Protection Mechanisms ASHRAY PATEL Roadmap Access Control Four
- Slides: 21
Protection Mechanisms ASHRAY PATEL
Roadmap �Access Control �Four access control processes �Managing access control �Firewalls �Scanning and Analysis tools �Cryptography and Encryption
Access Control �Regulates the admission of users into trusted areas of the organization � Logical access to information � Physical access to organizations facilities �Maintained by means of a collection of policies, programs to carry out those policies, and technology to enforce policy �Access control involves four processes: � Identification � Authentication � Authorization � Accountability
Identification �A mechanism that provides information about an unverified entity that wants to be granted access �ID must be a unique value that can be traced to one and only one person within the security domain �Elements that make ID’s unique within security domain � First and last name � Picture � Department codes � Random numbers � Or special characters
Authentication �Process to validating a persons purported identity �Ensures the entity requesting access is the entity it claims to be �Three types of authentication mechanisms: Knowledge factors: Something the user knows Ownership factors: Something the user has Inherence factors: Something the user is or does �Some places require strong authentication- usually require 2 different types of authentication mechanisms
Knowledge Factor Methods �Username/Password is the most common in work places and schools �Pass Phrase �Personal identification number �Challenge response �Weakness: is that any of these can often be stolen, accidentally revealed, or forgotten by the user
Ownership Method Factors �Photo Id �Key Cards- swipe or scan to get authentication �Wrist Bands �Security Token �Cell phone hardware token �Cell Phone software token hardware/software tokens acts like an electronic key to access something.
Inherence Method Factors �Fingerprints �Retina scans �Iris scans �Signatures �Face/voice recognition �Hand patterns �Palm vein authentication
Authorization �Process that determines if a user has been specifically and explicitly authorized by the proper authority to perform a function �Authorization can be handled in 3 ways: � Authorization for each authenticated user : in which the system performs an authentication process to verify each entity and then grants access to resources to only that entity � Authorization for members in a group: in which the system matches authenticated entities to a list of group memberships and then grants access to resources bases on group’s access rights � Authorization across multiple systems: in which a central authentication and authorization system verifies entity ID’s and grants a set of credentials to the verifies entity
Accountability �Ensures that all actions on a system can be attributed to an authenticated identity �Actions could be ones that the entity is authorized for: such as modifying data, �Or could include unauthorized attempts: such as modifying data that is beyond access level �Accountability is accomplished by implementing system logs and database journals
Managing Access Control �Access control policy: which specifies how access rights are granted to entities and groups �Policy must include: Reviewing all access rights periodically Granting access rights Changing access rights when needed Revoking access rights
Firewalls �A network security system that controls the incoming and outgoing network traffic �Can filter based on: IP address, type of packet, port request, and other elements presented in packet �Examines for packets for compliance with or violation of rules configured into firewalls database
Managing Firewalls �Training Read manuals and get educated on the firewall �Uniqueness Each brand of firewall is different, so you must learn what differences the firewalls you are using have �Responsibility Each and every person in security has a responsibility to keep the firewall updated and safe from hackers �Administration Must have administration hired to help with the firewalls
Scanning and Analysis Tools �Used to find vulnerabilities is systems, holes in security components, and other unsecured points �Different types of scanners and tools: Port Scanners Vulnerability Scanners Packet Sniffers Content Filters Trap and trace
Port Scanners �Are a group of utility software applications that can identify computers that are active on a network, as well as the active ports and services on those computers �The functions and roles fulfilled by the machines �Can scan for specific computers, protocols, resources, or conduct generic scans �The more specific the scanner is, the more detailed and useful the information is provided
Vulnerability Scanners �Variants of port scanners, are capable of scanning networks for very detailed information �It can identify exposed user names and groups, show open network shares, and expose configuration problems �Can also show what firewalls and OS/version is running
Packet Sniffers �Is a network tool that collects and analyzes copies of packets from the network �Can provide a administrator with valuable information to help diagnose and resolve networking issues Can examine both live network traffic and previously captured data Including language filtering TCP session reconstruction utility
Content Filters �Is a software program that allows administrators to restrict content that comes into a network �Such as: web sites with nonbusiness related material Pornography websites Entertainment websites �Can also keep spam e-mails away
Trap and Trace �Application that entice individuals who are illegally perusing the internal areas of a network by providing simulated rich content areas but distract the attacker while the software notifies the administrator of the intrusion �Then the administrator determine the identity of someone discovered in the unauthorized areas of the network or systems
Cryptography and Encryption �Is the set of processes involved in encoding and decoding messages so that others cannot understand them �Encryption: is the process of converting an original message into a form that cannot be used by unauthorized individuals �Messages are decoded by algorithms and keys used to perform the encryption
References �Management of Information Security- Whitman and Mattord �http: //en. wikipedia. org/wiki/Authentication �http: //searchsecurity. techtarget. com/feature/Protec tion-Mechanisms
Dhatu kshaya vriddhi lakshana
Since the bastion host stands as a sole defender
File protection mechanisms
File protection mechanisms
Community based child protection mechanisms
Terminal access controller access control system
Terminal access controller access-control system
Reciprocal determinism psychology definition
Vex elevator lift
Neuroendocrine reflex
Concurrency control mechanism
Formal agents of social control
Quality control mechanisms
Identity management roadmap
Loops in tosca
Executive personnel protection control
Dr vikas patel
Dr vikas patel
Prashan patel
Dr niraj patel
Is it really
Jaydeep patel youtube income
