<http://lib.cnfolio.com/AuthenticationTechTutorial04>
Authentication Methods and Protocols

Authentication methods and analysis




READING BEFORE TUTORIAL



TUTORIAL QUESTIONS
  1. Which stages of an authentication transaction affect individual privacy?
  2. Which are some best practices for authentication systems to reduce impact on individual privacy?
  3. Analysis of authentication systems require a common framework. What are the relationships, sub-categories and examples of the following terms?
    • Vulnerability
    • Attack
    • Adversary
    • Threat
    • Countermeasure
  4. What is the primary reason for using multifactor authentication systems?
  5. There are 3 broad categories of authentication infrastructure models: decentralized, centralized and federated. Compare the models for:
    • Initialization
    • Performance
    • Renewal
    • Privacy
    • Costs
    • Threats
  6. Explain how entity authentication protocols support the following applications:
    • Evidence of origin
    • Data integrity
    • Non-repudiation
  7. One theory of human security suggests that "the individual is the primary object of security". What are the implications with regard to:
    • Responsibility for personal identity
    • Criminal punishment and personal identity
    • Globalization and proliferation of personal identities
    • Ownership of personal medical information




TUTORIAL NOTES

Impact of authentication on privacy


Threat model


Threat adversaries


Multifactor authentication


Authentication modes


Authentication architectures and comparisons