- Operating Systems Course
- Operating System Tutorial
- History of Operating System
- Personal Computer OS
- OS Processes
- OS Process Model
- OS Process Creation
- OS Deadlocks
- OS Deadlock Recovery
- OS Two-Phase Locking
- OS Memory Management
- OS Mono programming
- OS Shared Pages
- Operating System Input/Output
- OS Input/Output Devices
- OS Input/Output Software Layers
- OS Disk Hardware
- OS Files
- OS File Naming
- OS File Types
- OS Hierarchical Directory System
- OS Directory Operations
- OS File Operations
- Multimedia Operating System
- OS Multiprocessors
- Operating System Security
- OS User Authentication
- OS Trap Doors
- OS Viruses
User Authentication in Operating System
The user authentication process is used just to identify who the owner is or who the identified person is. On a personal computer, generally, user authentication can be performed using a password.
When a computer user wants to log into a computer system, the operating system (OS) installed on that computer system generally wants to determine or check who the user is. This process is called "user authentication."
It is sometimes critical to authenticate the user because the computer system may contain sensitive information about the owner.
Most methods of authenticating computer users when they attempt or attempt to log into the system are based on one of the three principles listed below:
- Something the user is aware of
- Something that the user possesses
- Something is wrong, the user.
That computer users who want to cause trouble on a specific computer system must first log in, which means getting past whatever authentication method or procedure is in place. Those computer users are called hackers.
Basically, "hacker" is a term of honour that is reserved for or given to a great computer programmer, as a normal computer user or programmer can't get access into anyone's system without permission.
The user can be authenticated in one of the following ways:
- User authentication using a password
- User authentication using a physical object
- User authentication using biometrics
- User authentication using countermeasures
Now let's talk briefly about all the above authentication processes one by one.
User Authentication using Password
The most common method of authenticating a user is through the use of a password. The user who is going to authenticate must type their login name or ID and login password in this method of password authentication.
Using the user's password to authenticate them is a simple method that is also simple to implement.
The simplest implementation of user authentication using the password method is to keep a central list of pairs.
The login name typed in is looked up in the list, and the typed password is then compared to the stored password in this method.
If both the login and password match, the login is permitted, or the user has been successfully authenticated and authorized to log into that system. If no match is found, the login error is detected.
How to Improve Password Security ?
Here are four basic and widely used password security methods:
- Passwords should be at least eight characters long.
- Upper- and lower-case letters should be used in passwords.
- At least one digit and one special character should be included in a password.
- Don't use dictionary words or well-known names like stick, mouth, sun, Albert, and so on.
What exactly is a one-time password (OTP)?
One-Time Password (OTP) is the most extreme form of password changing.
One-time passwords are extremely safe to use.
When using OTPs, the user receives a book containing a long list of passwords. The next password in the list is used for each login. As a result, if an intruder discovers the password, it is useless to him because a different password must be used the next time.
User Authentication using Physical Object
A physical object can be used to authenticate the user as a second option. In this context, "physical object" could refer to the bank's Automated Teller Machine (ATM) card or any other plastic card used for authentication.
To authenticate the user, the user inserts a plastic card into a reader attached to the terminal or computer system.
To prevent someone from using a lost or stolen card, the user must generally not only insert the physical card used to authenticate himself/herself, but also type in a password.
User Authentication using Biometric
The third authentication method is biometric user authentication. This method measures the user's physical characteristics, which are extremely difficult to forge. These are known as biometrics.
User authentication using biometrics—for example, a fingerprint, voiceprint, or retina scan reader in the terminal—could verify the user's identity.
The typical biometric system consists of two components:
Now, let's take a quick look at the two components of the biometric system mentioned above.
Enrolment
The user's characteristics are measured and digitized during enrollment in a biometric system. Then, significant features are extracted and stored in the user's record.
The record can be kept or stored in a central or main database, or it can be stored on a smart card that the user carries with them and inserts into a remote reader, such as an ATM machine.
Identification
During identification, the user appears and enters a login name or ID. Once again, the system performs the measurement. If the new values match the ones sampled during enrollment, the login is accepted; otherwise, the login attempt is rejected.
User Authentication using Countermeasure
The countermeasure method of user authentication is used to make unauthorized access much more difficult.
For example, a company may have a policy that requires employees in the Computer Science (CS) department to log in only after 10 a.m. to 4 p.m., Monday through Saturday, and only from a CS department machine connected to the company's local area network (LAN).
Any attempt by a CS department employee to log in at the incorrect time or from the incorrect location will now be treated as an attempted break-in and log-in failure.
« Previous Topic Next Topic »