Access Control Policy Research Paper

633 Words2 Pages
bulb-icon

Recommended: Biometric security technology

1. Access Control Policy
Due in Week Seven: Outline the Access Control Policy. Describe how access control methodologies work to secure information systems
1.1. Authentication
Describe how and why authentication credentials are used to identify and control access to files, screens, and systems. Include a discussion of the principles of authentication such as passwords, multifactor authentication, biometrics, and single-sign-on.
Authentication credentials are vital to the security of information within an organization. The first thing that needs to be done is to authenicate the computers that need access. You can achieve this by having security questions or by IP address. There are different ways but the most effienct is the use of a physical …show more content…

However, Biometrics like retina and fingerprint scanning are used also. A PIN authentication is given to the user by the organization for the user to remember, this will be his or her constant login information each time he or she needs to access a certain data. In other companies, photos badges can also be used for authentication.
The next form of authentication is the two-factor authentication, meaning two forms of identification is required to access information. For example, a Pin number and strong password would be required. Having two or more credentials gives added security to the company to allow access to information.
Finally, the three-factor authentication deals with biometrics. This is the use of retinal scanning, voice prints, fingerprints, etc. This is one of the most effiecent authentication processes because the major credential is impossible to steal or imitate. This is because is uses the most unique person of a person. Among all the acess controls, fingerprint scanning is commonly used because fingerprints are unique to one individual noone shares the same finger print.

1.2. Access control strategy
1.2.1. Discretionary access …show more content…

MAC is a type of control that decides who will be granted access to the information based on labels, obejects, and subject. This control takes a hierarchial role when controling access to information. This method is widely used by the U. S. military.

Role-based access control
Describe how and why role-based access control will be used. Role-base access controls allows a group of users to access and share the same information as long as it helps the user perform his or her daily duities. Role-base access can also assigns roles in the organization and assign users to that role.
1.3. Remote access
Describe the policies for remote user access and authentication via dial-in user services and Virtual Private Networks (VPN) When you are away from the office and need to get work done from home or aboard with granted access you can use the VPN or dial-up to access the infromation needed. If an encryption card is implemented, remote access will be set through SSL. The policies especially on password set-up should also be applied in the remote websites of the company so that all users would abide by the same regulation (Merkow &

Show More
Related

  • Hrm 531 Week 2 The Security Audit Checklist

    685 Words  | 2 Pages

    Do we have a well-defined and documented policy for electronic authentication, authorisation and access control relating to our information systems, applications and data?

    Read More

  • Nt1330 Unit 3 Data Control System

    1146 Words  | 3 Pages

    This prevents unauthorized access, modification, or disclosure of system data. The chance of fraud, or embellishment is reduced by limiting access to non-conflicting job duties, e.g. individuals who set up approved vendors cannot initiate purchasing transactions, and individuals who have access to claims processing should not be able to set up or amend a policy

    Read More

  • Biometric Essay

    1183 Words  | 3 Pages

    ...nation without an idea way, it will lead the key to be the leader of the whole certification process, then the security system will be based on the key. Once the key is missing, the system will be collapsed. Based on the above analysis, while biometrics characteristics as an approximate random signal, people can consider to extract one key directly from such signals, instead of using the external inputs. In this way, we call it a key generation mechanism (key generation scheme).

    Read More

  • Homeland Security: The Mission Of Homeland Security

    1035 Words  | 3 Pages

    Security helps the organization meet its business objectives or mission by protecting its physical and financial resources, reputation, legal position, employees, and other tangible and intangible assets through the selection and application of appropriate safeguards. Businesses should establish roles and responsibilities of all personnel and staff members. However, a Chief Information Officer should be appointed to direct an organization’s day to day management of information assets. Supporting roles are performed by the service providers and include systems operations, whose personnel design and operate the computer systems. Each team member must be held accountable in ensuring all of the rules and policies are being followed, as well as, understanding their roles, responsibilities and functions. Organizations information processing systems are vulnerable to many threats that can inflict various types of damage that can result in significant losses (Harris, 2014). Losses can come from actions from trusted employees that defraud the system, outside hackers, or from careless data entry. The major threat to information protection is error and omissions that data entry personnel, users, system operators and programmers make. To better protect business information resources, organizations should conduct a risk analysis to see what

    Read More

  • Annotated Bibliography Essay

    1690 Words  | 4 Pages

    This article examines the use of multiple authentication methods to increase the security of a system. Moreover, with the use of biometric methods, the author seeks to show that authentication can occur continually during the time the resources are being utilized.

