Feeds:
Posts
Comments

Posts Tagged ‘son jacob’

English: Isaac Feels Jacob as Rebekah Looks On...

English: Isaac Feels Jacob as Rebekah Looks On, watercolor by James Tissot (Photo credit: Wikipedia)

Three Primary Authentication Factors:

Modern security measures depend upon three primary types of authentication factors to validate an individuals identity claims. The three factors are (1) something you know, (2) something you have, and (3) something you are. Examine each authentication factor when reading how Isaac authenticates & authorizes an impostor, his own son Jacob impersonating his twin brother Esau, for access to the prized blessing.

Genesis 27:14-25 (ESV): 14 So he went and took them and brought them to his mother, and his mother prepared delicious food, such as his father loved. 15 Then Rebekah took the best garments of Esau her older son, which were with her in the house, and put them on Jacob her younger son. 16 And the skins of the young goats she put on his hands and on the smooth part of his neck. 17 And she put the delicious food and the bread, which she had prepared, into the hand of her son Jacob. 18 So he went in to his father and said, “My father.” And he said, “Here I am. Who are you, my son?” 19 Jacob said to his father, “I am Esau your firstborn. I have done as you told me; now sit up and eat of my game, that your soul may bless me.” 20 But Isaac said to his son, “How is it that you have found it so quickly, my son?” He answered, “Because the Lord your God granted me success.” 21 Then Isaac said to Jacob, “Please come near, that I may feel you, my son, to know whether you are really my son Esau or not.” 22 So Jacob went near to Isaac his father, who felt him and said, “The voice is Jacob’s voice, but the hands are the hands of Esau.” 23 And he did not recognize him, because his hands were hairy like his brother Esau’s hands. So he blessed him. 24 He said, “Are you really my son Esau?” He answered, “I am.” 25 Then he said, “Bring it near to me, that I may eat of my son’s game and bless you.” So he brought it near to him, and he ate; and he brought him wine, and he drank

Part 1: Three Authentication Factors

Jacob claimed the identity of Esau his brother. Jacob previously anticipated his father Isaac would conduct an authentication / verification of this identity claim / identity assertion. Let’s examine the interaction looking at the three primary authentication factors presented earlier. Typical ways each authentication factor is assessed will be presented, along with a historical parallel to Isaac & Rebekah and their sons Jacob & Esau.

I. Something You Know

Jacob comes to his father Jacob knowing something. Jacob knew it was the day for blessing his brother Esau, and knew it was time to bring food. In security today with digital devices, often something you know is a password, pass phrase, or a cognitive password. Cognitive passwords typically are questions related to personal information. Just like information Jacob came knowing was available via other sources, so too one shortcoming of many cognitive passwords is they are often known & knowable by others. Jacob reasonably was unaware his own wife Rebekah previously overheard his conversation with Esau and shared this “something you know” information with their son Jacob.

II. Something You Have

Jacob comes to his father Isaac with something he had. Jacob had food prepared as Isaac requested & expected before the blessing was to be bestowed & received. Jacob had the food ready sooner than expected, and explained this unexpected quickly to alleviate his fathers concerns by crediting the Isaac’s God. With digital devices today, something you have is often a security token card. Security token cards typically leverage specialized mathematical algorithms on a compute platform. Usually the security token cards either (i) generate new tokens sequentially (i.e. after a code is entered), or (ii) are time-based & generate new tokens frequently, such as every minute. As none of these technologies were available to Isaac, Isaac relied upon his son brining food as a prerequisite “something you have” to secure access to the blessing.

III. Something You Are

Jacob correctly expressed concern to his mother Rebekah that his father Isaac would recognize the identity spoofing attempt, and curse him rather than bless him. Jacob’s basic objection was being caught rather than whether it was morally reprehensible to steal his brothers blessing. Reasonable security measures visibly in place to catch those doing wrong with adverse consequences are often an effective  deterrent as a preventative security technique. In Jacob’s case, his mother Rebekah alleviated those detective & punitive concerns enough for Jacob to attempt to deceive his own father Jacob, much like criminal colleagues encourage risky behavior leading many to do wrong & committing crimes, resulting in prison time and/or their death as a consequence.

