Presentation is loading. Please wait.

Presentation is loading. Please wait.

Module 2 OBJECTIVE 14: Compare various security mechanisms.

Published byHorace Williamson Modified over 5 years ago

Similar presentations

Presentation on theme: "Module 2 OBJECTIVE 14: Compare various security mechanisms."— Presentation transcript:

1 Module 2 OBJECTIVE 14: Compare various security mechanisms.
GROUP ONE Module 2 OBJECTIVE 14: Compare various security mechanisms.

2 Access control. Access control is a security technique that regulates who or what can view or use resources in a computing environment. It is a fundamental concept in security that minimizes risk to the business or organization. There are two types of access control, physical and logical. Physical access control limits access to campuses, buildings, rooms and physical IT assets. Logical access control limits connections to computer networks, system files and data.

3 Access control systems perform identification, authentication and authorization of users and entities by evaluating required login credentials that can include passwords (not obvious, suitable length, mixed case), personal identification numbers (PINs), biometric scans or other authentication factors. Multifactor authentication which requires two or more authentication factors, is often an important part of layered defense to protect access control systems.

4 identification When issuing identification values to users or subjects, ensure that, Each value should be unique, for user accountability A standard naming scheme should be followed The values should be non-descriptive of the users position or task The values should not be shared between the users.

5 authentication There are 3 general factors for authenticating a subject. Something a person knows- E.g.: passwords, PIN- least expensive, least secure Something a person has – E.g.: Access Card, key- expensive, secure Something a person is- E.g.: Biometrics- most expensive, most secure

6 Authentication methods
Biometrics Verifies an individuals identity by analyzing a unique personal attribute or behavior It is the most effective and accurate method for verifying identification. It is the most expensive authentication mechanism Passwords It is the most common form of system identification and authentication mechanism A password is a protected string of characters that is used to authenticate an individual Password Management Password should be properly guaranteed, updated, and kept secret to provide and effective security Passwords generators can be used to generate passwords that are uncomplicated, pronounceable, non-dictionary words

7 authorization Authorization is finding out if the person, once identified, is permitted to have the resource. This is usually determined by finding out if that person is a part of a particular group, if that person has paid admission, or has a particular level of security clearance. 

8 Physical access control
Physical access control refers to the selective restriction of access to a space. Examples of physical access control include fob controlled gates, RFID doors and password protected IT systems. It’s important for access control measures to be able to adapt with changing access requirements. Adaptable access control measures provide a smooth transition between restriction and access. However, ease of transition must be carefully balanced with security. The best physical access measures are both secure and adaptable.

9 Examples of Physical Control
Fences Locks Badge system Security guard Biometric system Mantrap doors Lighting Motion detectors Closed-circuit TVs Alarms Backups safe storage area of backups

10 LOGICAL ACCESS CONTROL.
Logical access control generally features identification, authentication and authorization protocols. This is different than physical access control which utilizes keys, badges, or other tokens to allow access to certain areas. Businesses, organizations and other entities typically use a broad range of logical access controls to protect hardware. These controls might include the use of sophisticated password programs, advanced biometric security features or other methods that effectively identify and screen users. The exact type of logical access control used depends on the entity that owns and administrates the hardware setup.

11 While physical access control limits access to buildings, rooms, areas and IT assets, logical access control limits connections to computer networks, system files and data.

12 Physical access control devices.
Proximity Card Access System Smart Card Access System Key Fob Access System Swipe Card Access System Multi-Technology Access System Biometric Access System Mobile Access System

13 Examples of logical control
User Account Management Violation and Security Activity Reports Firewalls Passwords Account restrictions Access control list Group policies

14 Passwords characteristics
A password is a basic security mechanism that consists of a secret pass phrase created using different characters. A good password consist of: Characters Numbers alphanumeric and symbolic characters combination must contain 8 to 16 characteristic Upper Case letters Lower case letters

15 Encryptions Encryption is the process of using an algorithm to transform information to make it unreadable for unauthorized users. This cryptographic method protects sensitive data such as credit card numbers by encoding and transforming information into unreadable cipher text. This encoded data may only be decrypted or made readable with a key. Symmetric-key and asymmetric-key are the two primary types of encryption.  Encryption is essential for ensured and trusted delivery of sensitive information

16 firewall A firewall is software used to maintain the security of a private network. Firewalls block unauthorized access to or from private networks and are often employed to prevent unauthorized Web users or illicit software from gaining access to private networks connected to the Internet. A firewall may be implemented using hardware, software, or a combination of both. A firewall is recognized as the first line of defense in securing sensitive information. For better safety, the data can be encrypted.

