Difference between revisions of "Category:I805 Authentication and Authorization"

From ICO wiki
Line 47: Line 47:
Lecturers: Lauri Võsandi, Belgin Tastan
Lecturers: Belgin Tastan

Revision as of 15:54, 31 January 2017

Authentication and Authorization

General information

In this course we continue where we left off with Firewalls and VPN/IPsec course.

Relevant topics for research and implementation in the lab. Lectures coming up for most of the topics:

  • File based password stores eg. /etc/shadow, .htaccess
  • Signing and encrypting e-mail using GPG
  • Active Directory protocols: LM, NTLM, Kerberos, GSSAPI, SPNEGO, LDAP
  • More TLS and client side authentication in particular
  • Filesystem permissions: access control lists, selinux, apparmor
  • Multi-factor authentication: smartcards, Yubikey, Mobile-ID, etc
  • Contactless cards
  • On the web: Cookies, OAuth, OpenID, iPizza,




  • Play the red team: Kustas, Ender, Andris
  • Set up rocket.chat instead of IRC server: Meelis Hass
  • Reconfigure Gogs: <insert your name here>
  • Reconfigure wiki: <insert your name here>
  • Set up domain controller replication between servers
  • Set up OpenWrt wifi routers as access points with username/password authentication (like eduroam wireless network)
  • Set a blank smartcard as TLS client authentication token: <insert your name here>
  • NFC card backups: <insert your name here>

With Lauri/Belgin from Linux/Windows admin course:

  • Set up domain controller /w MS AD/Samba:
  • Set up fileserver with several shares: <your name>
  • Use iMac and HP Probook at 412/411 for joining them to domain. Needs some network rewiring first, ask Lauri.
  • Set up group policies, eg install software and configure VPN for HP Probook

With Viktor from Incident management course:

  • Set up incident management software, configure to authenticate with AD


Lecturers: Belgin Tastan

Pages in category "I805 Authentication and Authorization"

This category contains only the following page.