Information Security Resources

Entries Tagged ‘Authentication’

Authentication, Authorization, and Identification – The three pillars of Access Control

I wrote this article because I need to talk about this topic to a group of local bank executives. What I have in mind is how to get them to understand the vague differences between these three terms using illustrations from our daily lives. For these reasons, I picked up a number of books to […]

Leave a Comment


What are RADIUS AAA Servers? According to Convery, S.(2007)1: “RADIUS was developed by Livingston Enterprises (now part of Alcatel-Lucent) in the early 1990s, became an Internet standard through the IETF in 1997, and today is the most widely accepted AAA protocol. Another widely adopted AAA protocol, which predates RADIUS as an RFC by four years, […]

Leave a Comment

Operations Security: Audit and Accountability

The accountability portion of security control refers to holding system users responsible for their actions by constantly monitoring all activities within the system. Consistently logging and auditing activities are ways that we monitor the system to ensure proper tracking of computer misuse. For example, as part of the auditing process, the following activities should be […]

Leave a Comment