Hmm. This starter might actually be the only real measure: who you know. :)
Which is a nice entry point into your learning about the notion of "web of trust" and web-based certificates. :-)
As a Software QA professional, let me dazzle you with math. Let us say that we have something we want to secure, and so we secure it with 3 methods: what you have (H), what you know (K) and who you are (U).
Let me make the math easy: the false-positive rate (how often a person can fake a method) is 10%, meaning 1 time out of 10 you can fake your way in past any single method. The probability you can fake your way past all three methods is H-fail * K-fail * U-fail = .10*.10*.10 = .001 or 1 failure in a thousand. That's GREAT.
Now, let's pretend that the false-negative rate is half that. Half the time you should be able to log in, you can't. What's the rate of that? It turns out it is H-not + K-not + U-not = .05 + .05 + .05 = .15
You've spiked the lockout rate, hugely. Whatever your guarding had better be worth it, because a lot of legitimate access is going to be denied. This is the crime of probability, for when unlikely things have to happen together, you multiply the probabilities, but when they happen separately you add them.
Now: let's say you want to fix the false negatives, by having some way to replace "what you have, are or know". You've moved the problem because all the Black Hat has to do, is force the replacement process to fail and give him access, 3 times. Perhaps as few as twice. (If you'll replace what I had and lost for me, using only who I am or what I know, you've essentially removed the what I have requirement.)
How many repetitions of fixing false negatives will you allow? If they are infinite, the odds of a determined attacker winning are very good. If they are not, you are starting to help yourself more.
There is a reason why most systems are secured by only one layer of security.
![[personal profile]](https://www.dreamwidth.org/img/silk/identity/user.png)
branchandroot
no subject
Date: 2008-12-10 03:29 pm (UTC)Which is a nice entry point into your learning about the notion of "web of trust" and web-based certificates. :-)
As a Software QA professional, let me dazzle you with math. Let us say that we have something we want to secure, and so we secure it with 3 methods: what you have (H), what you know (K) and who you are (U).
Let me make the math easy: the false-positive rate (how often a person can fake a method) is 10%, meaning 1 time out of 10 you can fake your way in past any single method. The probability you can fake your way past all three methods is H-fail * K-fail * U-fail = .10*.10*.10 = .001 or 1 failure in a thousand. That's GREAT.
Now, let's pretend that the false-negative rate is half that. Half the time you should be able to log in, you can't. What's the rate of that? It turns out it is H-not + K-not + U-not = .05 + .05 + .05 = .15
You've spiked the lockout rate, hugely. Whatever your guarding had better be worth it, because a lot of legitimate access is going to be denied. This is the crime of probability, for when unlikely things have to happen together, you multiply the probabilities, but when they happen separately you add them.
Now: let's say you want to fix the false negatives, by having some way to replace "what you have, are or know". You've moved the problem because all the Black Hat has to do, is force the replacement process to fail and give him access, 3 times. Perhaps as few as twice. (If you'll replace what I had and lost for me, using only who I am or what I know, you've essentially removed the what I have requirement.)
How many repetitions of fixing false negatives will you allow? If they are infinite, the odds of a determined attacker winning are very good. If they are not, you are starting to help yourself more.
There is a reason why most systems are secured by only one layer of security.