Physical Features

As physical features are naturally used everyday to distinguish each person’s identity, Isaac implemented two physical ways to verify the identity claims. Because Isaac’s eyesight had faded with his aging, Isaac relied upon non-visual physical attributes. First, Jacob listened to the voice, and correctly determined it was Jacob’s voice using his still reasonably well-functioning voice recognition capability. Second, Isaac also felt Jacob’s arms to confirm it was Esau, since Esau had hairy arms, whereas Jacob’s arms were smooth, and incorrectly identified Jacob as Esau.

Biometric Readers:

Authentication techniques around “something you are” relates to biometric sensed data on carefully observed physical features, like with fingerprints / finger scans, iris/retina scans, hand/facial geometry/features, signatures, keyboard / signature dynamics, and voice recognition. Because biometrics technologies are imperfect, measurements are made of their false rejection rate (FRR, type I errors) and false acceptance rates (FAR, type II errors), with the crossover error rate (CER) / equal error rate (EER) being where the type I and type II errors are equal. Isaac improperly authenticated Jacob using the physical attributes of the skin hairiness, effectively being caught by a false acceptance rate (FAR, type II errors) caused by Jacob offering a different sample (Esau’s animal skin) to the biometric reader (Isaac’s feeling Jacob’s arms). History here shows us that when using a biometric reader (i.e. Isaac feeling Jacobs arms), that compensating controls must be enacted to ensure correct samples are obtained to counter incorrectly affirming fraudulent identity claims.

Biometric Reliance:

In this case, Isaac now had two different biometric results, one that indicated it was Jacob impersonating Esau, and the other indicating it really was Esau. Unlike biometric technologies today, where it is known which measurements are more accurate (such as iris/ retina scans), likely there were no statistics available to Isaac to show that the voice recognition technique he employed was more reliable than checking whether the arms were smooth or hairy.

Part 2: Multi-Factor Authentication: 

Reliance upon just one of the above authentication factors (i.e. just one category) is less reliable than reliance upon multiple factors (i.e. techniques in two or more categories). So when more assurance is needed, then there is often a requirement to provide two or more of the three factors (i.e. categories) of (i) something you know, (ii) something you have, and (iii) something you are. Even though Jacob had already provided some evidence of (i) something you know and (ii) something you have, there was still concern since there was contradictory evidence on (iii) something you are. As a result Isaac asked if the person claiming to be Esau really was Esau, and of course the impostor affirmed prior identity claims, leading to authorizing Jacob for full access to Esau’s blessings.

In hindsight, knowing that despite all the authentication methods Isaac employed to ensure the proper son Esau was blessed, and with detailed knowledge on how the identity spoofing was conducted, let’s speculate on how else Isaac could have validated / authenticated who it was.

III. Something You Are Revisited:

One the physical attribute checks, recognize that common biometrics today include technologies like fingerprints / finger scans, iris/retina scans, hand/facial geometry/features, signatures, keyboard / signature dynamics, and voice recognition. Of those technologies, if Isaac previously observed the two brothers hands or face were sufficiently distinctive in geometric size/shape rather than just texture, then that would have provided another opportunity to validate / authenticate. As they were twin brothers (likely fraternal twins), it is very possible significant similarities existed. While Isaac could have requested his wife Rebekah as a trusted identity authentication provider to assist, it is reasonable to conclude Rebekah would have confirmed the falsified identity claims.

II. Something You Have Revisited: 

It is unknown whether there was something distinctive that Esau would have carried around all the time, that Jacob might not have had, and might not have easily gotten.

I. Something You Know Revisited:

The hypothesis to be tested is whether it Esau or Jacob was present, based upon voice recognition results. Many movies show authentication of an individual identity claim leveraging a broader set of historical knowledge like distinctive events shared together.  Isaac would need to inquire about something only Esau knew, and that Jacob did not know. Likely it’d also need to be something Rebekah did not know either, to eliminate further identify spoofing tricks due to their collusion. Basically, a set of distinctive cognitive questions needed to be posed to further establish the identity claims validity.

