FREE Trial

Authentication Network and application managers need to know who is accessing their systems to determine appropriate access

Question:

Authentication Network and application managers need to know who is accessing their systems to determine appropriate access levels. Typically, they require that users create secret passwords. A secret password, known only to the user, allows an administrator to feel confident that a user is who the user says he or she is. Systems administrators even have the authority to determine the characteristics of passwords. For example, they may set a minimum length and require that a password include numbers, symbols, or mixed letter case. They may also require that a user change his or her password every few weeks or months. These approaches have numerous problems:
• Users often forget complicated or frequently changing passwords, resulting in frequent calls to a help desk. The help-desk employee then faces the burden of identifying the employee by some other means and resetting the password. This process takes time and is subject to social engineering.
• Users may write down their passwords. However, this leaves passwords subject to discovery and theft.
• Users often pick the same password for many different accounts, which means that someone who discovers one of these passwords then has the “keys” to all the accounts.
• Users may pick an easy-to-remember password, which is easy to anticipate and therefore easy to guess. Password-cracking programs cycle through entire dictionaries of English language words and common word/number combinations such as “smart1” or “2smart4U.”
• Users may give away their passwords over the phone (social engineering) or via e-mail (phishing, a type of social engineering) to individuals representing themselves as a system administrator. Perhaps you have already received e-mails purportedly from a financial institution claiming identity or account difficulties and asking you to “reconfirm” your account information on their authentic-looking Web site. As you can see, using passwords to identify a person is fraught with problems. Here are some alternatives to explore. Look up each authentication approach listed below on the Internet, describe the method in your own words (be sure to cite your sources), and briefly list the advantages and disadvantages.
a. Biometrics (biological measuring)
b. Smart cards
c. Biochips
Fantastic news! We've Found the answer you've been seeking!

Step by Step Answer:

Answer rating: 46% (13 reviews)

a Biometrics biological measuring Biometrics involves measuring an immutable and unique physical trait and using these measures to identify an individual This process requires that a person has previo...View the full answer


answer-question-section
Answered By
tutor-profile-image
Milan Mondal
I am milan mondal have done my Msc in physics (special astrophysics and relativity) from the University of burdwan and Bed in physical science from the same University. From 2018 I am working as pgt physics teacher in kendriya vidyalaya no2 kharagpur ,west bengal. And also I am doing advanced physics expert in chegg.com .also I teach Bsc physics . I love to teach physics and acience. If you give me a chance I will give my best to you.
5.00+ 4+ Reviews 10+ Question Solved
Related Book For  book-img-for-question
Management information systems

Management information systems

ISBN: 978-0073376813

10th edition

Authors: James A. O Brien, George M. Marakas

See More Books
Question Posted:
See More Questions

Students also viewed these Computer Sciences questions

Aviation Maintenance Technician Powerplant 2nd Edition - ISBN: 1560275472 - Free Book