Your analysis has found that many of the problems are associated with weak acces

Question

Your analysis has found that many of the problems are associated with weak access authentication mechanisms inherent in the devices because of the need for medical professionals to gain access to the machines (and systems they connect to) without undue burden in stressful and time sensitive situations. Another aspect of the problem is a need to be able to attribute modifications and changes to the individual’s making them to assure changes are monitored and access is limited to appropriate individuals i.e. the janitor shouldn’t be capable of giving you an extra shot of morphine. The sharing of passwords has become commonplace and of great concern so your boss wants you to explore token-based and biometric authentication and prepare an executive summary of your findings and recommendation

Explanation / Answer

Authentication means Positive verification of identity(man or machine also). Verification of a person’s claimed identity.

Token-based authentication is a security technique that authenticates the users who attempt to log in to a server, a network, or some other secure system, using a security token provided by the server.An authentication is successful if a user can prove to a server that he or she is a valid user by passing a security token. The service validates the security token and processes the user request.After the token is validated by the service, it is used to establish the security context for the client, so the service can make authorization decisions or audit activity for successive user requests.Token-based authentication is stateless. We are not storing any information about our user on the server or in a session.

Biometric authentication is a technique that relies on the unique biological characteristics of an individual to verify that he is who is says he is.

example: Retina Scan, Iris Recognization, Facial ID etc

Recommendations
1.If you are designing a system where it is critical that the person gaining access is the authorized person, or where security against repudiation is desired, then biometrics is a reasonable choice.

2.If you need to remember multiple passwords, a single sign-on approach is convenient. One option is a token that stores or generates multiple passcodes in a secure manner and is accessed via a single password.

Sources:

1.http://stackoverflow.com/questions/1592534/what-is-token-based-authentication

2.http://www.nikacp.com/images/10.1.1.200.3888.pdf

3.http://searchsecurity.techtarget.com/definition/biometric-authentication

Points Token Based Authentication biometric based authentication Support Authentication
by Possession

Uniqueness and
personalization

Security Defense Closely held
Forge-resistant

Security Drawback:

Insecure if lost

Difficult to
replace

Example Metal key

Driver’s license

Host
Attack

Passcode theft

Template theft

Client
Attack

Exhaustive search

False match

Related Questions

Navigate

• Browse (All)
• Browse Y
• Subjects

---

---

Integrity-first tutoring: explanations and feedback only — we do not complete graded work. Learn more.