Update for 02-02-22 14:30
This commit is contained in:
parent
8be07a566b
commit
3f68debd82
31
tech/digital_authentication.wiki
Normal file
31
tech/digital_authentication.wiki
Normal file
@ -0,0 +1,31 @@
|
||||
= digital authentication =
|
||||
|
||||
Establish confidence in user ID in an electronic system
|
||||
|
||||
== requirements ==
|
||||
|
||||
* ID system users, process, etc
|
||||
* Authenticate the ID of those users, processes etc
|
||||
|
||||
Derived requirements from this,
|
||||
|
||||
* use multi factor authentication
|
||||
* be replay resistant
|
||||
* prevent reuse of IDs for a defined period
|
||||
* disable ID after some period of inactivity
|
||||
* enforce a minimum complexity for passwords
|
||||
* prohibit passwords for a specific amount of time
|
||||
* store and transmit only cryptographically protected passwords
|
||||
* Obscure feedback from authentication
|
||||
* IE don't say "wrong password" or "user does not exist"
|
||||
|
||||
== means of authentication ==
|
||||
|
||||
* password/pin
|
||||
* physical token (IE smart card)
|
||||
* static biometrics (IE finger/face)
|
||||
|
||||
|
||||
|
||||
|
||||
|
@ -26,9 +26,10 @@ Hiding information
|
||||
* [[DSS]]
|
||||
* [[Eliptic_Curve]]
|
||||
|
||||
=== [[Signatures]] ===
|
||||
=== [[Signatures]] and User auth ===
|
||||
|
||||
* [[Signatures]]
|
||||
* [[digital_authentication]]
|
||||
|
||||
=== Misc ===
|
||||
|
||||
|
Loading…
Reference in New Issue
Block a user