| 4.4 Access
15. Authentication Control | |
|---|
| 4.4.15. Authentication Control: | | Sign-in is the single most important procedure for all application services - it shall be 100% complete and correct all of the time. |
| Email: | | By eliminating the need for emails that are copied by many agencies, the threat of a pass phrase ending up in the hands of a criminal are greatly reduced. Email can no longer be trusted for the distribution of sign-in information (or any company confidential data). |
| Pass Phrase: | | The only point of external entry (and security attack surface) is retained as the same sign-in form with 3 data entry fields. The one-off pass phrase is made easy to read as 21 digits that is restricted to the same site, IP address and geo-location as the manager. | | If is unlikely that a user with criminal intent could guess at a 21 digit pass phrase and enter it within one hour of it being requested. The one-off pass phrase may be written down or printed because it has a very limited life - it could be obsolete within a few minutes of it being requested. If other people see the one-time pass phrase, it is unlikely that they could make use of it before the real user signs in and make the one-time pass phrase obsolete. |
| Threat: | | The pass phrase is one of ten authentication factors and could be considered to be nice-to-have rather than having any great significance. The old forgotten password procedure that used obsolete email methods has been replace with a more secure in-site authorization method. |
| New User 1: | | A new user must be authorized by an existing user with management or supervisory rights as:- | | 1. Click the "HRM..." button on the top menu bar - the Human Resource Management dashboard will popup. | | 2. Click the "New User" button on the top menu bar - the add user form will popup. | | 3. Enter the user name, handle, email, job title and related data - data is saved as it is entered. | | 4. Click the "Refresh" button on the top menu bar and review all data entered as being complete and correct. | | 5. Click the "Pass Phrase" button on the top menu bar - a page will open to show a one-time pass phrase of 21 digits. | | 6. The one-time pass phrase page may be printed or cut-and-pasted or written down so it can be given to the new user. |
| New User 2: | | The new user must sign in from their own computer within one hour using the information provided by their manager as:- | | 1. Click the "Sign-In" button on the top menu bar - the sign in page is shown. | | 2. Enter the user handle as specified by your manager. | | 3. Enter the email address as specified by your manager. | | 4. Enter the one-time pass phrase as specified by your manager. | | 5. Select "I agree" with the terms of use and privacy policy - the welcome page will be shown. | | 6. The welcome page shows your new private pass phrase that must be used to sign-in in the future. Your private pass phrase must not be shared with your manager or anybody else for any reason. |
| Expired: | | Where an authorised person is on leave for more than one month their sign in rights will expire. | | They must request that their manager in the same site to assign them a new one-time pass phrase so they can sign in. | | When an authorized person signs in using their one-time pass phrase, they are shown their new permanent pass phrase that must be used in the future to sing-in. Existing pass phrases are not reused after a one-off pass phrase is used. |
| Manager: | | Any manager (or supervisor) in any site has earned the right to request a one-time pass phrase for any other person at the same site. If a manager is not available, then a support email will initiate the same procedure using email or telephone or text. |
| Forgotten 1: | | The authorised user must request their manager to get them a new one-time pass phrase as:- | | 1. Click the "HRM..." button on the top menu bar - the Human Resource Management dashboard will popup. | | 2. Click the "User List" button on the top menu bar - a user list will popup. | | 3. Click on the row showing the applicable user name - the user form will be shown. | | 4. Click the "Pass Phrase" button on the top menu bar - a page will open to show a one-time pass phrase of 21 digits. | | 5. The one-time pass phrase page may be printed or cut-and-pasted or written down so it can be given to the authorized user. |
| Forgotten 2: | | The authorised user must sign in from their own computer within one hour using the information provided by their manager as:- | | 1. Click the "Sign-In" button on the top menu bar - the sign in page is shown. | | 2. Enter the user handle as specified by your manager. | | 3. Enter the email address as specified by your manager. | | 4. Enter the one-time pass phrase as specified by your manager. | | 5. Select "I agree" with the terms of use and privacy policy - the welcome page will be shown. | | 6. The welcome page shows your new private pass phrase that must be used to sign-in in the future. Your private pass phrase must not be shared with your manager or anybody else for any reason. |