Download ppt "Module 2 OBJECTIVE 14: Compare various security mechanisms."

Similar presentations

Computer Security Computer Security is defined as:

Computer Security Computer Security is defined as:
Networks. User access and levels Most network security involves users having different levels of user access to the network. The network manager will.

Networks. User access and levels Most network security involves users having different levels of user access to the network. The network manager will.
Protection of personal mobile computer devices Information Security Isaac Fernandes, mci12009 Sofia Nunes, mci12014.

Protection of personal mobile computer devices Information Security Isaac Fernandes, mci12009 Sofia Nunes, mci12014.
Access Control Methodologies

Access Control Methodologies
Authentication Chapter 2. Learning Objectives Create strong passwords and store them securely Understand the Kerberos authentication process Understand.

Authentication Chapter 2. Learning Objectives Create strong passwords and store them securely Understand the Kerberos authentication process Understand.
19.1 Silberschatz, Galvin and Gagne ©2003 Operating System Concepts with Java Chapter 19: Security The Security Problem Authentication Program Threats.

19.1 Silberschatz, Galvin and Gagne ©2003 Operating System Concepts with Java Chapter 19: Security The Security Problem Authentication Program Threats.
Principles of Information Security, 2nd edition1 Cryptography.

Principles of Information Security, 2nd edition1 Cryptography.
CSI 400/500 Operating Systems Spring 2009 Lecture #20 – Security Measures Wednesday, April 29 th.

CSI 400/500 Operating Systems Spring 2009 Lecture #20 – Security Measures Wednesday, April 29 th.
Lesson 11-Virtual Private Networks. Overview Define Virtual Private Networks (VPNs). Deploy User VPNs. Deploy Site VPNs. Understand standard VPN techniques.

Lesson 11-Virtual Private Networks. Overview Define Virtual Private Networks (VPNs). Deploy User VPNs. Deploy Site VPNs. Understand standard VPN techniques.
Security Awareness: Applying Practical Security in Your World

Security Awareness: Applying Practical Security in Your World
Silberschatz, Galvin and Gagne  2002 19.1 Operating System Concepts Module 19: Security The Security Problem Authentication Program Threats System Threats.

Silberschatz, Galvin and Gagne  Operating System Concepts Module 19: Security The Security Problem Authentication Program Threats System Threats.
Lesson 9-Securing a Network. Overview Identifying threats to the network security. Planning a secure network.

Lesson 9-Securing a Network. Overview Identifying threats to the network security. Planning a secure network.
Chapter 10: Authentication Guide to Computer Network Security.

Chapter 10: Authentication Guide to Computer Network Security.
Securing Windows 7 Lesson 10. Objectives Understand authentication and authorization Configure password policies Secure Windows 7 using the Action Center.

Securing Windows 7 Lesson 10. Objectives Understand authentication and authorization Configure password policies Secure Windows 7 using the Action Center.
AIS, 20141 Passwords Should not be shared Should be changed by user Should be changed frequently and upon compromise (suspected unauthorized disclosure)

AIS, Passwords Should not be shared Should be changed by user Should be changed frequently and upon compromise (suspected unauthorized disclosure)
BUSINESS B1 Information Security.

BUSINESS B1 Information Security.
The University of Akron Dept of Business Technology Computer Information Systems DBMS Functions 2440: 180 Database Concepts Instructor: Enoch E. Damson.

The University of Akron Dept of Business Technology Computer Information Systems DBMS Functions 2440: 180 Database Concepts Instructor: Enoch E. Damson.
E-Commerce Security Technologies : Theft of credit card numbers Denial of service attacks (System not availability ) Consumer privacy (Confidentiality.

E-Commerce Security Technologies : Theft of credit card numbers Denial of service attacks (System not availability ) Consumer privacy (Confidentiality.
3.3 Digital Communication Security. Overview Demonstrate knowledge and understanding of basic network security measures, e.g. passwords, access levels,

3.3 Digital Communication Security. Overview Demonstrate knowledge and understanding of basic network security measures, e.g. passwords, access levels,
Protecting Internet Communications: Encryption  Encryption: Process of transforming plain text or data into cipher text that cannot be read by anyone.

Protecting Internet Communications: Encryption  Encryption: Process of transforming plain text or data into cipher text that cannot be read by anyone.

Similar presentations

Ads by Google