The ability to identify users and
computers is vital to network security.
Authentications comes in many forms; simple passwords,
smart cards and tokens to biometrics (the use of
fingerprints, retina scans or voice recognition) to
identify users. Rights to system files, directories
and other resources are typically assigned by the
administrators of the network and it is up to the
authentication of the user to grant or deny access to
those resources.
Why is it
important to use strong authentication?
Strong authentication such as complex
passwords containing alphanumeric with symbols is the
basic form of strong passwords but makes it difficult
for users to remember passwords. This can actually
weaken security since users will sometimes resort to
writing down these strong passwords and not keep them
secure.
Smart cards and tokens are known as
two-factor authentication. Two factor authentication
is "something you have" and "something you know". Your
bank ATM card is a form of two factor authentication,
you have a physical card to insert into the ATM and a
PIN number that you key into a keypad which combined
with your card grants you access to your funds. While
this is stronger than passwords nothing stops someone
from giving your Smart Card and PIN number to another
person and this person gaining access to systems.
Token authentication involves
typically a card or keychain device (something you
have) with alphanumeric displays that change on a set
time interval. Sometimes called "one time password
generators" these generated numbers combined with your
PIN (something you know) authenticate you to the
network system.
Biometrics use human traits; retina
patterns, fingerprints, voice recognition to identify
users attempting to access resources. The ability to
log into a network using fingerprints (how often do
you leave home without your fingers) has helped reduce
administrative costs associated with having to
implement strong authentication. Help desk calls are
reduced because a user returning from vacation may
have forgotten their password but generally didn't
forget their fingers. What was once an expensive,
futuristic concept is actually very affordable (~$100)
and more and more notebook manufacturers are
integrating fingerprint readers into their products.
With
new legislation some companies are required to be able
to identify the user accessing resources. HIPAA for
example requires unique identification for access to
patient health records.
