Other security concepts Flashcards
AAA Services
The three A’s in this abbreviation refer to authentication, authorization, and accounting (or sometimes auditing). Although there are three letters in the acronym, it actually refers to five elements: identification, authentication, authorization, auditing, and accounting.
What is Identification
Claiming to be an identity when attempting to access a secured area or system.
Identification is the process by which a subject professes an identity and accountability is initiated. A subject must provide an identity to a system to start the process of authentication, authorization, and accountability (AAA).
Providing an identity can involve typing in a username; swiping a smart card; waving a proximity device; speaking a phrase; or positioning your face, hand, or finger for a camera or scanning device. Providing a process ID number also represents the identification process.
What is Authentication
Proving that you are that identity.
The process of verifying or testing that the claimed identity is valid is authentication. The most common form of authentication is using a password.
What is Authorisation
Defining the permissions (i.e., allow/grant and/or deny) of a resource and object access for a specific identity
What is Auditing
Recording a log of the events and activities related to the system and subjects.
Auditing, or monitoring, is the programmatic means by which a subject’s actions are tracked and recorded for the purpose of holding the subject accountable for their actions while authenticated on a system. It is also the process by which unauthorized or abnormal activities are detected on a system.
What is Accounting (aka accountability)
Reviewing log files to check for compliance and violations in order to hold subjects accountable for their actions.
An organization’s security policy can be properly enforced only if accountability is maintained.
Effective accountability relies on the capability to prove a subject’s identity and track their activities.
Monitoring and auditing
Monitoring is a type of watching or oversight, while auditing is a recording of the information into a record or file. It is possible to monitor without auditing, but you can’t audit without some form of monitoring.