▶ 12.5 Network Authentication
There are different techniques to authenticate people. In general, the user logs in using a personal secret. The secret might be used directly, like a typed password, or it might be encoded in either a token or a fingerprint’s pattern. There are also implications in choosing one or another technique for household or business purposes. (See Chapter 6.)
Network authentication poses a new set of problems:
■ Eavesdropping. Attackers can sniff credentials that pass unprotected across a network.
■ Multiple servers. We need to use multiple servers: Can we use the same authentication credentials for all of them?
■ Credential updates. We should be able to change base secrets like passwords or public keys and to ...
Get Elementary Information Security, 3rd Edition now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
