APPLICABLE ASPECTS OF AUTHENTICATION DATA PROTECTION
Journal: Cybersecurity: Education, Science, Technique (Vol.3, No. 3)Publication Date: 2019-03-28
Authors : Yurii Borsukovskyi. Victoria Borsukovska.;
Page : 42-52
Keywords : authentication data; cryptographic protection; encryption; access; policy; cyber security;
Abstract
This article covers the issues of applicable user`s authentication data protection at critical infrastructure objects. It considers the procedure for software and encryption facilities in order of application of organizational and technical methods to prevent loss of authentication data at critical infrastructure objects. The Article provides examples for use of open source software KeePass to create the protected and transparent in use of user`s authentication database. The Article provides the basic list of recommended extensions (plugins) for users. Considers the possibility of users` autonomous verification of their acting passwords on matching compromised passwords hash file HaveIBeenPwned. USB-carrier with hardware encryption is proposed for authentication database and ensures its mobility. Suggested provides the user with encrypted database to store the authentication data, and use the automatic procedure for authentication of applications and web-services, have few levels of software and hardware protection, which on one hand simplifies the use of authentication data in execution of applicable security policies and reduce the feasibility of its discreditation, and on the other hand increase the feasibility to block the abusive actions of third parties by means of multi-level protection system. Checked the ability for additional encryption of configuration file by means of runtime environment and ability to use the certificate which is stored at eToken. The provided model for procedure implementation combines the software and hardware encryption to protect the confidential authentication data. It considers the practical experience for creation of model procedures for confidential information protection to develop, implement and manage the modern policies of informational security related to cryptographic protection of authentication data at critical infrastructure objects.
Other Latest Articles
- THE IMPACT OF TEACHING TOPICAL STRUCTURE ANALYSIS ON WRITING PERFORMANCE OF TURKISH EFL SPEAKERS
- Incompatible Minor Crossmatch due to T-transformed red cells a case report
- MOODLE AS AN EXTENSIVE READING MECHANISM: A STUDY TO FACILITATE EXTENSIVE READING IN AN OMANI EFL CONTEXT
- UNDERSTANDING ETHNIC IDENTITY IN THE CONTEXT OF INTERNAL MIGRATION: A CASE STUDY OF UNIVERSITY STUDENTS OF ETHNIC MINORITY ORIGINS IN URBAN BANGLADESH
- IMPLEMENTATION OF OPEN CLASS AT FLIPPED CLASSROOM BASED ON INFORMATION TECHNOLOGY IN ISLAMIC STUDIES SUBJECT AT PHARMACY DEPARTMENT UII
Last modified: 2019-03-29 14:57:08