PRACTICE - ACCESS Control
Home > Preview
The flashcards below were created by user
on FreezingBlue Flashcards.
Radius - open protocol - de facto of Internet
TACACS - cisco - proprietary protocol
- Cognative password - user asked several questions - don't
- need to remember one password
Virtual Password is the length and format that is required by the application. could be used as the key in an algorithm
simplest technolgy and least secure - single
sign-on - scripting
- more diverse centralized access control administration than RADIUS and TACAS+
- supports PPPP, sLIP ...
Kerberos - not proprietary
- Kerberos - user enters credentials and obtains a TGT
- timestamp that makes it valid for 8 hours
- Kerberos client sends the TGT to the TGS which creates a second ticket.
- His ticket is used by the user to authenticate to the network resource
Kerberos - users sends authentication information to Authentication Service (AS)
AS creates a ticket granting ticket (TGT). which is encrypted with the user's secret key.
The TGT is used to communicate to THE ticket granting service (TGS)
TGS creates a ticket that contains two instances of the same session key that is encrypted with the individual principal's secret keys.
It is the second ticket that allows the 2 principals to obtain their session keys
Synchronous token device
asynchronous token device
- Synchronous token device - driven by time or events to authenticate users
- asynchronous token device uses a challenge-based mechanismduring authentication
Salt - random value that is added during enryptinog process on non-windows systems.
Home > Flashcards > Print Preview