Cybersecurity is a critical concern for individuals and for organizations of all types and sizes. Authentication and access control are the first line of defense to help protect you from being attacked. This book begins with the theoretical background of cryptography and the foundations of authentication technologies and attack mechanisms. You will learn about the mechanisms that are available to protect computer networks, systems, applications, and general digital technologies. Different methods of authentication are covered, including the most commonly used schemes in password protection: two-factor authentication and multi-factor authentication. You will learn how to securely store passwords to reduce the risk of compromise. Biometric authentication—a mechanism that has gained popularity over recent years—is covered, including its strengths and weaknesses. Authentication and Access Control explains the types of errors that lead to vulnerabilities in authentication mechanisms. To avoid these mistakes, the book explains the essential principles for designing and implementing authentication schemes you can use in real-world situations. Current and future trends in authentication technologies are reviewed. What You Will Learn:
• Understand the basic principles of cryptography before digging into the details of authentication mechanisms
• Be familiar with the theories behind password generation and the different types of passwords, including graphical and grid-based passwords
• Be aware of the problems associated with the use of biometrics, especially with establishing a suitable level of biometric matching or the biometric threshold value
• Study examples of multi-factor authentication protocols and be clear on the principles
• Know how to establish authentication and how key establishment processes work together despite their differences
• Be well versed on the current standards for interoperability and compatibility
• Consider future authentication technologies to solve today's problems

Who This Book Is For: Cybersecurity practitioners and professionals, researchers, and lecturers, as well as undergraduate and postgraduate students looking for supplementary information to expand their knowledge on authentication mechanisms

网络安全是个人以及各种类型和规模的组织的一个重要关切。认证和访问控制是帮助保护你不被攻击的第一道防线。本书首先介绍了密码学的理论背景和认证技术及攻击机制的基础。你将了解到可用于保护计算机网络、系统、应用程序和一般数字技术的机制。涉及不同的认证方法，包括密码保护中最常用的方案：双因素认证和多因素认证。你将学习如何安全地存储密码以减少泄露的风险。涵盖了生物识别认证--一种近年来越来越受欢迎的机制，包括其优势和劣势。认证和访问控制》解释了导致认证机制漏洞的错误类型。为了避免这些错误，本书解释了设计和实施认证方案的基本原则，你可以在现实世界中使用。书中还回顾了认证技术的当前和未来趋势。你将学到什么？

- 在深入研究认证机制的细节之前，了解密码学的基本原理

- 熟悉密码生成背后的理论和不同类型的密码，包括图形和基于网格的密码

- 意识到与使用生物识别技术相关的问题，特别是建立一个合适的生物识别匹配水平或生物识别阈值的问题

- 研究多因素认证协议的例子，清楚其原理

- 知道如何建立认证，以及尽管有差异，但关键的建立过程是如何协同工作的

- 熟练掌握当前的互操作性和兼容性的标准

- 考虑未来的认证技术来解决今天的问题

本书适用对象。网络安全从业人员和专业人士、研究人员和讲师，以及寻找补充信息以扩展其认证机制知识的本科生和研究生