CS458 Lecture Notes - Lecture 3: Trusted Operating System, Multi-Factor Authentication, Password Strength

Protected objects: cpu, memory, i/o devices (disks, printers, keyboards,, programs, data, networks, os. Protection techniques: tagged architecture, each memory word has one or more extra bits that identify access rights to word, very exible, large overhead, di cult to port os from/to other hardware architectures, segmentation, paging. Each le lists its owner, a group and a third entry representing all other users. For each class, there is a separate set of rights. Combined usage of acls and cap: in some scenarios, it makes sense to use both. Atm card: token ( fob ) displays number that changes over time and that needs to be entered for authentication, sms message. Attacks on passwords: shoulder sur ng, keystroke logging, interface illusions / phishing, password re-use across sites, password guessing. Defending against attacks: don"t use a standard cryptographic hash (like. 2013: in november 2013, 130 million encrypted passwords for adobe accounts were revealed, the encryption mechanism was the following: