It
may be possible for an
attacker to somehow gain
access to the stored
f
ingerprint image and use it
during authentication to login.
This attack is possible with
optical based finger print
recognition that does not map
out depth of its ridges.

Cost


5
-
6.5

Dependant on the technology
used. Optical being the least
secure but

cheapest followed
by Capacitance and ultrasonic.


Ease of Use


7

Average level of false return
rates typical of biometrics in
general may irritate some
34

|
P a g e


users. From personal
experience, on may old
XPS1300 laptop, using an
optical scanner, it took an
average of 2
-
3 finger swipes
form me to log into Windows
Vista. A finger print is also
difficult to forget. Another
thing which could deter the
use of the technology is that
users without hands or poor
quality fingerprints would not
be able to register a

print to
use.

Increase in Security


9

Much

higher security then
password based security.
Because the password is a
finger print, it’s impossible to
獨慲a 慮T Tiff楣u汴 W漠 c潰礮
周攠on汹 牥慬apr潢汥洠i猠WU慴
楦 c潭p牯浩獥 To敳e潣ou爠祯u
can’t simply change your
數楳瑩e朠f楮来gp物nW 祯u U慶攮

Sca
lability


8

Scalability is dependent on
rather or not your OS
supports a particular piece of
attached hardware.

Practicality of
implementation and
modding (How much change
to existing infrastructure is
needed)

6.5

All forms of biometric
technology may r
equire a
slight change to existing
network infrastructure in that
you may need to purchase the
scanner and then replace
usernames and passwords
with fingerprint images. You
will also need appropriate
software.

Access and Availability

4
-
7

Depends on the
technology.
Optical scanners are found
everywhere whereas ultra
-
sonic biometric is very hard to
find.


Overall Score = 47.5


53.5

35

|
P a g e



Face Recognition

Introduction


Facial recognition is a type of biometrics technology that records distinguishing facial
geometries and other key focal points on the face. Today, next to finger print biometrics, it is
the second most commonly used form of biometrics used and can be found bundled in many
laptops that have built in digital cameras. In the following section,
we will explore how this
technology works, its strengths and weakness as well as how practical it work if we were to
apply it in a workstation environment.

[9][13]

How It Works?


Facial recognition typically requires 3 components for it to function.

1.

Camera

(the sensor used for capture)

2.

Software (responsible for mapping focal areas on the face that make it distinct)

3.

Hard

D
rive (for storage)


The camera typically takes an optical image of the face and stores the image on the storage
device.
A specialized ca
mera

is not required for this form of authentication to work, but a
better web cam may y
ield lower false rejection rates obviously due to high resolution images
.
Once the image is taken, the underlining software takes over and lays the image out on a grid
.
It then maps out key points, like the distance between two eyes, size and height of forehead
etc.
[9]

36

|
P a g e


Pros

(Face Recognition)




D
oes not require any kind of specialized capture device, a simple web cam will do in
which could
be found for as little as $9
.99
at Factorydirect.




the what you have means of authentication token is universal in such that everyone has
a face.




Among the cheaper forms of biometric technologies.




N
o hygiene
-
related health concerns since you don’t need to touch the sensor.

[18]


Cons

(Face Recognition)



The system's field of view must cover a wide range of heights, from the tallest standing
user to a user in a wheelchair.



Requires the user to face the camera directly during authentication and user must
remember the exact facial exp
ression and position they used during registration for
authentication to proceed.



Lighting must be uniform and consistent

with good front lighting and little back
lighting

any change in lighting conditions will cause false rejections. This makes it hard

to authenticate if lighting level were not the same as registered images.



Some systems can be tricked into accepting photographs or even drawings of faces.



Since the capture device is optical, it’s possible for malicious users to decapitate legit
users to

gain access to resource thus putting their life in danger.



Likewise, an attacker could coerce a legitimate user to look at a camera to complete an
authentication under duress.



Optical sensor could be tricked with really detailed masks

37

|
P a g e




P
rivacy concerns sin
ce images are photos of your face easily be traced back to you
without the need to compare it with anything.



There are unknown accuracy rates, with a high chance of false negatives. Thus making
the whole authentication process painfully longer then it sho
uld be.
[18]

Ranking Based on Criteria


Category

Score

Reason




Number of security holes


5

Most of the holes found are
related to the flaws with
tricking the optical sensor.
Such as, using a well modeled
clay face or photograph,
decapitating the individual
who has access and using
their face. Taking a photo of
the individual and using it.

