Chapter 10: Access Control Systems and Methodology Flashcards

1
Q

Accountability

A

Proving that a particular person committed a specific action at a particular time

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Identification

A

A name, a handle, a SSN, student ID number, etc

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Authentication

A

Additional information given to verify an identification; a password, for example, is simple authentication. A work badge or other ID gained by showing other documents counts as well.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Least Privilege/ Need to Know

A

Confining information or access to the smallest amount needed for the smallest number of people possible

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Information Owner

A

The person who decides who gets access to the information inside the system they own. They “own” the information contained in the system whereas a custodian manages the equipment that the information runs or is stored on

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

Discretionary Access Control (DAC)

A

Access mediated by an information owner or management. Most access across well known systems (such as Windows) rely on DAC

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

Access Control Lists (ACL)

A

Lists of users and their associated privileges and permissions

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

Mandatory Access Control (MAC)

A

System granted access mediated via:

Subjects: People or other systems that are granted access to objects

Objects: Elements within the system that are being protected, usually data or information

Labels: Designators applied to objects and subjects that allows the “match up” of people and stuff

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

Role-Based Access Control

A

Access granted by individuals filling a predefined role and receiving the privileges that go with it.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

Problems with passwords

A

Passwords can be insecure

Passwords are easily broken

Passwords are inconvenient

Passwords are repudiable

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

Two Factor Authentication

A

SYH/SYK (Something you have, something you know)

Example: a physical debit card or card number, and a PIN

A password token (maybe like the verification codes?) would count as 2 factor as well

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

Three factor authentication

A

SYH/SYK/SYA (Something you have, know, and are)

An example would be a person who swipes a badge, enters a pin, and scans a fingerprint

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

Biometrics

A

Includes fingerprints, signature dynamics, iris scanning, retina scanning, voice prints, facial recognition

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

Single Sign On

A

Setting up multiple systems to refer to one username and password for multiple systems instead of having to use a new one for each database or service

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

Kerberos

A

Single sign on Authentication for client/server applications. Allows for authentication across an insecure data channel such as the Internet. After a subject proves its identity, Kerberos assigns a unique ticket to subjects at sign on, and then embeds that ticket in all the communications so that the sender can be verified.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

Federation

A

When services or sites alloww users to use another set of passwords to log on. Using your Facebook password to log in to Etsy, for example.

17
Q

Remote Access Dial In User Service (RADIUS)

A

a client/server protocol that enables remote users to work with company sites, databases or other resources. Puts user profiles into a central databases that all the services can check against. Might use a name and password, a token, or a smart card to authenticate a user.

18
Q

VPN

A

Another way to authenticate users and guard traffic from the outside in to company resources