APPLICABLE ASPECTS OF AUTHENTICATION DATA PROTECTION
DOI:
https://doi.org/10.28925/2663-4023.2019.3.4252Keywords:
authentication data, cryptographic protection, encryption, access, policy, cyber securityAbstract
This article covers the issues of applicable user`s authentication data protection at critical infrastructure objects. It considers the procedure for software and encryption facilities in order of application of organizational and technical methods to prevent loss of authentication data at critical infrastructure objects. The Article provides examples for use of open source software KeePass to create the protected and transparent in use of user`s authentication database. The Article provides the basic list of recommended extensions (plugins) for users. Considers the possibility of users` autonomous verification of their acting passwords on matching compromised passwords hash file HaveIBeenPwned. USB-carrier with hardware encryption is proposed for authentication database and ensures its mobility. Suggested provides the user with encrypted database to store the authentication data, and use the automatic procedure for authentication of applications and web-services, have few levels of software and hardware protection, which on one hand simplifies the use of authentication data in execution of applicable security policies and reduce the feasibility of its discreditation, and on the other hand increase the feasibility to block the abusive actions of third parties by means of multi-level protection system. Checked the ability for additional encryption of configuration file by means of runtime environment and ability to use the certificate which is stored at eToken. The provided model for procedure implementation combines the software and hardware encryption to protect the confidential authentication data. It considers the practical experience for creation of model procedures for confidential information protection to develop, implement and manage the modern policies of informational security related to cryptographic protection of authentication data at critical infrastructure objects.
Downloads
References
Borsukovskyi, Y. (2016). Determination of Modern Requirements for Development of Corporate Users` Access Control Policy / Modern Information Protection. № 4, pp.5-9.
Borsukovskyi, Y., Buriachok, V. and Skladaniy, P. (2016). Analysis of Modern Requirements for Development of Corporate Users` Passcodes Policy, Modern Information Protection. № 3, pp.72-75.
Borsukovskyi, Y. and Borsukovska, V. (2018). Model for cryptography protection of confidential information. Engineering sciences: development prospects in countries of Europa at the beginning of the third millennium. 1st ed. Stalowa Wola, Poland: Economics College, pp.43-63.]
NIST Special Publication 800-63-3. [Online] Available at: https://pages.nist.gov/800-63-3/sp800-63-3 [Accessed 4 Mar. 2019].
Banks Are Not Ready to Resist Internal Network Abusers at. [Online] Available at: https://www.anti-malware.ru/news/2018-06-05-1447/26454.
Ten Immutable Laws of Security. [online] Available at: https://technet.microsoft.com/ru-ru/library/cc722487.aspx [Accessed 4 Mar. 2019].
KeePass Password Safe. [Online] Available at: https://keepass.info/ [Accessed 4 Mar. 2019].
Secure Flash. [Online] Available at: https://memory.net.ua/flash/secure-flash/filter/dostupnist/dostupnii-zi-skladu/product-line/encrypted-usb-flash-drives.html [Accessed 4 Mar. 2019].
How to Use the KeePass and Protect Your Passwords?. [online] Available at: http://www.spy-soft.net/kak-polzovatsya-keepass/ [Accessed 4 Mar. 2019].
