Information Security Resources

Entries Tagged ‘Access Control’

Authentication, Authorization, and Identification – The three pillars of Access Control

I wrote this article because I need to talk about this topic to a group of local bank executives. What I have in mind is how to get them to understand the vague differences between these three terms using illustrations from our daily lives. For these reasons, I picked up a number of books to […]

Leave a Comment

Operations Security: Audit and Accountability

The accountability portion of security control refers to holding system users responsible for their actions by constantly monitoring all activities within the system. Consistently logging and auditing activities are ways that we monitor the system to ensure proper tracking of computer misuse. For example, as part of the auditing process, the following activities should be […]

Leave a Comment

Kerberos Authentication and Single Sign-On Access Control

Kerberos Authentication: In Greek mythology, Kerberos is the monstrous three-headed dog that guards the entrance to Hades. Indeed, we can view modern-day Kerberos Authentication as the god who guards the entrance to a network’s resources. Kerberos Authentication, a computer network authorization protocol, was originally invented and published by MIT. This system allows individuals communicating over […]

Leave a Comment