Module 2 OBJECTIVE 14: Compare various security mechanisms.

Slides:

Advertisements

Similar presentations

Computer Security Computer Security is defined as:

Advertisements

Networks. User access and levels Most network security involves users having different levels of user access to the network. The network manager will.

Protection of personal mobile computer devices Information Security Isaac Fernandes, mci12009 Sofia Nunes, mci12014.

Access Control Methodologies

Authentication Chapter 2. Learning Objectives Create strong passwords and store them securely Understand the Kerberos authentication process Understand.

19.1 Silberschatz, Galvin and Gagne ©2003 Operating System Concepts with Java Chapter 19: Security The Security Problem Authentication Program Threats.

Principles of Information Security, 2nd edition1 Cryptography.

CSI 400/500 Operating Systems Spring 2009 Lecture #20 – Security Measures Wednesday, April 29 th.

Lesson 11-Virtual Private Networks. Overview Define Virtual Private Networks (VPNs). Deploy User VPNs. Deploy Site VPNs. Understand standard VPN techniques.

Security Awareness: Applying Practical Security in Your World

Silberschatz, Galvin and Gagne  Operating System Concepts Module 19: Security The Security Problem Authentication Program Threats System Threats.

Lesson 9-Securing a Network. Overview Identifying threats to the network security. Planning a secure network.

Chapter 10: Authentication Guide to Computer Network Security.

Securing Windows 7 Lesson 10. Objectives Understand authentication and authorization Configure password policies Secure Windows 7 using the Action Center.

AIS, Passwords Should not be shared Should be changed by user Should be changed frequently and upon compromise (suspected unauthorized disclosure)

BUSINESS B1 Information Security.

The University of Akron Dept of Business Technology Computer Information Systems DBMS Functions 2440: 180 Database Concepts Instructor: Enoch E. Damson.

E-Commerce Security Technologies : Theft of credit card numbers Denial of service attacks (System not availability ) Consumer privacy (Confidentiality.

3.3 Digital Communication Security. Overview Demonstrate knowledge and understanding of basic network security measures, e.g. passwords, access levels,

Protecting Internet Communications: Encryption  Encryption: Process of transforming plain text or data into cipher text that cannot be read by anyone.

Patient Data Security and Privacy Lecture # 7 PHCL 498 Amar Hijazi, Majed Alameel, Mona AlMehaid.

Types of Electronic Infection

MMTK Access control. Session overview Introduction to access control Passwords –Computers –Files –Online spaces and networks Firewalls.

Physical ways of keeping your system secure. Unit 7 – Assignment 2. (Task1) By, Rachel Fiveash.

Networked Information Systems Network Security. Network Physical Security File server failure can severely affect network users. Server security: Locked.

3.06 Data Encryption Unit 3 Internet Basics. Introduction In May of 2006, an analyst with the U.S. Department of Veterans Affairs was robbed of his notebook.

Information Systems Security

Networking and Health Information Exchange Unit 9b Privacy, Confidentiality, and Security Issues and Standards.

Component 9 – Networking and Health Information Exchange Unit 9-2 Privacy, Confidentiality, and Security Issues and Standards This material was developed.

Ingredients of Information Security. - Who has access the asset? - Is the asset correct? - Is the asset accessible? …uncorrupted? …authentic?

Authentication Chapter 2. Learning Objectives Create strong passwords and store them securely Understand the Kerberos authentication process Understand.

McGraw-Hill/Irwin ©2008 The McGraw-Hill Companies, All Rights Reserved INFORMATION SECURITY SECTION 4.2.

IT Security. What is Information Security? Information security describes efforts to protect computer and non computer equipment, facilities, data, and.

Identification Authentication. 2 Authentication Allows an entity (a user or a system) to prove its identity to another entity Typically, the entity whose.

Database security Diego Abella. Database security Global connection increase database security problems. Database security is the system, processes, and.

1 Data Access Control, Password Policy and Authentication Methods for Online Bank Md. Mahbubur Rahman Alam B. Sc. (Statistics) Dhaka University M. Sc.

NETWORKING & SYSTEM UPDATES

Networking Network Classification, by there: 3 Security And Communications software.

Introduction to Databases Dr. Osama AL Rababah. Objectives In this capture you will learn: Some common uses of database systems. The characteristics of.

CPT 123 Internet Skills Class Notes Internet Security Session B.

Access Control Jeff Wicklund Computer Security Fall 2013.

Access Control for Security Management BY: CONNOR TYGER.

ASHRAY PATEL Protection Mechanisms. Roadmap Access Control Four access control processes Managing access control Firewalls Scanning and Analysis tools.

7/10/20161 Computer Security Protection in general purpose Operating Systems.

Security Issues in Information Technology

Chapter 40 Internet Security.

Web Applications Security Cryptography 1

Data security OCR Cambridge Nationals in ICT Level 1/2 © Hodder & Stoughton 2013.

MANAGEMENT of INFORMATION SECURITY, Fifth Edition

Information Security, Theory and Practice.

