Deck 3: User Authentication

In a biometric scheme some physical characteristic of the individual is
mapped into a digital representation.

Depending on the application,user authentication on a biometric
system involves either verification or identification.

Identifiers should be assigned carefully because authenticated
identities are the basis for other security services.

Keylogging is a form of host attack.

A smart card contains an entire microprocessor.

Identification is the means of establishing the validity of a claimed
identity provided by a user.

Memory cards store and process data.

An individual's signature is not unique enough to use in biometric
applications.

User authentication is the fundamental building block and the primary
line of defense.

User authentication is a procedure that allows communicating parties to
verify that the contents of a received message have not been altered and that the source is authentic.

Enrollment creates an association between a user and the user's
biometric characteristics.

A good technique for choosing a password is to use the first letter of
each word of a phrase.

A token is the best means of authentication because it cannot be forged
or stolen by an adversary.

User authentication is the basis for most types of access control and for
user accountability.

A __________ is a separate file from the user IDs where hashed passwords are kept.

Authentication protocols used with smart tokens can be classified into three categories: static,dynamic password generator,and ___________.

A host generated random number is often called a __________.

Voice pattern,handwriting characteristics,and typing rhythm are examples of __________ biometrics.

Objects that a user possesses for the purpose of user authentication are called ______.

The technique for developing an effective and efficient proactive password checker based on rejecting words on a list is based on the use of a __________ filter.

With the __________ strategy a user is allowed to select their own password,but the system checks to see if the password is allowable.

The __________ is the pattern formed by veins beneath the retinal surface.

A __________ authentication system attempts to authenticate an individual based on his or her unique physical characteristics.

An authentication process consists of the _________ step and the verification step.

__________,in the context of passwords,refers to an adversary's attempt to learn the password by observing the user,finding a written copy of the password,or some similar attack that involves the physical proximity of user and adversary.

A __________ attack attempts to disable a user authentication service by flooding the service with numerous authentication attempts.

The __________ step is presenting or generating authentication information that corroborates the binding between the entity and the identifier.

A __________ is an individual to whom a debit card is issued.

In a __________ attack,an application or physical device masquerades as an authentic application or device for the purpose of capturing a user password,passcode,or biometric.