This essay has been submitted by a student. This is not an example of the work written by professional essay writers.
Uncategorized

  Week Essay Questions 

Admin 22 Apr 2024

Pssst… we can write an original essay just for you.

Any subject. Any type of essay. We’ll even meet a 3-hour deadline.

GET YOUR PRICE

writers online

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

Week Essay Questions

Name:

Institution:

Course Code:

 

 

 

 

 

 

Week Essay Questions

Question I

Access control systems are of integral importance to organizations, as they help in securing credentials and identities. They identify various subjects, like users, and grant them authorization to access resources during different tasks. The three major types of these systems include Role -Based Access Control (RBAC), Discretionary Access Control (DAC), and Mandatory Access Control (MAC) (Mudarri et al., 2015). DAC access control systems base the authorization of access on user-specific standards. The key principal behind the controls is that subjects can chose who can access their objects. Primarily, DAC systems leverage the use of ACLs and capability tables, and the latter contain rows and columns that stipulate “subject” and “object,” respectively. In the context of application, DAC models are utilized by systems like Microsoft windows file, which are typically utilized by many users.

Question II

In the digital age, phrases like “Multi-Factor Authorization” and Dual-Factor Authorization are growing in popularity by the day. Rising cases of cyberattacks have left many users disenchanted about the security capabilities of passwords. A factor is atypical form of authentication that requires users to justify their identity. There are several factors of information that can be utilized for authentication. One, data can be regarded as “something you know” or the “knowledge factor” if user keeps it in memory and can present it at any point. Examples of these include passwords, personal identification numbers, or security questions. The second category is classified as “something you have” or the “ownership factor,” which represents anything that can be carried physically. For instance, a bank can request for a token to authorize a transfer, most of which expire after few seconds. Personal Identity Verification cards are also fall under this category and they are primarily used by federal agencies to distinguish personnel. Third, the “biometric factor” entails something that the user is, which could include behavior or biometrics (Ometov et al., 2018). For instance, security protocols in federal buildings perform fingerprint verification or facial recognition to identify visitors.

Question III

IT governance entails administering decision-making duties within an organization, particularly, along with implementing policies and procedures that support IT-related decisions. Decentralized IT systems give different business units the autonomy in managing their IT resources. The pros of this approach are that individual departments have more flexibility and control over various processes. On the contrary, in centralized IT systems, information resources and all related decisions are left to a specific business unit that serves the entire firm. This form of management enables firms to exert efficient and economical control in the IT function. However, the systems can be relatively expensive in the long-term, due to high costs of hiring professionals, inflexibility, and added bureaucracy.

Implementing centralized systems requires AAA frameworks and Access Control Servers for authentication. Also, organizations can apply three types of protocols, DIAMETER, RADIUS, AND TACACS, to control client-server communication. TACACS is a Cisco-owned tool that controls information flow between Cisco-servers and clients. RADIUS, on the other hand, can authorize communication between any type of AAA client and server. Therefore, if a company doesn’t procure its resources from Cisco, it has to utilize RADIUS protocols. Finally, DIAMETER is an upgrade of the RADIUS protocol that typically provides an upgrade path. BOTH tools use the AAA framework, but the difference is that RADIUS is purely a client-server protocol, while DIAMETER is more of a peer-to-peer system.

 

 

References

Mudarri, T., Al-Rabeei, S. A., & Abdo, S. A.-R. (2015). Security fundamentals: Access control models. International Journal of Interdisciplinary in Theory and Practice, 259-262.

Ometov, A., Bezzateev, S., Mäkitalo, N., & Andreev, S. (2018). Multi-Factor Authentication: A Survey. Cryptography., 2(1), 1-31.

 

  Remember! This is just a sample.

Save time and get your custom paper from our expert writers

 Get started in just 3 minutes
 Sit back relax and leave the writing to us
 Sources and citations are provided
 100% Plagiarism free
GET CUSTOM ESSAY
Copyright © 2019
error: Content is protected !!
×
Hi, my name is Jenn 👋

In case you can’t find a sample example, our professional writers are ready to help you with writing your own paper. All you need to do is fill out a short form and submit an order

Check Out the Form
Need Help?
Dont be shy to ask