    Read More

  • Shopcrew Privacy Policy

    1995 Words  | 4 Pages

    1. DATA WE COLLECT Information provided by you: • Usernames, passwords

    Read More

  • VPN or Virtual Private Network

    1159 Words  | 3 Pages

    Virtual Private Network presents some advantages over the traditional network technologies. VPN offers direct cost savings over leased lines or long-distance calls for remote access, savings resulting from reduced training requirements and equipment, increased flexibility, scalability, and security. The main advantage of VPN is the cost savings of Internet VPN when compared to networks built using conventional leased lines. Leased lines include tariffs that have an installation fee, a fixed monthly cost, and a mileage charge. The cost to an organization of traditional leased lines may be reasonable at first but can increase exponentially as the organization grows. As an organization grows and more companies must be added to the network, the number of leased lines required increases dramatically. VPN that utilizes the Internet avoids this problem by simply tapping into the geographically distributed access already available. Another way VPN reduces costs is by reducing the need for long-distance telephone charges for remote access. Instead of having the offsite team of a company dial into the corporate modem bank via long distance lines, the company’s VPN allows them to simply place local calls to the ISP’s POP in order to connect to the corporate network.

    Read More

  • HIPAA, CIA, and Safeguards

    1633 Words  | 4 Pages

    Whitman, M., & Mattord, H. (2010). Management of information security. (3rd ed., p. 6). Boston, MA: Cengage Learning.

    Read More

  • Primary Responsibilities of a Private Security Manager

    1019 Words  | 3 Pages

    Principle of Security Management by Brian R. Johnson, Published by Prentice-Hall copyright 2005 by Pearson Education, Inc.

    Read More

  • Information Security: The John McCumber Model

    1132 Words  | 3 Pages

    ...thorized permission to access any authorized computer in the library or computer centre to access necessary subject information. The technology is updated to latest to maintain any interruption of accessing data.

    Read More

  • Network Policy Server and Remote Access

    1136 Words  | 3 Pages

    For the most part we have addresses the needs of our sales force on a case by case basis but going forward we really need to ensure we have a defined policy to streamline remote access. To accomplish this there are a few benchmarks we need to achieve. First of all the network has to be reliable or in more technical terms it needs to have high availability. Most importantly we need to make sure that the network is secure as much as it is possible with all the different types of users asking for access. Lastly, we need to address how we handle employees using personal or non-company issued computers and how we ensure that those machines meet of other remote access policies.

    Read More

  • Unix Security

    1356 Words  | 3 Pages

    Virtually all UNIX-based or UNIX-like systems require specific log on procedures. Depending upon an individuals access permissions, one is generally assigned an account or group with which to access terminals or workstations. User accounts, as these are typically described, can generally be assigned different access credentials depending on that individual's requirements. For the most part, user accounts have a limit to which a...

    Read More

  • Biometric Technology

    1204 Words  | 3 Pages

    “The term -information security- means protecting information and information systems from unauthorized access, use, disclosure, disruption, modification, or destruction” (United States Code, 2008). In order to ensure the identity of who is trying to access the information, the concept of “Biometric Technology” has been developed in the last years. This essay will start explaining this concept and the characteristics of its development through the time. Then, the essay will offer a brief explanation of biometric systems operation and a description of different biometric systems developed until now. Finally, this research analyzes the current and future applications and the issues that surround it.

    Read More

  • Information Security

    2693 Words  | 6 Pages

    The first thing that we must consider about Information Security is that there is not a final destination at which we can arrive. IT Security is an ongoing set of processes and activities that requires attention and expertise on a daily basis. It is important to understand that systems are not secured by themselves and it is our responsibility to maintain and improve them periodically as required. It is of vital importance to establish the appropriate mechanisms and requirements in order to support the company’s CIA triad. The following report will provide you guidance about auditing and hardening techniques applied though the 7 Domains by utilizing IT Security Best Practices.

    Read More

  • The Paperless(?) Office

    526 Words  | 2 Pages

    the employees and vice versa. This is a way to make sure everyone will access

    Read More

More about Access Control Policy Research Paper

Open Document