Prerequisite – Authentication and Authorization
Authentication is the process of verifying the identity of user or information. User authentication is the process of verifying the identity of user when that user logs into a computer system.
The main objective of authentication is to allow authorized users to access the computer and to deny access to the unauthorized users. Operating Systems generally identifies/authenticates users using following 3 ways : Passwords, Physical identification, and Biometrics. These are explained as following below.
- Passwords :
Passwords verification is the most popular and commonly used authentication technique. A password is a secret text that is supposed to be known only to a user. In password based system, each user is assigned a valid username and password by the system administrator.
System stores all username and Passwords. When a user logs in, its user name and password is verified by comparing it with stored login name and password. If the contents are same then the user is allowed to access the system otherwise it is rejected.
- Physical Identification :
This technique include machine readable badges(symbols), card or smart cards. In some companies, badges are required for employees to gain access to the organization’s gate. In many system, identification is combined with the use of password i.e the user must insert the card and then supply his /her password. This kind of authentication is commonly used with ATM. Smart card can enhance this scheme by keeping the user password within the card itself. This allow the authentication without storage of password in the computer system. The loss of such card can be dangerous.
- Biometrics :
This method of authentication is based on the unique biological characteristics of each user such as finger prints, voice or face recognition, signatures and eyes.
Biometric devices often consist of –
- A scanner or other devices to gather the necessary data about user.
- Software to convert the data into a form that can be compared and stored.
- A database that stores information for all authorized users.
A number of different types of physical characteristics are –
- Facial Characteristics –
Humans are differentiated on the basis of facial characteristics such as eyes, nose, lips, eyebrows and chin shape.
- Fingerprints –
Fingerprints are believed to he unique across the entire human population.
- Hand Geometry –
Hand geometry systems identify features of hand that includes shape, length and width of fingers.
- Retinal pattern –
It is concerned with the detailed structure of the eye.
- Signature –
Every individual has a unique style of handwriting, and this feature is reflected in the signatures of a person.
- Voice –
This method records the frequency pattern of the voice of an individual speaker.
One Time passwords :
One-time passwords provide additional security along with normal authentication. In One-Time Password system, a unique password is required every time user tries to login into the system. Once a one-time password is used, then it cannot be used again. One-time password are implemented in various ways. Some commercial applications send one-time passwords to user on registered mobile/ email which is required to be entered prior to login.