Week 1 - cyber security vocabulary Flashcards
CIA
Confidentiality
Integrity
Availability
Confidentiality
The property that information is only made available to authorised individuals, entities or processes.
Integrity
The property of safeguarding the accuracy and completeness of property against unauthorised access or modification.
Availability
the property of being accessible and useable on demand by authorised entities.
AAA
Authentication
Authorisation
Accounting
What is authentication?
The process of identifying entities. It links an identity to an entity.
What is Authorisation?
Giving or withholding access to systems resources
What is accounting?
Recording usage of systems
What is the fourth concept that was introduced to AAA?
Auditing - evaluating a systems security.
The three – factors of authentication
Whenever you use a computer system, it is not enough for you to claim an identity, you must prove that identity using a further piece of information called a factor. When you log on to your computer you claim an identity with a user ID; you prove it using a factor such as a password or fingerprint.
The three AAAs are interlinked as?
Weaknesses in authentication or authorisation allow improper (either deliberate or accidental) access to a system. These weaknesses can be revealed through accounting processes.
Authentication, Authorisation, Accounting is also referred to as?
Access Control - regulating which entities can view, modify or use a system resource.
- The knowledge factor (something you know)
Something that can be recalled by memory
- The possession factor (something you have)
Physical objects such as smart keys or plug in USB security keys. A weakness is ensuring the safety of the object.
- Biometric factor (something you are)
A unique aspect of the user such as fingerprint or voice. It cannot be stolen or forgotten.