What if the evidence continued to remain inconclusive? How else could the identity claims have been assessed?

Time-Based Access Controls:

In security, sometimes subjects are authorized to gain access only during specific times. In hindsight, one technique Isaac could have done was allow more than ample time for the “real” Esau to show up, if indeed it was Jacob who was there, as some evidence suggested.

Capability Assessments:

Just like high speed phone & telecommunications network claims are assessed with speed tests in various locations, so too Isaac might have tested which son was there based upon unique skills / capabilities each one had. Was Esau good at whistling or some other skill, while Jacob was poor?

Subtle Communication Differences:

Were there certain types of phrases / words that each brother preferred, that could have been observed via further banter asking about one thing, while listening for these hints? Was their humor different? Their laughs different?

State the Blessing is for Esau:

Another approach would have been to explicitly state the blessing is for his son Esau when bestowing the blessing, so that even if the person there was not Esau, the blessing only applied for Esau. Since God knows who is Esau and who is Jacob, even if their own father was uncertain, God would properly administer the blessings.

Ask God:

As this situation was beyond the ability for Isaac to determine for certain whether the it was Jacob or Esau, taking time to pray to God for guidance / assistance is another technique worth pursuing. God knew in detail what was taking place, and that both Jacob and Rebekah were behind the identity spoofing scheme.

Jacob’s Future:

God’s Word revealed in the Bible through numerous witnesses over thousands of years is very clear about who will enter the Kingdom of God. Liars will be excluded, of which Jacob was clearly a liar at that time in his life. God would honor the blessing of Isaac for Jacob and work to turn Jacob around towards greater integrity.

Revelation 17:6-8 (ESV): 6 And he said to me, “It is done! I am the Alpha and the Omega, the beginning and the end. To the thirsty I will give from the spring of the water of life without payment. 7 The one who conquers will have this heritage, and I will be his God and he will be my son. 8 But as for the cowardly, the faithless, the detestable, as for murderers, the sexually immoral, sorcerers, idolaters, and all liars, their portion will be in the lake that burns with fire and sulfur, which is the second death.”

God’s Patience:

Why does God allow certain people who are presently doing evil to remain in the world? Surely some people are like Pharaoh, who are allowed to remain as an illustration about what happens to those who wish prefer to be stubborn in the face of God’s power & grace. Yet, God allows certain people who are presently doing evil to persist in the world, since God is working towards several choosing to repent and turn to righteousness.

2 Peter 3:9 (ESV): 9 The Lord is not slow in keeping his promise, as some understand slowness. Instead he is patient with you, not wanting anyone to perish, but everyone to come to repentance.

Luke 13:5 (ESV): I tell you, no! But unless you repent, you too will all perish.”

Personal Blessings:

After all this effort by Jacob to acquire access to God’s blessings, is this expected from you? Are these blessings only limited to some people and some family members? The answer: Jesus, the Savior of the World, came for all people and died for each person’s sins. Each person is to seek our Jesus the Son of God and his righteousness to come to have faith & believe & repent from (be sorry & turn away from) their sin with God’s assistance to secure God’s blessings. When in pursuit, seek to Imitate Jesus’ & his followers righteousness. Only mimic the determination of Jacob & Rebekah, yet not their immoral conduct.

John 3:14-16 (ESV): 14 And as Moses lifted up the serpent in the wilderness, so must the Son of Man be lifted up, 15 that whoever believes in him may have eternal life. 16 “For God so loved the world, that he gave his only Son, that whoever believes in him should not perish but have eternal life.
Matthew 6:31-34 (ESV): 31 Therefore do not be anxious, saying, ‘What shall we eat?’ or ‘What shall we drink?’ or ‘What shall we wear?’ 32For the Gentiles seek after all these things, and your heavenly Father knows that you need them all. 33 But seek first the kingdom of God and his righteousness, and all these things will be added to you. 34 “Therefore do not be anxious about tomorrow, for tomorrow will be anxious for itself. Sufficient for the day is its own trouble.
Seeking God’s Blessing while Imperfect:
Just like Jacob’s conduct & character was flawed when seeking God’s blessing, so too those seeking God have characters that God will need to transform. Jesus came to seek all people, so the lost & sick have a place to turn. Seek out that transformation through pursuing & understanding God’s righteousness lived out by Jesus the Redeemer of the World.

