close
test_template

Cyber Security Measures: Authorization, Authentication, and Accountability

Human-Written
download print

About this sample

About this sample

close
Human-Written

Words: 1647 |

Pages: 2|

9 min read

Published: Jun 5, 2019

Words: 1647|Pages: 2|9 min read

Published: Jun 5, 2019

Table of contents

  1. Abstract
  2. Introduction
  3. Authentication
  4. Types of authentication
  5. Authorization
  6. Accountability
  7. Applications
  8. Application in Internet of things
  9. Applications in cloud computing
  10. Summary

Abstract

Cyber security indicates towards the practice of protecting data from unofficial access. To withstand these security challenges different security measures are used. The field is becoming more important because of increased dependency on computer systems. Authentication, authorization and accountability plays an important role in safeguarding the data in online security systems and software applications. User is identified by the authorization process. authorization process begin after authentication for the better security purpose, authentication and authorization should be incorporated into any website, especially those who deal with online transaction and personal information. Accountability refers to the willingness to accept the responsibility in protecting the data through various measures such as by record keeping and tracking the user activities. The regulator state that financial investors, business are at greater risk due to cyber crime data theft by the cyberpunk. With increasing technologies the cyber security has enhanced with an advantage for defenders over attackers.

Introduction

In the upcoming world cyber security is emerging as a vast challenge for security measures. The world is moving ahead with the use of new technologies, dealing with online services. So cyber security has emerged a big question in front of society and it’s preventive measures. Cyber security is the act of protecting networks and computer systems from unofficial access through cyberpunks who damages the software, electronic data and also from the individuals who misuse the data. Due to increasing dependency on computers and smart devices, the cyber security is more focused. The mostly targeted consumer devices are laptops and desktop computer from where cyber criminals gather financial account information, passwords etc. In order to protect the computer system, it's important to learn about the threats and attacks and the precautions to be used. The authentication, authorization and accountability plays an important role in securing data. Each individual term has specific function and the objective.

Authentication

Authentication is the practice of identifying users identity. It confirms the users identity. Authentication starts when the user enters their username, allowing system to confirm their identity. After entering the user details the system is allowed to confirm the identity. The authentication process compares the users credentials with the details that exist already on files. At last, once the identity is matched, the authentication process is completed. In short authentication works on the fact that the only user is known to the password. But password authentication is not more effective method in securing the data. Password authentication can be replaced by two more alternatives and the alternatives are by e-mail authentication and by the biometric authentication. For more efficient security, the companies should implement a strong authentication system to keep data safe from unofficial access. To prevent data accessing from unofficial persons, companies should incorporate one or more password alternatives together. So that it becomes difficult for cyberpunk to crack the password.

Email authentication is a method by which user can securely log in without using the password just by using email address. During email authentication the first step is that the user clicks the login button and opens a mail to link that directs the person to prewritten email. The user sends the email by using token based security checks, the users identity is verified.

Biometric authentication is a method by which user can securely log in by using users biology. The most common biometric authentication is fingerprint scanning.

Users identification is one of the biggest challenge in the Information technology department. So to overcome these security issues different authentication protocols are introduced-

  • Remote authentication dial in user service. These service is supported on variety of platforms and devices. For centralized authentication, remote authentication dial in user service is an networking protocol used. It is available on almost on many server operating system like window, Linux and many more.
  • Kerberos. It is also an network authentication protocol. It provides a strong authentication for user and server application by the use of secret key called cryptography. Massachusetts Institute of technology has introduced a cost free version of this protocol. In commercial products services Kerberos is used. It also provides mutual authentication. Microsoft has start the use of Kerberos services in windows 2000.

Types of authentication

Depending on the type of authentication, the level of security also changes. They are categorized in following types:

  • Strong authentication- This type of authentication is a practice which depends on two or more authentication factors. The factors used here should be mutually independent.
  • Continuous authentication- Many a times the user is authenticated only at the initial login stage, so it can cause a security threat. So to overcome the threat continuous user authentication methods are used based on some biometric trait.
  • Digital authentication- The term digital authentication refers to electronic methods by which user confidential identity is maintained. The American national Institute of standard and technology has created a generic model which includes process enrollment, authentication, life-cycle for better security purpose.

Authorization

A security which helps to identify user related to system sources and the access level such as files, data, services and the programs. An authorization policy specifies what the users identity is allowed to do. Most commonly authorization is predate by authentication for users identification. Authorization process verifies the user identity and grant permissions to access the resources that is the data stored. To manage security, most of the multiuser operating systems is dependent on the effective design of authorization policy. The authorization is based on authentication mechanism like security policy, integration and active directory. The concept of authorization can be clear by an example, any bank consumer can create an account and use it to log into the bank online services. At these movement authentication confirms the user identity with the help of authentication process and authorization helps the user to access the documents and files by granting permission to user after authentication.

