Lecture 27: Authentication and authorization
- Types of authentication
- something you have/are/know; two-factor authentication
- Passwords (online/offline dictionary attacks, hashing, salting)
- Authorization
- reference monitor, access control matrix, access control list, capabilities
- complete mediation, least privilege, separation of privilege