| Risk: | | 1. The manager does not see the authorized user pass phrase. | | 2. The manager cannot use the one-time pass phrase from their own computer to impersonate the user. | | 3. The manager cannot use the authorised users computer to request a one-time pass phrase - it will not work on the same computer. | | 4. The manager must be at the same site as the authorised user - one site cannot authorize people at another site. | | 5. One-off pass phrase has a life of one hour - the interaction between manager and user must be real. | | 6. Key logging malware is not likely to have time to get the one-off pass phrase to a criminal in time for it to have any value. | | 7. Email copies in the hands of a criminal would be too little too late. |
| Authentication 2.0: | | 1. Smart phones are dedicated to a specific person while other devices may be shared by more than one person. Authentication by an approved person using a smart phone with cookies can be more secure than a desktop computer that may be used by people who are not approved. | | 2. When a person is approved they are given a one-time access code and a URL to type into their browser. The compound URL includes certain security factors in that it cannot be searched for using a search engine. | | 3. A dummy example of the URL may look like:- | | https://fdos.co.uk/fdos.c2/c2JOHN | | 4. Note the URL includes some personalization - it is unique to each approved person, but may only be used once. When the URL is entered, it shows a training web page with sample form. Instructions to the approved person include details of what field the access code needs to be entered and what item needs to be selected from a drop down list. These instructions are unique to each person and are time duration limited - sign-in must be completed within one hour of the person being approved and the access code issued. | | 5. If the approved person does not follow the instructions correctly, they will be shown a training page and will need to request a new access code from their manager. | | 6. When the approved person enters their access code correctly, they are shown their personal welcome page that may be bookmarked so they can click to view this welcome page in the future. The welcome page is supplemented with cookies and other authentication factors to make things as easy as possible for the approved person. If cookies are cleared or the phone is upgraded, then the approved person may need to request a new access code from their manager. |
| URL 2.0: | | 1. Public URL has no encryption, may be bookmarked and has no restrictions on its use. | | 2. Signin URL will not be bookmarked, may be used by anybody with date-and-time limits. Date-and-time limits within the URL mean if this is bookmarked, the URL will show a public training page. If the access code and selection is for an approved person, then that persons unique welcome page is shown. If the access is not correct, a public training page is shown. | | 3. Welcome URL will be bookmarked and used by an approved person at any time. Each person has a unique welcome page that grants them access to all applicable applications, web pages and other links. While the approved person in the URL matches the approved person in cookies, then this welcome page will be shown. If the installed cookies are cleared or other identification factors change, then person is shown a public training page. | | 4. Private URL will not be bookmarked and will be used by an approved person with date-and-time limits. Date-and-time limits within the URL mean if this is bookmarked, the URL will show a public training page. |
| Dialogue 2.0: | | 1. Smart phones are optimised to view a selected amount of data at a time - the massive spreadsheet is not effective on a smart phone. Smart phone data entry using an on-screen kayboard means that form design must expect only a limited amount of data can be viewed while data entry is taking place. List selection is highly effective on a smart phone and should be used whenever practical. | | 2. Some people have twenty years Microsoft experience of using lists and forms - they may be reluctant to change. Some people have enbraced artificial intelligence and can ask their phone anything - these people may be the future. | | 3. Rather than using old methods of showing a list of all customers and asking the person to select one customer from the list, it is more productive to provide a search engine that can find any specific customer using text or voice. Rather than using old forms to request 20 fields to be entered and then saved, it is more productive to ask for one field value at a time and cycle through the 20 fields skipping optional data. Rather than a form, a step-by-step dialogue is recommended. |
| Blockchain 2.0: | | 1. Private blockchain technology will dominate the next twenty years. Public peer-to-peer technology will grow even faster, but that is for the people not for companies. | | 2. Blockchain means that all data is encrypted, not just passwords - encryption means that data cannot be stolen. | | 3. Blockchain means that all data is replicated to a large number of distributed safe data centers - replication means that data cannot be lost. | | 4. Blockchain means no administrator with backdoors and no privileged access - every approved person is equal to each other - everybody is the owner. | | 5. Blockchain means timestamped data cannot be changed and cannot be erased - transactions are a true and verifiable record of what happened in history. |
|
|