Preview

Nt1330 Unit 1 Assignment

Good Essays
Open Document
Open Document
711 Words
Grammar
Grammar
Plagiarism
Plagiarism
Writing
Writing
Score
Score
Nt1330 Unit 1 Assignment
QUESTIONS
1) Describe basic security issue based on authentication and authorization towards company that are given to your group.
2) Work corperatively in group to present e-commerce issue associated with electronic trade and commerce to ensure secured online business transaction in the actual market case study on.

QUESTION 1
EXAMPLE 1

EXAMPLE 2

Authentication and Authorization are two interrelated security concepts. Authentication and authorization are required for a Web page that should be limited to certain users:-

Authentication
Is a process of identifying a user and about verifying whether someone is who they claim to be. Typically, authentication is achieved by the user sharing credentials that somehow verify the user's identity. It usually involves a
…show more content…
On each subsequent use, the user must know and use the previously declared password. The weakness in this system for transactions that are significant is that passwords can often be stolen, accidentally revealed, or forgotten.

Authorization Is the process of determining if an authenticated user has access to the resources they requested. Is finding out if the person, once identified is permitted to manipulate specific resources. This is usually determined by finding out if that person is of a particular role that has access to the resources. Authorization is the function of specifying access rights to resources, which is related to information security and computer security in general and to access control in particular.
During operation, the system uses the access control rules to decide whether access requests consumers shall be approved or disapproved. Resources include individual files or items data, computer programs, computer devices and functionality provided by computer applications. Examples of consumers are computer users, computer programs and other devices on the

You May Also Find These Documents Helpful

  • Good Essays

    lab 5

    • 718 Words
    • 3 Pages

    What is Authorization and how is this concept aligned with Identification and Authentication? Authorization is a set of rights defined for a subject and an object; this concept is aligned with Identification and Authentication because these are the 3 steps to the access control process…

    • 718 Words
    • 3 Pages
    Good Essays
  • Better Essays

    Access control methods are a process that determines what services or company resources an employee has access to. These methods will be used to determine what an employee can and cannot access, as well as ways to make sure that all employees are being granted the correct access levels. Authentication is a process of determining whether someone or something is who or what they say they are. Authentication can be a form of determining whether an employee is actually the person that they say they are. Employees can be authenticated by being able to answer personal questions that only they would know or by providing a username and password that only the employee knows.…

    • 3217 Words
    • 13 Pages
    Better Essays
  • Powerful Essays

    The authentication process is a necessity for safeguarding systems against various forms of security threats, such as password-cracking tools, brute-force or wordbook attacks, abuse of system access rights, impersonation of attested users, and last but not least reply attacks just to name a few. In addition, it is imperative that authentication policies are interchangeable with the organizations in which information is being exchanged if resources are being shared between alternative organizations.…

    • 1478 Words
    • 5 Pages
    Powerful Essays
  • Satisfactory Essays

    07: Password and Ref

    • 4381 Words
    • 33 Pages

    Authentication is the process of ensuring that the individuals trying to access the system are who they claim to be.…

    • 4381 Words
    • 33 Pages
    Satisfactory Essays
  • Better Essays

    Cmgt400 Week 3

    • 1752 Words
    • 8 Pages

    With the advances in technology, authentication has become part of our everyday lives, whether scanning your badge at work, signing for a credit card purchase, or logging into your Facebook/Twitter accounts. Authentication is the act of validating your identity while requesting access to software, purchases, or entry to a secured facility. There are four types of authentication; something you know, something you have, something you are, and something you can produce. When a service requests two or more types of authentication, it is called strong authentication, such as inserting an identification card and providing a password to access a computer workstation.…

    • 1752 Words
    • 8 Pages
    Better Essays
  • Powerful Essays

    The process of confirming a user's identity, usually by requiring the user to supply some sort of token, such as a password or a certificate, is called authentication : Authentication…

    • 1432 Words
    • 7 Pages
    Powerful Essays
  • Good Essays

    LAB 3

    • 368 Words
    • 2 Pages

    It is a two different type of identification process. Like an ID card and a pin code.…

