Sat Aug 30 13:01:55 PDT 2014

Control Architecture: Authentication: How are identities authenticated to support authorized access?


Options:

Authenticator:
- Z No authentication, anonymous
- Y No authentication, identified
- F Password (something they know)
- D Query/Response (something they can do)
- E Possession of a key (something they have - static)
- D Possession of another device (something they have - changing)
- D Physiological characteristics (something they are)
- C Something they know or can do AND something they have
- C Something they know or can do AND something they are
- B Something they know or can do AND something they are AND something they have

Location:
- A Within device
- B Physical at console
- C Local console switch
- D Local only switched connection
- E LAN
- F Local radio link
- G Remote over closed infrastructure
- H Remote over open infrastructure

Connection:
- C Links
- B Encrypted links
- A Authenticated encrypted links

Updates and changes:
- 0 Never update or change
- 1 Update or change when there is a specific reason to do so
- 2 Update or change at convenient system changeover times
- 3 Update or change at regular intervals


Decisions:

Repetitions of different factors at different points based on location, connection, and risk are the most appropriate authentication approach. A rating is comprised of the sequence of {Authenticator [change] x Location x Connection [change]} and minimum ratings based on risk level are advised. From any minimum rating, any element can be higher rated and still satisfy the need, but no element can be lower unless it dominates a different rating for the same risk level. The [change] field provides change strategy for the relevant element in the particular situation (i.e., authenticator change after the first element and connection change after the 3rd element)
Risk Minimum Ratings
High C1BC / C1EB3
Med C1EC / F1HA123 / C1GB1
Low ZHC
Authentication process minimums

Basis:

Authenticators:

- Z No authentication, anonymous:
This is common for remote access to Web pages and other similar things.

- Y No authentication, identified:
This is used for tracking purposes only - such as the use of cookies for tracking behavioral patterns without necessarily tracking identity.

- F Password (something they know):
Passwords are the most commonly used authentication approach and will likely remain so for the indefinite future because of their extreme ease of use by people and universal compatibility.

- D Query/Response (something they can do):
This is a process in which a set of passwords, or the equivalent thereof, are associated with queries and the user demonstrates their ability to do something in order to authenticate themselves. In more advanced cases they may be things like the ability to compose music of a genre on the spot, to computer a formulaic response in time, or answers to questions with pre-defined answers - such as mother's maiden name. It also encompasses typing characteristics and other similar indicators.

- E Possession of a key (something they have - static):
Door keys or other similar mechanisms are commonly used for entry and access.

- D Possession of another device (something they have - changing):
This includes time variant mechanisms, electronic query response systems, one-time passwords, and so forth.

- D Physiological characteristics (something they are):
This includes retinal prints, facial recognition, infrared facial recognition, fingerprints, hand geometry measurements, DNA samples, and so forth. It also includes things like color blindness, trained responses, and other similar mechanisms.

- C Something they know or can do AND something they have:
This is a combination of two other factors.

- C Something they know or can do AND something they are:
This is a combination of two other factors.

- B Something they know or can do AND something they are AND something they have:
This includes personal authentication by someone who knows the individual engaging in some level of communications as well as a variety of combinations of devices and other similar things.

Location:

- A Within device:
This includes forensic examination of a device and other mechanisms based on presence inside a physical system or facility.

- B Physical at console:
This is presence at the directly connected device intended to control the mechanism locally.

- C Local console switch:
This includes switching devices that allow connection to multiple devices and switching between them, but does not include LAN-based console devices.

- D Local only switched connection:
This includes local telephone lines on the same PBX, a local only switched network, or other similar devices.

- E LAN:
A local area network that extends only to the physical facility and may be connected through a gateway to other networks.

- F Local radio link:
This includes infrared, bluetooth, and other similar limited radius devices.

- G Remote over closed infrastructure:
This includes a wide variety of technologies such as campus-wide networks, lease lines, remote telephonic connections, and so forth.

- H Remote over open infrastructure.:
This includes the Internet and all variations thereupon.

Connection:

- C Links:
This is any connection without protective mechanisms.

- B Encrypted links:
This is a connection that is encrypted but not authenticated, such as an SSL link or an SSL session without a password. It also includes carrier encrypted tunnels and other similar mechanisms.

- A Authenticated encrypted links:
This includes encrypted links that are also authenticates so that the remote machine, facility, or device is authenticated and the traffic encrypted.

Changes and updates:

Changes are generally made to password-based and token-based authentication mechanisms and keys for encryption systems.

For passwords:

For tokens

For encryption keys

For encryption and token systems

Copyright(c) Fred Cohen, 1988-2012 - All Rights Reserved