Clear up the Confusion: Authentication vs. Authorization
This article attempts to clear up the confusion between Authentication and Authorization. They often seem to occur together and seamlessly on a Windows network, but they must be managed separately.
Authentication is the process of validating an authentication challenge, such as a username and password combination. When a user is presented with a login dialog box (authentication challenge), the response is sent to the authentication service for review. Once the credentials are verified as correct, the authentication process is complete.
Authorization is the process of checking an authenticated user or system against a list of authorized users and computers. An example would be if a user in sales tries to access a payroll share. The authentication process would be successful, but would fail on the authorization process since the user does not have the permission to access that resource. This is where Access Control Lists (ACL) are applied.
Top 5 Attack Methods on Authentication
1. Cloning the credential or token is the process of copying the credential or token of the user and reusing it later to access the system as that user (pass the hash).
2. Sniffing the credentials is done by intercepting the authentication traffic as it passes through the network.
3. Brute Force is the process of repeatedly trying a set of credentials that could be the victim’s credentials.
4. Denial-of-Service, or DoS, is the process of repeatedly attempting to authenticate with the same credentials, eventually locking out the account.
5. Retrieve from Backup is the process of finding credentials that are saved on a system or database in cleartext.
Need help beefing up Authentication and Authorization within your organization? Let's Talk.
Author: Chad Akileh
Equilibrium IT Solutions, Inc.