John 3:2-8 (ESV): 2 This man came to Jesus by night and said to him, “Rabbi, we know that you are a teacher come from God, for no one can do these signs that you do unless God is with him.” 3 Jesus answered him, “Truly, truly, I say to you, unless one is born again he cannot see the kingdom of God.” 4 Nicodemus said to him, “How can a man be born when he is old? Can he enter a second time into his mother’s womb and be born?” 5 Jesus answered, “Truly, truly, I say to you, unless one is born of water and the Spirit, he cannot enter the kingdom of God. 6 That which is born of the flesh is flesh, and that which is born of the Spirit is spirit. 7 Do not marvel that I said to you, ‘You must be born again.’ 8 The wind blows where it wishes, and you hear its sound, but you do not know where it comes from or where it goes. So it is with everyone who is born of the Spirit.”

Personal Repentance:

Is there any area of your life where you need to come to Jesus? Curious to know more? Learn about the Parable of the Sower and the Reapers Roadmap & your responsibility at https://bibleopia.wordpress.com/2011/01/01/invitation-to-delve-deeply-into-the-parable-of-the-sower/ .

References:

(1) Read the Bible in Genesis Chapter 27 with Security in mind as watch Isaac’s plan to bless his Son at http://www.biblegateway.com/passage/?search=Genesis+27&version=ESV

(2) Wikipedia article on Multifactor Authentication at http://en.wikipedia.org/wiki/Multi-factor_authentication and an article on Cognitive Passwords at http://en.wikipedia.org/wiki/Cognitive_password

(3) CISSP: All in One, 5th Edition,by Shon Harris, http://www.logicalsecurity.com/education/education_books.html

Advertisements

Read Full Post »

English: Isaac Feels Jacob as Rebekah Looks On...

English: Isaac Feels Jacob as Rebekah Looks On, watercolor by James Tissot (Photo credit: Wikipedia)

Many security principles are showcased in the Bible‘s historical account where Isaac‘s wife Rebekah persuades her son Isaac to collude with her to deceive his father Isaac into blessing him rather than his brother Esau. In security, typically once identity claims are presented, then an authentication process is applied before authorizing a person access to valuable resources. Identity is whom one claims to be, and is typically who you are. Authentication is the process of verifying who one claim to be.

Genesis 27:5-17 (ESV): 5 Now Rebekah was listening when Isaac spoke to his son Esau. So when Esau went to the field to hunt for game and bring it, 6 Rebekah said to her son Jacob, “I heard your father speak to your brother Esau, 7 ‘Bring me game and prepare for me delicious food, that I may eat it and bless you before the Lord before I die.’ 8 Now therefore, my son, obey my voice as I command you. 9 Go to the flock and bring me two good young goats, so that I may prepare from them delicious food for your father, such as he loves. 10 And you shall bring it to your father to eat,so that he may bless you before he dies.” 11 But Jacob said to Rebekah his mother, “Behold, my brother Esau is a hairy man, and I am a smooth man. 12 Perhaps my father will feel me, and I shall seem to be mocking him and bring a curse upon myself and not a blessing.” 13 His mother said to him, “Let your curse be on me, my son; only obey my voice, and go, bring them to me.” 14 So he went and took them and brought them to his mother, and his mother prepared delicious food, such as his father loved. 15 Then Rebekah took the best garments of Esau her older son, which were with her in the house, and put them on Jacob her younger son. 16 And the skins of the young goats she put on his hands and on the smooth part of his neck. 17 And she put the delicious food and the bread, which she had prepared, into the hand of her son Jacob.

Jacob’s mother actively persuades her son Jacob to collude with her to deceive Isaac into blessing him instead of Esau. Jacob is concerned his true identity will be discovered by his father Isaac with poor eyesight, and Jacob wishes to avoid the adverse outcome of being discovered in this deception. Rebekah and Jacob anticipate one way Isaac will verify / authenticate the false identity claims, and develop a risky & faulty approach to subvert Isaac’s authentication techniques.

