Presentation is loading. Please wait.

Presentation is loading. Please wait.

Access Control Chapter 3 Part 4 Pages 227 to 241.

Published byCorey Lindsey Modified over 8 years ago

Similar presentations

Presentation on theme: "Access Control Chapter 3 Part 4 Pages 227 to 241."— Presentation transcript:

1 Access Control Chapter 3 Part 4 Pages 227 to 241

2 Rule-Based Access Control See page 228 Traditionally, used with MAC See page 228 Many routers and firewall use rules to determine which packets are allowed in

3 Constrained User Interfaces Restricted menus Database views – Page 229 Figure 3-17 ATM machines

4 Access Control Matrix Figure 3-18 on page 230 Capability Tables – Table 3-1 on page 230 – Figure 3-18 on page 230 – Kerberos – user’s ticket is his capability table Access Control List (ACLs) – Table 3-2 on page 231 – Figure 3-18 on page 230

5 Content-Dependent Access Control Example e-mail filter – Specific string such as “social security number”, “top secret” Example web filter for employees – “gambling”, “pornography”

6 Context-Dependent Access Control Stateful Firewalls – Make sure there is a TCP connection Tracks user’s request in sequence looking for suspicious patterns

7 Access Control Techniques Page 233

8 Centralized Access Control Administration One entity oversees access to all corporate resources Consistent and uniform method of controlling user access AAA protocols – Authentication – Authorization – Auditing

9 RADIUS Network protocol that provides client/server authentication, authorization, and auditing of remote users. Most ISP use RADIUS – Customer provides username and password – Customer is given an IP address and Internet access Used for Road warriors and home workers.

10 TACACS+ Similar to RADIUS RADIUS uses UDP TACACS+ uses TCP – Detects packet corruption, dropped packets Encrypts all data If current environment authenticates users using Kerberos, TACACS+ can authenticate remote user’s in the same manner.

11 RADIUS vs TACACS+ RADIUS is the appropriate protocol when simplistic username/password authentication when need only Accept or Deny TACACS+ for more sophisticated authentication and complex authorization See Table 3-3 on page 238

12 Diameter Protocol built on functionality of RADIUS but for today’s diverse networks See Figure 3-21 on page 239

13 Decentralized Administration Give access control to those closer to the resources Manager for his employees Does not provide uniformity

Download ppt "Access Control Chapter 3 Part 4 Pages 227 to 241."

Similar presentations

Authenticating Users. Objectives Explain why authentication is a critical aspect of network security Explain why firewalls authenticate and how they identify.

Authenticating Users. Objectives Explain why authentication is a critical aspect of network security Explain why firewalls authenticate and how they identify.
Securing the Router Chris Cunningham.

Securing the Router Chris Cunningham.
Security+ Guide to Network Security Fundamentals, Fourth Edition

Security+ Guide to Network Security Fundamentals, Fourth Edition
Chapter 12 Network Security.

Chapter 12 Network Security.
K. Salah 1 Chapter 31 Security in the Internet. K. Salah 2 Figure 31.5 Position of TLS Transport Layer Security (TLS) was designed to provide security.

K. Salah 1 Chapter 31 Security in the Internet. K. Salah 2 Figure 31.5 Position of TLS Transport Layer Security (TLS) was designed to provide security.
Mgt 20600: IT Management & Applications Telecommuncations and Networks Tuesday March 28, 2006.

Mgt 20600: IT Management & Applications Telecommuncations and Networks Tuesday March 28, 2006.
Access Controls Supervised by: Dr.Lo’ai Tawalbeh Prepared by: Abeer Saif.

Access Controls Supervised by: Dr.Lo’ai Tawalbeh Prepared by: Abeer Saif.
(Remote Access Security) AAA. 2 Authentication User named flannery dials into an access server that is configured with CHAP. The access server will.

(Remote Access Security) AAA. 2 Authentication User named "flannery" dials into an access server that is configured with CHAP. The access server will.
ISA 3200 NETWORK SECURITY Chapter 10: Authenticating Users.

ISA 3200 NETWORK SECURITY Chapter 10: Authenticating Users.
Chapter 16 AAA. AAA Components  AAA server –Authenticates users accessing a device or network –Authorizes user to perform specific activities –Performs.

Chapter 16 AAA. AAA Components  AAA server –Authenticates users accessing a device or network –Authorizes user to perform specific activities –Performs.
FIREWALLS & NETWORK SECURITY with Intrusion Detection and VPNs, 2 nd ed. 10 Authenticating Users By Whitman, Mattord, & Austin© 2008 Course Technology.

FIREWALLS & NETWORK SECURITY with Intrusion Detection and VPNs, 2 nd ed. 10 Authenticating Users By Whitman, Mattord, & Austin© 2008 Course Technology.
Principles of Computer Security: CompTIA Security + ® and Beyond, Third Edition © 2012 Principles of Computer Security: CompTIA Security+ ® and Beyond,

Principles of Computer Security: CompTIA Security + ® and Beyond, Third Edition © 2012 Principles of Computer Security: CompTIA Security+ ® and Beyond,
Chapter 2 Networking Overview. Figure 2.1 Generic protocol layers move data between systems.

Chapter 2 Networking Overview. Figure 2.1 Generic protocol layers move data between systems.
RADIUS Server PAP & CHAP Protocols. Computer Security  In computer security, AAA protocol commonly stands for authentication, authorization and accounting.

RADIUS Server PAP & CHAP Protocols. Computer Security  In computer security, AAA protocol commonly stands for authentication, authorization and accounting.
Chapter 18 RADIUS. RADIUS  Remote Authentication Dial-In User Service  Protocol used for communication between NAS and AAA server  Supports authentication,

Chapter 18 RADIUS. RADIUS  Remote Authentication Dial-In User Service  Protocol used for communication between NAS and AAA server  Supports authentication,
Remote Networking Architectures

Remote Networking Architectures
S6C12 - AAA AAA Facts. AAA Defined Authentication, Authorization, and Accounting Central Management of AAA –Information in a single, centralized, secure.

S6C12 - AAA AAA Facts. AAA Defined Authentication, Authorization, and Accounting Central Management of AAA –Information in a single, centralized, secure.
Brian Dwyer – CITA370. Introduction  Network Device Security  Identity Management AAA Process Model ○ Authentication ○ Authorization ○ Accounting (Sometimes.

Brian Dwyer – CITA370. Introduction  Network Device Security  Identity Management AAA Process Model ○ Authentication ○ Authorization ○ Accounting (Sometimes.
Network Security1 – Chapter 3 – Device Security (B) Security of major devices: How to protect the device against attacks aimed at compromising the device.

Network Security1 – Chapter 3 – Device Security (B) Security of major devices: How to protect the device against attacks aimed at compromising the device.
Implementing RADIUS AAA Phil & Rick. Content Terms and Concepts Access Control What is AAA? Benefits of AAA What is RADIUS? Microsoft IAS Overview Installation.

Implementing RADIUS AAA Phil & Rick. Content Terms and Concepts Access Control What is AAA? Benefits of AAA What is RADIUS? Microsoft IAS Overview Installation.

Similar presentations

Ads by Google