Co
st


6
-
8.5

Scanner (web cam can vary in
price) from $9.99


潶or ␱〰.
周攠 慶敲a来g web c慭a c潳oV
慲aunT ␱㤮9㤮

Ease of Use


0
.5

Huge false rejection rate
makes this form of
authentication very difficult
and frustrating to use.

Increase in Security


6.5

No huge increase in security
over password based security.
Only that it can’t be brute
f潲c敤.

Scalability


8

Very Scalable. Very software
dependant.

Practicality of
implementation and
modding (How much change
to existing infrastructure is
needed)

8

M
inor to no change to
infrastructure.
E.g.

if your
workstation allows laptops to
dock and connect to network
that way, most laptop now
come with built in webcams
and thus no modification to
38

|
P a g e


hardware infrastructure
would be required.

Access and Availabilit
y

10

Very easy to find since any
computer store or even retail
stores should have a basic web
cam.

Overall Score
= 49



51


Personal Experience with Using this Technology

Although hardware requirements is just a standard web cam, and authentication seems
simple, Face biometrics in general has an extremely high false rejection rate, much higher then
the 2
-
3 swipe requirement for fingerprint recognition. Its so bad, and it t
akes so long to
authenticate, (10mins or more) I usually have to default to the backup authentication method
to log into Windows. Software for Face recognition usually allows you to store not just 1
imprint but an infinite number of images that can be com
pared against during authentication.
In
essence, with multiple snap sho
ts taken of your face, the false rejection rate should be lower.
However in reality, even after I took over 500 photo images of my face, the authentication
process was still bad. To
make matters
worse
, the sensitivity is so sensitive that, simply by
changing chairs thus lowering or raising the position of your face, to moving your system to a
different room, or even getting a haircut can completely through the system off and thus
requ
ire you to register all new images. My testing was done on my laptop which can be moved
around. This has the effect of causing the system to reject you because lighting and color differ
in different rooms. To offset this, I re
-
registered my face under v
arious conditions. 250 images
in one room under bright light and 250 images under low light. Then I did the same things for
other rooms. However, I eventually gave up on this because every time there was some sort of
39

|
P a g e


environmental change, or a change to

how I looked, I needed to register all new faces. Another
frustrating thing was trying to remember what position and facial expression I used during
registration. I eventually defaulted to always putting on a huge and unnaturally large frown
simply beca
use even expressionless faces could be hard to remember. In a workstation like
environment, even though systems would generally not be moving around, if the system is
networked and you need to access a system in another room, again, lighting would be a
pr
oblem.

Retina Scan

Introduction

Often regarded as the successor to the other form of eye biometrics, retina recognition
is a very accurate scanning technique that makes the use of the unique formations of blood
vessels that are found within the lining of

the retina located in the back of the eye; the retina is
basically a lining layer of tissue around the eye that is light sensitive, and captures and
interprets what the eye sees. Since the blood vessels within the retina are unique and because
of the fac
t that the eye is not exposed to harsh conditions, it’s safe to say that most of the time,
the unique patterning within the retina will remain the same for the individual for the rest of
their life.

[9][13]

How Does It Work?

As mentioned before, the blood
vessels within every individuals’ retina is unique. The scanner
is usually some device in which typically looks into and focuses the eye on a specific point.
40

|
P a g e


Then, for the next 10
-
15 seconds, a low intensity light would laminate the blood vessels and
pho
tograph the image reflected that is later used for image comparison.

[9]



Figure

2.0.1
--
Large retina based sensors [12]

Pros

(Retina)



Military grade reliability



Very accurate/low false positives;
error rate of 1 in 10,000,000 compared to 1 in 500 for
some fingerprint biometrics.



Almost 0% false negative rate



Retina does not change throughout life (only exception is certain diseases)



Nearly impossible to fake.



Even if a person were to lose their eye, since the vessels in the eye deteriorate rapidly, it
can’t be used for authentication.



Speedy results
[9][13]
[18]

41

|
P a g e


Cons

(Retina)



Very expensive



Scanners are often large



Subject being scanned must be close to the camera optics.



Requires training and patience to use and thus not user friendly



Measurement accurac
y can be affected by a disease such as cataracts



Measurement accuracy can be effected by contact lenses or glasses



Measurement accuracy can be affected by severe astigmatism.



May not accommodate all people properly, e
.
g
.

people in
wheel

chair may be too lo
w on
the ground to use the sensor which most are large, can’t be moved and requires user to
look into it directly.