An common authorization policy can be shared in a group of identities. Most frequently, user is aware of authorization policy when an individual uses social media like Twitter, Facebook or LinkedIn. Use of authorization process is an important part of securing data from unofficial access. It seeks the user permission about what user is able to do. Security authentication and security authorization can be an effective measure against phishing, which is an attempt to acquire sensitive information from user such as user name, password and credit card details by deceiving them. By combining one or more password together a strong password can be bring into existence.

The authentication is followed by authorization, one step is incomplete without the other. For better security purpose authentication and authorization should be incorporated into a website, especially those who deals with online transactions and personal information.

Accountability

Accountability is different concept from authentication and authorization. It studies the responsibilities of an individual regarding the security measures taken. It refers to the act of accepting the duties of an individual working with information system. Each individual working with online data and applications have specific responsibilities for information assurance. The user is responsible for planning overall information protection plan. The information security should be check at proper intervals of time.

Applications

Application in Internet of things

Internet of things are gaining more importance from the scientific community. So it is become of more important to enhance maintainability, usability, security and development of best practices in the field of internet of things. Research in field of internet of things is applicable at various application layer such as authentication and authorization. The problem of access control emerged, when computers began to used for data management and storage with multiple uses. Here access methods deals with authorization and not with authentication. Authorization specifies special action. In internet of things it is not limited to passwords but as well it includes security questions, their interaction history and other details. Multifactor authentication is a frequent practice done to increase the security. The first level includes identifying the user by providing little information and credentials. As application becomes more complex, the information required for user authorization grew to include roles or identity attributes.

Applications in cloud computing

When the customer application are organized in cloud, an authentication and authorization plug in model helps user to obtain their control on their business information. In cloud computing, the user is able to register their own authentication and authorization security module with cloud security service. Here the user should use strong passwords and authentication measures. Data is at greater risk from inside attackers than the outsiders. According to cloud computing treaty report, in cloud computing inside attacks are the sixth biggest danger in cloud computing. So to provide security they provide logical storage segregation and data isolation. The system can be strengthen against incidents by using preventive controls. For instance cloud users can use strong authentication, making it safe from unofficial access. The use of encryption technique for security purpose. Her biometric authentication can be used instead of password authentication. So that it becomes somewhere difficult for cyberpunk to access the sensitive data.

Get a custom paper now from our expert writers.

Summary

As discussed on the topic authentication, authorization and accountability. It helps to secure the data by use of different tools such as protocols to safeguard the data from unofficial access. In short, authentication sees that the person trying to access the particular application is the user or not. By using password and various authentication factors. Further based on identification, authorization helps to know about what access permissions are granted to the user. All around, the user is authenticated based on AAA server. AAA server stands for Authentication, Authorization and Accounting. Security issues arises due to failure In security measures. For securing data its necessary to withstand the all basic security measures such as authentication, authorization and accountability. accountability helps to make user aware of their responsibilities. It also introduced to the application of authentication, authorization and accountability in clod computing system and also in the internet of the things.

Image of Alex Wood
This essay was reviewed by
Alex Wood

Cite this Essay

Authentication and Authorization. (2022, December 27). GradesFixer. Retrieved November 19, 2024, from https://gradesfixer.com/free-essay-examples/authentication-and-authorization/
“Authentication and Authorization.” GradesFixer, 27 Dec. 2022, gradesfixer.com/free-essay-examples/authentication-and-authorization/
Authentication and Authorization. [online]. Available at: <https://gradesfixer.com/free-essay-examples/authentication-and-authorization/> [Accessed 19 Nov. 2024].
Authentication and Authorization [Internet]. GradesFixer. 2022 Dec 27 [cited 2024 Nov 19]. Available from: https://gradesfixer.com/free-essay-examples/authentication-and-authorization/
copy
Keep in mind: This sample was shared by another student.
  • 450+ experts on 30 subjects ready to help
  • Custom essay delivered in as few as 3 hours
Write my essay

Still can’t find what you need?

Browse our vast selection of original essay samples, each expertly formatted and styled

close

Where do you want us to send this sample?

    By clicking “Continue”, you agree to our terms of service and privacy policy.

    close

    Be careful. This essay is not unique

    This essay was donated by a student and is likely to have been used and submitted before

    Download this Sample

    Free samples may contain mistakes and not unique parts

    close

    Sorry, we could not paraphrase this essay. Our professional writers can rewrite it and get you a unique paper.

    close

    Thanks!

    Please check your inbox.

    We can write you a custom essay that will follow your exact instructions and meet the deadlines. Let's fix your grades together!

    clock-banner-side

    Get Your
    Personalized Essay in 3 Hours or Less!

    exit-popup-close
    We can help you get a better grade and deliver your task on time!
    • Instructions Followed To The Letter
    • Deadlines Met At Every Stage
    • Unique And Plagiarism Free
    Order your paper now