Week Essay Questions
Name:
Institution:
Course Code:
Week Essay Questions
Question I
Access control systems are of integral importance to organizations, as they help in securing credentials and identities. They identify various subjects, like users, and grant them authorization to access resources during different tasks. The three major types of these systems include Role -Based Access Control (RBAC), Discretionary Access Control (DAC), and Mandatory Access Control (MAC) (Mudarri et al., 2015). DAC access control systems base the authorization of access on user-specific standards. The key principal behind the controls is that subjects can chose who can access their objects. Primarily, DAC systems leverage the use of ACLs and capability tables, and the latter contain rows and columns that stipulate “subject” and “object,” respectively. In the context of application, DAC models are utilized by systems like Microsoft windows file, which are typically utilized by many users.
Question II
In the digital age, phrases like “Multi-Factor Authorization” and Dual-Factor Authorization are growing in popularity by the day. Rising cases of cyberattacks have left many users disenchanted about the security capabilities of passwords. A factor is atypical form of authentication that requires users to justify their identity. There are several factors of information that can be utilized for authentication. One, data can be regarded as “something you know” or the “knowledge factor” if user keeps it in memory and can present it at any point. Examples of these include passwords, personal identification numbers, or security questions. The second category is classified as “something you have” or the “ownership factor,” which represents anything that can be carried physically. For instance, a bank can request for a token to authorize a transfer, most of which expire after few seconds. Personal Identity Verification cards are also fall under this category and they are primarily used by federal agencies to distinguish personnel. Third, the “biometric factor” entails something that the user is, which could include behavior or biometrics (Ometov et al., 2018). For instance, security protocols in federal buildings perform fingerprint verification or facial recognition to identify visitors.
Question III
IT governance entails administering decision-making duties within an organization, particularly, along with implementing policies and procedures that support IT-related decisions. Decentralized IT systems give different business units the autonomy in managing their IT resources. The pros of this approach are that individual departments have more flexibility and control over various processes. On the contrary, in centralized IT systems, information resources and all related decisions are left to a specific business unit that serves the entire firm. This form of management enables firms to exert efficient and economical control in the IT function. However, the systems can be relatively expensive in the long-term, due to high costs of hiring professionals, inflexibility, and added bureaucracy.
Implementing centralized systems requires AAA frameworks and Access Control Servers for authentication. Also, organizations can apply three types of protocols, DIAMETER, RADIUS, AND TACACS, to control client-server communication. TACACS is a Cisco-owned tool that controls information flow between Cisco-servers and clients. RADIUS, on the other hand, can authorize communication between any type of AAA client and server. Therefore, if a company doesn’t procure its resources from Cisco, it has to utilize RADIUS protocols. Finally, DIAMETER is an upgrade of the RADIUS protocol that typically provides an upgrade path. BOTH tools use the AAA framework, but the difference is that RADIUS is purely a client-server protocol, while DIAMETER is more of a peer-to-peer system.
References
Mudarri, T., Al-Rabeei, S. A., & Abdo, S. A.-R. (2015). Security fundamentals: Access control models. International Journal of Interdisciplinary in Theory and Practice, 259-262.
Ometov, A., Bezzateev, S., Mäkitalo, N., & Andreev, S. (2018). Multi-Factor Authentication: A Survey. Cryptography., 2(1), 1-31.