Some will find it intrusive or may be even fearful because of the fact a laser is being
used to scan the eye.

[9][13]
[18]

Ranking Based on
Criteria


Category

Score

Reason




Number of security holes


10

No known exploitable security
holes at this time.

Cost


2

Hardware is too expensive

Ease of Use


4

Users must train to be able to
use device.

Increase in Security


10

One of the most
secure forms
of authentication methods
used today.

Scalability


5

Not scalable for smaller
workstations with little
physical space. The scanner is
42

|
P a g e


often big and some would
have difficulty
accommodating for it.

Practicality of
implementation and
modding
(How much change
to existing infrastructure is
needed)

4

Lots of accommodations must
be made to make room for
the scanners.

Access and Availability

5

Not readily available on the
market.

Overall Score = 40

Typing Rhythm

Introduction

As it is well known that while the problems involved in maintaining balance between
usability and security for text
-
based password authentication is well documented, some
suggested that by layering biometrics on top of existing passwords, a higher level of

security
can be achieved. Typing rhythm biometric is an emerging biometric technology that others
improved security by offering a form of 2
-
factor authentication by having users not only have to
know their username and password, but must also know the di
stinctive typing patterns of a
legitimist user in order to be granted access of a resource. The measurements used to provide
the ``what you know`` component of authentication include;
diagraph

legacy

the delay
between release of one key and the pressing o
f pressing of another and the
hold time

the
time between the press of one key and the release and another, all in which are measured in
milliseconds. In the next section, we will explore the benefits and shortcomings of this
technology and see how it may
fair in a workstation environment.

[9][13]

43

|
P a g e


How Does it Work

The underlining foundation to how this technology works is simple in terms of concept, but
complex in terms of implementation. Basically, everything is performed through software that
not only st
ores username and password information, but also streams of diagraph legacy and
hold times associated with at minimum the corresponding username and password. During
enrolment, users make up a password. Then usually one, two or both of the following thin
gs
happen depending on the software used;

1)

After user comes up with a password, they are then told to repetitively retype the
password so that it can learn the timing associated with the specific word.

2)

The system evaluates user typing patterns during regula
r PC usage and profile’s the
users based on what it learns during the session. Obviously as more information is
gathered, the more accurate the more resistant it becomes in terms of false rejection
rate.

[18][19]

The above phases can also be broken up in
to the;

Enrolment phase



keystrokes are collected to form a profile.

Classification

user provides typing samples used to comparison.

Pros
(Typing
Rhythm
)



Very little change to existing infrastructure and no need for special hardware.



No training required



O
ffers 2
-
factor authentication (thus knowing user password is not enough to log in)



Difficult to share timing information with others via writing it down

44

|
P a g e




Forces system admin to make use of policies for password length of at least 8
characters since typing

rhythm cannot or is difficult to extract from short passwords.



Costs the least among other forms of biometrics
[18][19]

Cons

(Typing
Rhythm
)



A
ttacks may potentially be able to use a recorder to pick up the sound made
between key strokes and then from their

attempt to get the password through
traditional means.



False rejection rate may be high in the beginning causing some user frustration
when they are denied access.



The technology at large is not yet widely available yet. Thus limited to only a small
pool

of vendors that offer the technology. The only large commercial product suite
is BioPassword and it is limited to Windows systems
[18][19]

Ranking Based on Criteria


Category

Score

Reason




Number of security holes


7

Attacks may potentially be
able
to use a recorder to pick
up the sound made between
key strokes and then from
their attempt to get the
password through traditional
means.


Cost


10

No expensive hardware
needed.

Ease of Use


9

The only form of biometrics
that does not require training
45

|
P a g e


to use.

Increase in Security


7

Increased level of security
over password based
authentication.

Scalability


5

Limited support for other OS’s
潴Ue爠 WUen 坩PT潷o aW WUe
浯浥湴m

Practicality of
implementation and
modding

(How much change
to existing infrastructure is
needed)

10

No additional hardware
required. All performed
through software which is
easy to configure. Standard
keyboard serves as the
capture device.

Access and Availability

3

Very much a developing and
prototype technology with
limited suites.


Overall Score = 51

< 53


Future Outlook and Conclusion

For Biometrics



Without a doubt, biometrics is definitely a good approach to improving security within
the industry, but at the moment, most of the technologies review above either added too much
expensive extra hardware to make it a widespread replacement for passwords o
r,
are too
inaccurate and provide too many false rejection rates to be
productive

in the work
environment. The only exception that passed the comprehensive scoring system within this
paper was Finger Print biometrics, and while it still does have the dis
advantage of requiring
specialized scanners, it is very secure, unique, and accurate enough to replace password in the
near future providing they continue to be integrated into newer laptops and keyboards that a
developed.

