主題: 如何加強密碼的保安
主題內容:
Authentication is a process to authenticate and ensure that a person or computer is who or what is allowed to to access a secured network or data. The user ID and password is the common authentication method for a network. They can be set at many levels such as the hardware, operating systems, application softwares and files folders etc.
To prevent people from falsifying their identities and complete transactions such as purchasing and contract without a pen, digital certificates are created. A digital certificate is a digital signature that verifies the sender’s identity. It is a binary file that contains identifying information about the owner. It may be stored in hard drive or PCMCIA card etc. It also may secure the e-mails.
To constitue a good password, it should be composed with a mixture of upper case, lower case letters, numbers and even symbols such as #, %. This password should not be meaningful and logical. It also should be more than 8 digits.
The Kerberos system was developed to solve the security problem of distributed applications. It assumes the clients from workstations are not trusted and requests them to use their ID whenever they need a service. Kerberos architecture consists of three key components: Kerberos client software, Kerberos authentication server software, and Kerberos application server software. The Kerberos system is a third-party authentication scheme that implies the authentication process is performed by an external server. The client workstation must be authenticated by Kerberos Authentication Server before access to the application server. The authentication server provides the password storage and interacts with the client to authenticate the user. This interaction includes providing an entry-granting ticket to the client. Then the client uses the entry-granting ticket to obtain a service-granting ticket from the Ticket Granting Server. After that, the client is a legitimate user with the ticket.
微軟教導如何建立更安全的密碼網址:http://www.microsoft.com/athome/security/privacy/password.mspx
|