We can use manymethods to restrict and protect data without effecting for one who requireaccess.Here am mentioning about the Authentication for protectingthe data.Authentication refers to the task ofverifying the identity of a person/software connecting to an application.Authentication is used for restricting data access to authorized users,ensuring data modification by authorized users, ensuring availability of datato authorised persons, and conclusivelytracing an action of an individual. The most primary form of data security isthe user authentication.
Users can be authenticated in many ways 1. Password2. Smartcard/token3. Biometrics4. PIN– enabled bank card5. Attribute6. Location-basedauthentication7.
Views Password:· Passwords are the most common method of usingconfidential knowledge to authenticate users and the most traditional method ofsecuring a system. They are convenient for most users and easily understoodbecause of their widespread usage.· However, authenticating users by password alonecan have drawbacks. Users often choose a simple password (for example, a wordfrom the dictionary) so that they can remember it. Simple passwords limit thepassword choices available to users; therefore, they are easier to guess.
Youcan lessen this problem by implementing advanced rules for passwords in yourorganization. For example, you can require that a password be a certain length,include capital letters, numbers, or characters, and that it be changed on aregular basis either by the user or automatically. Unfortunately, as passwordsare made more complex, the likelihood that a user will write down a passwordincreases; thus, making possession of the written password enough to gainaccess to the system.
· Passwords can be stolen by shoulder sniffing ornetwork traffic, by tricking users into revealing their passwords, byguesswork, or even by spying on users as they type (often easily done fromremote locations, such as from a nearby building).· Users may employ a single username or passwordcombinations, to avoid memorizing multiple user name/password combinations tolong on multiple accounts or systems. However, exposure of the user name andpassword on one system can then compromise the security of other systems.
Although passwords can be one of the least expensiveuser-authentication methods to deploy, the administrative costs can be high inthe long run, leading system administrators to look into other methods toreduce total cost of ownership.Smartcard/token· The user presents a token that remains in theirpossession (something they have), such as a smart card or a key.· A stronger way to authenticate users is to providethem with hardware tokens that contain the secrets required for authentication.Smart cards are an emerging authentication technology for large enterprisesthat require users to present a physical object (the smart card) that containstheir identities and a PIN, creating two-factor authentication.
· A smart card is a credit card-sized hardware tokenthat must be physically carried by the user. The user inserts the smart cardinto a card reader at the client computer, and then enters the required PIN toaccess the stored identity and start the authentication process.· Smart cards come in two basic varieties: memory andmicroprocessor. Memory cards simply store data and can be viewed as a smallfloppy disk with security. During logon, the user provides a PIN to the cardand, if the PIN is correct, the card provides the password required forauthentication to the system. Memory cards are a cost-effective and popularmethod of providing two-factor authentication because they prove the physicalpresence of the user token and securely store the password requiredfor authentication during logon.· The chip on a microprocessor card securely storesthe user’s public key certificate and private key for use with public key infrastructure(PKI), a system of digital certificates, certification authorities, and otherregistration authorities that authenticates the user to the network (and thenetwork to the user) through the use of public key cryptography. The chip alsoprocesses information during authentication so that security-criticalcomputations for authentication are restricted to the smart card, makingidentity interception very difficult and preventing masquerading and datamanipulation.
· A microprocessor card can also dedicate additionalprocessing power to serve applications besides authentication. Biometrics· The user presents a personal physical attribute(something they are), such as a fingerprint· Biometric authentication is an automatic methodthat identifies a user or verifies their identity based upon the measurement ofhis or her unique physiological traits or behavioral characteristics.Ø FingerprintScan: This biometric system’s strengths are its acceptance, convenience,reliability, and price; however, it is one of the easiest physiologically basedbiometrics to defeat.Ø FacialRecognition: This biometric system is most suitable for identification scenarios innon-cooperative settings, such as large venues, airports, and so on. Thetechnology has not developed the accuracy required for authenticating a user.Ø RetinalScan/Iris Scan; This biometric system is more intrusive than other methods. Healthinformation about the user can be revealed during the scanning process anddiseases of the eye can alter the results over time.
Ø Hand Geometry: This biometricsystem requires fewer data points to yield good authentication results;therefore, the storage space requirements are smaller than other biometricauthentication procedures, speeding up retrieval time. However, the it becamehigh False Match Rate (FMR) because hands are not as unique as fingerprints.