Authentication and Access Control

Authentication in this days is not only having a password, today in a distributed client server a user might have several client programs running on her desktop which access server programs uses remote computers across a network and in such environment, the server must authenticate the client run on behalf of a legitimate user.

Modern computer systems provide services to multiple users and require the ability to accurately identify the user making a request. From services like banks or assurance, is not enough to verify a given password because in a network, its a package that can be intercepted and subsequently used to impersonate a user. Nowadays, servers save the behaviour of the users and can detect an abnormal state in the way a person interacts with the system and can activate a flag that it may be an attacker.

Also now the cryptography is an essential tool in the network communication because it can be a intercepted package, but if you dont have the acces key or the security key, you won't be able to read or interprate the package.


Comments

Post a Comment

Popular posts from this blog

Ethical hacking

Image
The ACM in 1992 adopted the ACM Code of Ethics and Professional Conduct, it consist of 24 statements of personal responsibility. Some of them are: Contribute to society and human well being, Avoid harm to others, Be honest and trustworthy, Respect privacy to others, Honor confidentiality, etc. Some of them involve more professional topics like: Strive to achieve highest quality, Acquire and maintain professional competence, Know and respect existing laws, Honor contracts, agreements and assigned responsibilities, etc. To the full article you can check this website  https://www.acm.org/about-acm/acm-code-of-ethics-and-professional-conduct#sect1 . Here are some existing and really serious example of some of the statutes written in the code of ethics that this author believes is important for the reader: 1) don't spy the work of others 2) Respect the plants   3) Don't harm other ppl 4) Don't enter the girls bathroom 5) Be careful with the water, you ca
Read more

Cryptography

Image
Criptography is a method of storing and transmitting data in a particular form so that only those intended are able to read and process information. It includes techniques such as microdots, merging words with images and many more ways for handling information. Modern cryptography concerns itself with the following four objectives Confidentiality Integrity Non-repudiation Authenticationç In order to use it correctly there are procedures and protocoles that need to be meted, they refer to mathematical procedures and many different computer programs, but you must not forget that it need to include the regulation of a human behaviours in order to be complete random or non-pattern forms.
Read more

Integrity, Availability and Confidentiality

Image
Three goals: Integrity, Availability and Confidentiality I see this words as the key for a product involving IT in the 21st century, let's take a look to the definitions.  Integrity: the quality of being honest and having strong moral principles that you refuse to change. Availability: suitable or ready for use; of use or service. Confidentiality: the state of keeping or being kept secret or private.  To ensure the security of the customers, a product or service must be certain that this 3 goals are accomplished. Every time you download an app or suscribe to a webpage, you are giving your personal data, every second you spent logged into Google or Facebook you are giving your personal data to them, every word you type on Instagram or Gmail that word is saved in some server and accesible by a person. Now that you know this, this three words now look important, you want to be confident that this companies and the people they hire have integrity, you want to be confident th
Read more