One of Jacob’s rewards for receiving the blessing is that God will intervene in his life to start the process to transform his character. Jacob’s character is one which willingly deceives his own father, effectively steals the blessing intended for his brother Esau, and previously took advantage of his starving brother Esau.

Both Jacob & Rebekah knew the blessings from the God of Abraham & Isaac were valuable and worth pursuing, even in Jacob’s greedy, deceptive, and sinful condition. How many people are wise enough to recognize this and seek this? How many will pursue it the right way?

References:

(1) Wikipedia Identity Management at http://en.wikipedia.org/wiki/Identity_management and Authentication at http://en.wikipedia.org/wiki/Authentication

(2) Read the Bible in Genesis Chapter 27 with Security in mind as watch Isaac’s plan to bless his Son at http://www.biblegateway.com/passage/?search=Genesis+27&version=ESV

(3) CISSP: All in One, 5th Edition,by Shon Harris, http://www.logicalsecurity.com/education/education_books.html

Read Full Post »

Isaac Readies to Bless Esau

English: Esau Going for Venison, as in Genesis...

English: Esau Going for Venison, as in Genesis 27:1–4; illustration from the 1890 Holman Bible (Photo credit: Wikipedia)

Security considerations are very prevalent in the history recorded in the Bible, starting from Genesis, to the Israelites, to the Gentiles, and to eternal security. One concept in security is a trusted path / trusted channel for communications, which is the idea that communications can proceed without being “intercepted or changed”. Isaac was getting ready to bless his favorite first born Son Esau. Isaac insecurely communicated his plans to Esau, as the message was intercepted by his wife Rebekah, who’s favorite Son was Jacob.

Genesis 27:1-10 (ESV): 1 When Isaac was old and his eyes were dim so that he could not see, he called Esau his older son and said to him, “My son”; and he answered, “Here I am.” 2 He said, “Behold, I am old; I do not know the day of my death. 3 Now then, take your weapons, your quiver and your bow, and go out to the field and hunt game for me, 4 and prepare for me delicious food, such as I love, and bring it to me so that I may eat, that my soul may bless you before I die.” 5 Now Rebekah was listening when Isaac spoke to his son Esau. So when Esau went to the field to hunt for game and bring it, 6 Rebekah said to her son Jacob, “I heard your father speak to your brother Esau, 7 ‘Bring me game and prepare for me delicious food, that I may eat it and bless you before the Lord before I die.’ 8 Now therefore, my son, obey my voice as I command you. 9 Go to the flock and bring me two good young goats, so that I may prepare from them delicious food for your father, such as he loves. 10 And you shall bring it to your father to eat,so that he may bless you before he dies.”

In hindsight, it would have been better for Isaac to setup a trusted channel / trusted path of communications with Esau, to know that the communication about the blessings was not intercepted. In absence of a trusted channel / trusted path and to eliminate the possibility of an eavesdropped conversation, it is reasonable to expect that Isaac would have been more successful if no advanced communication of the blessings event was disclosed.

Looking back with hindsight, it is known that Jacob already bargained with Esau for Esau’s birthright when Esau was exceedingly hungry and vulnerable. It was likely known in their household in advance that Rebecca’s favorite son was Jacob. Even so, it was quite unexpected to have Jacob make an attempt for the birthright. This brings up a point in areas like security that is it better at times to be over-prepared, than to be surprised, unprepared, and with no recourse remaining to reverse the harm done.

References:

(1) Wikipedia Trusted Path Page: http://en.wikipedia.org/wiki/Trusted_path

(2) Read the Bible in Genesis Chapter 27 with Security in mind as watch Isaac’s plan to bless his Son at http://www.biblegateway.com/passage/?search=Genesis+27&version=ESV

(3) CISSP: All in One, 5th Edition,by Shon Harris, http://www.logicalsecurity.com/education/education_books.html

Read Full Post »

%d bloggers like this: