{"id":1340,"date":"2010-07-07T12:12:54","date_gmt":"2010-07-07T06:42:54","guid":{"rendered":"https:\/\/www.qadit.com\/blog\/?p=1340"},"modified":"2010-08-31T11:48:55","modified_gmt":"2010-08-31T06:18:55","slug":"securing-information-through-identification-authentication-and-authorisation","status":"publish","type":"post","link":"https:\/\/qadit.com\/blog\/securing-information-through-identification-authentication-and-authorisation\/","title":{"rendered":"Securing information through Identification, Authentication and Authorisation"},"content":{"rendered":"<p style=\"text-align: justify\">Authentication is a critical component of the access control mechanisms implemented by organizations to secure information. Underlying principle of logical access control is to identify whether a user is in fact the right person whom he claims to be and provide the right type of access to that person.<!--more--><\/p>\n<p style=\"text-align: justify\">From the above explanation we can identify the three steps involved in implementing logical access controls viz. (a) Identification   (b) Authentication   (c) Authorization.<\/p>\n<p style=\"text-align: justify\">In the section below, let us look at the definition of each of these steps and tools used to accomplish their objectives.<\/p>\n<p style=\"text-align: justify\"><strong>1.\tIdentification<\/strong><\/p>\n<p style=\"text-align: justify\">The person trying to access an information asset or a network resource, must identify himself. It should be borne in mind that the identification component should be unique to each user and should not be shared among users.<\/p>\n<p style=\"text-align: justify\">Tools: User name, user id, employee number<\/p>\n<p style=\"text-align: justify\"><strong>2.\tAuthentication<\/strong><\/p>\n<p style=\"text-align: justify\">After a person has identified himself, he needs to prove that he is who he says he is.  In other words, the identification information is being verified through authentication.<\/p>\n<p style=\"text-align: justify\">Tools: Authentication can be implemented through the following means:<\/p>\n<p style=\"text-align: justify\">a.\tAuthentication by knowledge (something the user knows) \u2013 password, PIN.<br \/>\nb.\tAuthentication by ownership (something the user has) \u2013 Smart Card, Swipe Card, Access Card<br \/>\nc.\tAuthentication by characteristic (something the user is) \u2013 Biometrics such as fingerprint, retina scan, facial scan, voice print<\/p>\n<p style=\"text-align: justify\"><strong>3.\tAuthorization<\/strong><\/p>\n<p style=\"text-align: justify\">On completion of authentication, the system must establish whether the user is authorized to access the system or its various modules. Authorisation also determines what actions the user is permitted to perform on that system or module.<\/p>\n<p style=\"text-align: justify\">Tools: Access control matrix containing roles, profiles and privileges.<\/p>\n<p style=\"text-align: justify\">The above are pre-emptive steps in logical access control. These are followed by a post-mortem control viz. \u2018Accountability\u2019. \u2018Accountability\u2019 is the process of recording the actions done by the user and uniquely identifying them to the user. This is being accomplished by enabling audit trails and logs in the systems.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Authentication is a critical component of the access control mechanisms implemented by organizations to secure information. Underlying principle of logical access control is to identify whether a user is in fact the right person whom he claims to be and provide the right type of access to that person.<\/p>\n","protected":false},"author":4,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"jetpack_post_was_ever_published":false,"_jetpack_newsletter_access":"","_jetpack_dont_email_post_to_subs":false,"_jetpack_newsletter_tier_id":0,"_jetpack_memberships_contains_paywalled_content":false,"_jetpack_memberships_contains_paid_content":false,"footnotes":"","jetpack_publicize_message":"","jetpack_publicize_feature_enabled":true,"jetpack_social_post_already_shared":false,"jetpack_social_options":{"image_generator_settings":{"template":"highway","enabled":false},"version":2}},"categories":[12],"tags":[121],"class_list":["post-1340","post","type-post","status-publish","format-standard","hentry","category-itsec","tag-authentication"],"jetpack_publicize_connections":[],"jetpack_featured_media_url":"","jetpack_sharing_enabled":true,"jetpack_shortlink":"https:\/\/wp.me\/p9AH7Q-lC","_links":{"self":[{"href":"https:\/\/qadit.com\/blog\/wp-json\/wp\/v2\/posts\/1340","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/qadit.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/qadit.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/qadit.com\/blog\/wp-json\/wp\/v2\/users\/4"}],"replies":[{"embeddable":true,"href":"https:\/\/qadit.com\/blog\/wp-json\/wp\/v2\/comments?post=1340"}],"version-history":[{"count":0,"href":"https:\/\/qadit.com\/blog\/wp-json\/wp\/v2\/posts\/1340\/revisions"}],"wp:attachment":[{"href":"https:\/\/qadit.com\/blog\/wp-json\/wp\/v2\/media?parent=1340"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/qadit.com\/blog\/wp-json\/wp\/v2\/categories?post=1340"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/qadit.com\/blog\/wp-json\/wp\/v2\/tags?post=1340"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}