Page 73 - DCAP516_COMPUTER_SECURITY
P. 73
Unit 6: User Authentication
Self Assessment Notes
Fill in the blanks:
7. ..................... means that users are who they claim to be.
8. The full form of PIN is .....................
9. The full form of GPS is .....................
10. ..................... policies are needed to govern how the authentication methods interoperate.
6.7 Future of User Authentication
Today, increased spending on user authentication methods is an imperfect solution to solving
the enterprise authentication problem. More user authentication creates complex new
management issues to make efficient use of the authentication investment. New authentication
management solutions are required to harness authentication methods and deliver stronger
security at a predictable and reduced cost.
The new generation of authentication management capability, just now entering the marketplace,
will simplify and automate the operation and deployment of complex, large-scale, multi-factor
authentication networks. The new user authentication management tools will arbitrate between
users and devices, the authentication methods being used, and the information resources and
applications being accessed.
A probable new approach will be artificial intelligence tools embedded within an authentication
policy engine. These tools will evaluate for patterns of fraud during each user authentication
request. Authentication attempts with a high probability of fraud might trigger an alert to an
intrusion detection system. The user authentication manager would dynamically establish an
access control threshold, based on the nature of threats to an information resource, and
automatically select the best available authentication methods for accessing the requested
information resource.
A major barrier to strong user authentication in e-commerce is the false reject – rejecting the
authentication attempt of a valid user. This will be overcome through use of intelligent software
that senses when a valid user is having trouble authenticating. This user-friendly approach will
help the valid user retry a failed method or will substitute an alternative.
The capabilities of the new automated user authentication systems will create a market for
authentication portals. These authentication portals will be embedded in the information
infrastructure of Application Service Providers (ASPs) to offer very granular user authentication
for accessing critical information resources. This method overcomes a prime concern-the
perceived lack of security-when engaging many types of outsourced application services.
Other user authentication portals will offer specific and tuned authentication services for a
broad mix of e-commerce. After filling a shopping basket and entering a credit card number, the
online consumer will be vectored to an authentication portal to verify the consumer’s identity
and authority to make the requested transaction with the offered credit card.
Perhaps the ideal solution for user authentication is offered by converged voice and data networks,
as voice telephony services on circuit-switched networks are declining as they migrate to peer-
to-peer packet-switched IP networks. In this scenario, not too far in the future, telephone numbers
will be obsolete. Telephone numbers are a requirement of the circuit-switched network,
representing a fixed hardware port assignment conveniently used for billing and various types
of class of service decisions.
LOVELY PROFESSIONAL UNIVERSITY 67