In terms of what variation would

be best for a company to invest in (optical,
capacitance, ultra sonic) , I believe it would up to the compan
y in which their security needs will
come into play.

46

|
P a g e



Chapter 3:
Token Based Authentication

Introduction


Token based authentication is a growing

authentication solution that draws exclusively
on the “something you have” component in authentication security although it is common in
most token based systems to use one other additional component either the “something you
know” or “something you are”
component in a multi
-
layer authentication combination. The
token itself is usually in the form in a small physical key (although not always the case since
electronic tokens exist and will be touched on later), but it is usually some identifier that has
be
en issued by the system administrator for the purpose of authentication. (
Two
-
factor
authentication
). In a sense, the token rather hardware or software is in fact very much similar
to a ‘key’. Keys are used in the real world to open doors. If you do not

have a key or if you
don’t have the one that corresponds to the lock, you will not be granted access to the secured
content inside. The token is similar in the fact that it is used as a means to gain access to
protected data, and without it, access to th
is content is denied. The next few paragraphs will
be focused on the some of the various forms this technology can take shape, how they work,
and the practicality of implantation over other authenticating technologies, and while each
vendor implementation

of this technology implements token based authentication differently,
this paper would be discussing some of its more common iterations.
[23]

How does the Technology Work?


47

|
P a g e


Similar in a sense to biometrics in terms of options in that token based authentic
ation can
take many forms. The technology does not necessary have one methodology on how it
functions, but instead can be broken down and implemented in a vast array of configurations.
However, they do seem to share some common traits. First of all, the
y all make use of a token
in which is used as a means to prove who a user is. These tokens also all generally fit into one
of 3 categories.



Paper based tokens

A challenge response that can either take the form of a ‘one time
password’ or a ‘grid of codes’

the user enters in response to a challenge.



Soft tokens

This kind of token system use digital tokens found on the client machine
usually in the form of a cookie or some other specialized token application.



Hard token

A physical token the user possesses th
at is used for authentication. It
often takes the form of a specialized USB key with an encrypted digital signature on it or
a smartcard. Hardware tokens are what most people usually think of when they think of
token based security as a whole, is most li
kely the most secure of the 3 attributed to the
two factor authentication that comes with having something that is physical, and as
such will be the focus of this section.

Hardware Token Breakdown


Hardware tokens can be further broken down into three more

sub categories which is based on
how they connect to clients. They include;

Disconnected Tokens


48

|
P a g e


Token’s that don’t make any physical contact with its clients. Authentication is usually
randomly generated and entered manually. E.g. System A’s token gen
erates a randomly
generated single sign
-
on one time password on its LCD display and the user punches it in the
system during the authentication process.

[23]




Figure 3.0.0

Using one
-
time login generated from token to log into system
[2
7
]


Pros

(Disconnected Tokens)




Higher levels of security achieved through multi
-
level authentication



Save money on sophisticated token scanning devices



No wear and tear cause by swiping token against a reader, thus lowers costs of replacing
damaged tokens.


49

|
P a g e




Rando
mly generated one time passwords eliminate the risks and problems permitted
when users are given the power to come up with their own passwords.



Multi
-
factor authentication reduces the risk of compromises occurring due to lost or
stolen tokens.



Immune to re
ply attacks that plague Connectionless tokens



RSA encryption is added to reduce tampering



No sophisticated readers or scanner required



Many vendors to choose from
[23]

Cons

(Disconnected Tokens)




Users may lose their token and thus they will be denied
access to service until token is
reissued. You need dedicated department to manage tokens at all stages of the token
life cycle. (e.g. tokens can be lost/broken, new users need new tokens, people leave the
organization)



If the algorithm that generates th
e one
-
time password is compromised for a particular
vendor, hackers may be able to predict the next occurring one time password.



These tokens have an LCD display and thus requires a small watch battery. As such,
users need to replace the internal batter
y as needed or they may find themselves
denied to a service should the battery die. The life of the average life battery is 3 years.

[23]
[9]

Ranking Based on Criteria


Category

Score

Reason

50

|
P a g e





Number of security holes


9.5

There is a chance that an
attacker could somehow get a
hand on both the physical
token as well as the second