    • 368 Words
    • 2 Pages
    Good Essays
  • Good Essays

    First of all we need to define what authentication accurately is. Authentication is the ability to verify the identity of a user or a computer system on a computer network. (Barker, 2013) There are many forms or variations that authentication can manifest itself depending on the requirements as outlined in the Security Policy published by the business. Most commonly these would include one, two, or three factor configurations to verify the identity of the person requesting access to a resource. If everything associated with the authentication factors are valid and correct for the claimed identity, it is then assumed that the accessing person is who they claim to be. (Stewart, 2011) Some of the most common authentication factors would be something you know such as a password, something you have such as a smart card, and something you are such as a fingerprint.…

    • 630 Words
    • 3 Pages
    Good Essays
  • Powerful Essays

    FINAL Project IS3230

    • 1645 Words
    • 6 Pages

    type of access control by which the operating system constrains the ability of a subject or initiator to access or generally perform some sort of operation on an object or target. In practice, a subject is usually a process or thread; objects are constructs such as files, directories, TCP/UDP ports, shared memory segments, IO devices etc. Subjects and objects each have a set of security attributes. Whenever a subject attempts to access an object, an authorization rule enforced by the operating system kernel examines these security attributes and decides whether the access can take place. Any operation by any subject on any object will be tested against the set of authorization rules (aka policy) to determine if the operation is allowed. A database management system, in its access control mechanism, can also apply mandatory access control; in this case, the objects are tables, views, procedures, etc.…

    • 1645 Words
    • 6 Pages
    Powerful Essays
  • Powerful Essays

    IS3340-Unit 2-Assignment 2

    • 1549 Words
    • 6 Pages

    vi. Each user and workforce member must ensure that their assigned User Identification is appropriately protected and only used for legitimate access to networks, systems, or applications. If a user or workforce members believes their user identification has been comprised, they must report that security incident to the appropriate Security Officer…

    • 1549 Words
    • 6 Pages
    Powerful Essays
  • Powerful Essays

    Privileged Users will be presented the ROB for Users with Privileged Access to Information Systems. Non-Privileged Users are required to select the appropriate ROB at first login per database prior to receiving access to the application. If a user elects to decline the ROB, access to…

    • 1211 Words
    • 5 Pages
    Powerful Essays
  • Good Essays

    Nt1330 Unit 1 Study Guide

    • 508 Words
    • 3 Pages

    Role-based access control (RBAC) is an access policy determined by the system, not the owner. RBAC is used in commercial applications and also in military systems, where multi-level security requirements may also exist. RBAC differs from DAC in that DAC allows users to control access to their resources, while in RBAC, access is controlled at the system level, outside of the user's control. Although RBAC is non-discretionary, it can be distinguished from MAC primarily in the way permissions are handled. MAC controls read and write permissions based on a user's clearance level and additional labels. RBAC controls collections of permissions that may include complex operations such as an e-commerce transaction, or may be as simple as read or write. A role in RBAC can be viewed as a set of…

    • 508 Words
    • 3 Pages
    Good Essays
  • Powerful Essays

    Bus615 Midterm

    • 951 Words
    • 4 Pages

    8. One of the most ineffective ways to set up authentication techniques is by setting up user ID's and passwords.…

    • 951 Words
    • 4 Pages
    Powerful Essays
  • Powerful Essays

    An access control system is fundamental in reducing security issues as well as controlling the personnel allowed to access a given place. Its main objective is to ensure limited persons are granted the rights of access. This access can be granted by checking on criteria such as workplace, home or any other specified locations. The access control system may consist of diverse components that collaborate to ensure the main objective is achieved. An effective control system would ensure privileges for the different users vary according to their access rights or levels; the system under research can monitor and record all activities of access, lock and unlock the doors, cancel privileges when a pass card is lost as well as detect usage of canceled cards (Benantar, 2006).…

    • 1220 Words
    • 5 Pages
    Powerful Essays
  • Satisfactory Essays

    Unit 4 Assignment 4

    • 340 Words
    • 2 Pages

    Because the management of security groups, ACLs, and security settings need to be careful planned, and creating an access control plan that could assist in preventing standard security problems from occurring. Standard security problems that want to prevent from occurring are: Inefficiently protecting network resources and assigning users too much rights and permissions, or too little rights and permissions to perform their daily tasks, or continuously performing ad hoc security configurations to correct security settings. Access control plan will include, Security Strategies: This component will outline general security strategies that deals with all possible threats identified as security risks. Permissions will be given to different users according to their position in the Organization, and security groups should be defined so permissions can be implemented effectively. Security policies: Will determine the configuration settings implement for the Security Settings of…

    • 340 Words
    • 2 Pages
    Satisfactory Essays