System Access Authentication

Chapter One: Mastering the Basics of Security

SECURITY FEATURES OF ATM

Chapter 17 Risks, Security and Disaster Recovery

INFORMATION SECURITY The protection of information from accidental or intentional misuse of a persons inside or outside an organization Comp 212 – Computer.

Computer Security Computer viruses Hardware theft Software Theft Unauthorized access by hackers Information Theft Computer Crimes.

2. Access Control Matrix Introduction to Computer Security © 2004 Matt Bishop 9/21/2018.

Chapter 10 Advanced Topics (2)

Computer Security Distributed System Security

Network Security – Kerberos

Securing Windows 7 Lesson 10.

Authentication Chapter 2.

PLANNING A SECURE BASELINE INSTALLATION

Operating System Concepts

Computer Security Protection in general purpose Operating Systems

Operating Systems Concepts

Protection Mechanisms in Security Management

A Model For Network Security

Presentation transcript:

Module 2 OBJECTIVE 14: Compare various security mechanisms. GROUP ONE Module 2 OBJECTIVE 14: Compare various security mechanisms.

Access control. Access control is a security technique that regulates who or what can view or use resources in a computing environment. It is a fundamental concept in security that minimizes risk to the business or organization. There are two types of access control, physical and logical. Physical access control limits access to campuses, buildings, rooms and physical IT assets. Logical access control limits connections to computer networks, system files and data.

Access control systems perform identification, authentication and authorization of users and entities by evaluating required login credentials that can include passwords (not obvious, suitable length, mixed case), personal identification numbers (PINs), biometric scans or other authentication factors. Multifactor authentication which requires two or more authentication factors, is often an important part of layered defense to protect access control systems.

identification When issuing identification values to users or subjects, ensure that, Each value should be unique, for user accountability A standard naming scheme should be followed The values should be non-descriptive of the users position or task The values should not be shared between the users.

authentication There are 3 general factors for authenticating a subject. Something a person knows- E.g.: passwords, PIN- least expensive, least secure Something a person has – E.g.: Access Card, key- expensive, secure Something a person is- E.g.: Biometrics- most expensive, most secure

Authentication methods Biometrics Verifies an individuals identity by analyzing a unique personal attribute or behavior It is the most effective and accurate method for verifying identification. It is the most expensive authentication mechanism Passwords It is the most common form of system identification and authentication mechanism A password is a protected string of characters that is used to authenticate an individual Password Management Password should be properly guaranteed, updated, and kept secret to provide and effective security Passwords generators can be used to generate passwords that are uncomplicated, pronounceable, non-dictionary words

authorization Authorization is finding out if the person, once identified, is permitted to have the resource. This is usually determined by finding out if that person is a part of a particular group, if that person has paid admission, or has a particular level of security clearance.

Physical access control Physical access control refers to the selective restriction of access to a space. Examples of physical access control include fob controlled gates, RFID doors and password protected IT systems. It’s important for access control measures to be able to adapt with changing access requirements. Adaptable access control measures provide a smooth transition between restriction and access. However, ease of transition must be carefully balanced with security. The best physical access measures are both secure and adaptable.

Examples of Physical Control Fences Locks Badge system Security guard Biometric system Mantrap doors Lighting Motion detectors Closed-circuit TVs Alarms Backups safe storage area of backups

LOGICAL ACCESS CONTROL. Logical access control generally features identification, authentication and authorization protocols. This is different than physical access control which utilizes keys, badges, or other tokens to allow access to certain areas. Businesses, organizations and other entities typically use a broad range of logical access controls to protect hardware. These controls might include the use of sophisticated password programs, advanced biometric security features or other methods that effectively identify and screen users. The exact type of logical access control used depends on the entity that owns and administrates the hardware setup.

While physical access control limits access to buildings, rooms, areas and IT assets, logical access control limits connections to computer networks, system files and data.

Physical access control devices. Proximity Card Access System Smart Card Access System Key Fob Access System Swipe Card Access System Multi-Technology Access System Biometric Access System Mobile Access System

Examples of logical control User Account Management Violation and Security Activity Reports Firewalls Passwords Account restrictions Access control list Group policies

Passwords characteristics A password is a basic security mechanism that consists of a secret pass phrase created using different characters. A good password consist of: Characters Numbers alphanumeric and symbolic characters combination must contain 8 to 16 characteristic Upper Case letters Lower case letters

Encryptions Encryption is the process of using an algorithm to transform information to make it unreadable for unauthorized users. This cryptographic method protects sensitive data such as credit card numbers by encoding and transforming information into unreadable cipher text. This encoded data may only be decrypted or made readable with a key. Symmetric-key and asymmetric-key are the two primary types of encryption. Encryption is essential for ensured and trusted delivery of sensitive information

firewall A firewall is software used to maintain the security of a private network. Firewalls block unauthorized access to or from private networks and are often employed to prevent unauthorized Web users or illicit software from gaining access to private networks connected to the Internet. A firewall may be implemented using hardware, software, or a combination of both. A firewall is recognized as the first line of defense in securing sensitive information. For better safety, the data can be encrypted.