Modern access control products generally use two techniques for authenticating users: Pre-authentication and authentication. Both have their advantages and disadvantages. The diagram below shows the startup procedure using a hard disk. The computer's MBS (master boot sector) is executed. This then attempts to start the SBS (system boot sector) which, in turn, launches the operating system. In the case of DOS, the operating system looks for the files config.sys and autoexec.bat and runs them.TA system based on pre-authentication replaces the MBS with its own logon program that prompts for a user ID and password. A system based on authentication inserts a command into the autoexec.bat that prompts for a user ID and password. A pre-authentication system provides a high level of security, because it does not depend on the operating system. However the system cannot be integrated with the user IDs and passwords used in the network, nor is it possible to perform updates from the server before the user is logged on. This means that maintaining systems based on pre-authentication is tedious. In the case of authentication, a logon program is started from the autoexec.bat, allowing the network drivers to be started and updates performed before the user is logged on. This allows integration between the network and the access control system.
|
|
|
|
|
|
|
|