Quantitative Examination of Multiple Authenticator Deployment
It appears that there are so many security professionals who pay no attention to the exactly opposite effects of 'multi-layer' and 'multi-entrance deployments. ‘Multi-Layer’ is also represented by ‘In-Series’, ‘In-Addition-To’, ‘All/BothAnd’ and ‘Conjunction’ in logic, while
‘Multi-Entrance’ by ‘In-Parallel’, ‘In-Stead-Of’, ‘EitherOr’ and ‘Disjunction’. Let me offer a quantitative examination of multiple authenticators deployed in two different ways.
Vulnerability (attack surface) of an authenticator is generally presented as a figure between 0 and 1. The larger the figure is, the larger the attack surface is, i.e., the more vulnerable. Assume, for instance, as just a thought experiment, that the vulnerability of the PKI-enabled token (x) be 1/10,000 and that of the password (y) be 10 times more vulnerable, say. 1/1,000. When the two are deployed in ‘multi-layer’ method, the total vulnerability (attack surface) is the product of the two, say, (x) and (y) multiplied. The figure of 1/10,000,000 means it is 1,000 times more secure than (x) alone.
On the other hand, when the two are deployed in ‘multi-entrance’ method, the total vulnerability (attack surface) is obtained by (x) + (y) – (xy), approximately 0.0011. It is about 11 times less secure than (x) alone.
So long as the figures are below 1, whatever figures are given to (x) and (y), deployment of 2 authenticators in ‘multi-layer’ method brings higher security while ‘multi-entrance’ deployment brings lower security. As such ‘multi-layer’ and ‘multi-entrance’ must be distinctly separated when talking about security effects of multiple authenticators.
Remark: Some people may wonder why (xy) is deducted from the sum of (x)+(y).
When (x) and (y) is very small, the (xy) is very close to 0, which we can practically ignore. But we should not ignore it when the figures are considerably large.
Imagine a case that both the two authenticators are deployed in an extremely careless manner, for instance, that the attack surfaces of (x) and (y) reach 70% (0.7) and 60% (0.6) respectively. If simply added, the figure would be 130% (1.3). It conflicts with the starting proposition the figures being between 0 and 1.
Imagine a white surface area. Painting 70% of it in black leaves 30% white surface. Painting 60% of the remaining 30% in black will result in 88% black and 12% white surfaces. Painting 60% first in black and then painting 70% of the remaining 40% brings the same result of 88% black and 12% white. So does “(x)+(y)-(xy)”. The overall vulnerability (attack surface) is 0.88 (88%) in this case.
Hitoshi Kokumaiの記事
ブログを見る
Today's topic is this report - “How blockchain technology can create secure digital identities” · h ...
Bad guys, who have a quantum computer at hand, would still have to break the part of user authentica ...
Our password headache may well be the consequence of these dual causes - · ‘Use of Impracticable Pas ...
この職種に興味がある方はこちら
-
一般事務職(経理業務・営業サポート)
次の場所にあります: beBee S2 JP - 20時間前
神奈川に特化した生活・産業エネルギーの専門商社:求人コード66573 神奈川県, 日本 フルタイム■取材担当からの会社紹介 · 同社は創業から約100年、神奈川・湘南地区にて事業を展開する地域密着企業。戦前から石油の販売を中心に事業を展開し、神奈川県有数の石油販売事業者として発展してきました。1997年からを「第3の創業」と位置づけ、「全く新しい発想を」と果敢に新規事業発展に邁進。駐車場運営事業、レンタカー事業、スポーツ関連ビジネス事業、環境健康事業と、従来のエネルギー事業のほかに、新しさとアイデアの15事業を展開。オイルショック時の赤字計上以外、連続黒字を実現している"湘南の優良企業"です。 · 【勤務地】 · 本社(神奈川県平塚市) · 【給与】 ...
-
CRM Assistant
次の場所にあります: Talent JP C2 - 1週間前
Isearch worldwide Tokyo, 日本 PermanentAs the CLIENT MARKETING assistant manager your goal is business growth, especially in e-commerce, by increasing customer retention, repurchase, and loyalty through effective CRM activities and by acquiring new customers. · Main DutiesDevelop a total CRM strategy across media, inc ...
-
有料老人ホームの介護スタッフ
次の場所にあります: Whatjobs JP C2 - 3日前
株式会社アイネットケアサービス Osaka, 日本株式会社アイネットケアサービス · 有料老人ホームの介護スタッフ · \正職員の介護スタッフの募集です/ · 4週8休制でお休みもバッチリ · 年間休日110日 · ここがポイント · - 昇給あり · - 賞与あり · - 駅チカ · - 社会保険完備 · - 車通勤OK · - 自転車・バイク通勤OK · - 交通費支給(規定あり) · **給与** · 月給20万2000円~34万2000円 · **アクセス** · 「住道」駅より徒歩3分 · 正社員 | シフト制 | 主婦・主夫歓迎 | 駅チカ・駅ナカ | 車通勤可 · 4週8休制でお休みもバッ ...
コメント