Question

1. Often, controlling threats and vulnerabilities to the confidentiality, integrity and availability of computer systems requires policies that specifies who can access what and how. List and explain the three fundamental security tools used to mitigate the threats and vulnerabilities?

Answer 1

For controlling threats and vulnerabilities to the CIA of computer systems, we can choose many tools but most fundamental of them are :-

1. Authentication

2. Encryption

3.Access Control

1. AUTHENTICATION-

Authentication tools are used to make sure that the person accessing the information is the one who they present themselves to be. We can identify someone through one or more of three factors to accomplish authentication: something they know, something they are, or something they have. But this form of authentication is easy to compromise and stronger forms of authentication are sometimes needed. Identifying someone only by something they have can also be problematic. When that identifying token is lost or stolen, the identity can be easily stolen. The final factor which is something you are, is much harder to compromise. This factor identifies a user through the use of a physical characteristic, such as an eye-scan or fingerprint.

2. ENCRYPTION-

When an organization needs to transmit information over the Internet or transfer it on external media such as a flash drive, then even with proper authentication and access control, it is possible for an unauthorized person to get access to the data. Encryption is a process of encoding data upon its transmission or storage so that only authorized individuals can read it. This encoding is accomplished by a computer program, which encodes the plain text that needs to be transmitted; then the recipient receives need the cipher text and decodes it i.e. decryption. In order for this to work, the sender and receiver need to agree on the method of encoding so that both parties can communicate properly. Both parties share the encryption key, enabling them to encode and decode each other’s messages. This is called symmetric key encryption. This type of encryption is problematic because the key is available in two different places.

3. ACCESS CONTROL:

Once a user has been authenticated, the next step is to ensure that they can only access the information resources that are appropriate. This is done through the use of access control. Access control determines which users are authorized to read, modify, add, and/or delete information. Several different access control models exist. Here we will discuss two: the access control list (ACL) and role-based access control (RBAC).

For each information resource that an organization wishes to manage, a list of users who have the ability to take specific actions can be created. This is an access control list, or ACL. For each user, specific capabilities are assigned, such as read, write, delete, or add. Only users with those capabilities are allowed to perform those functions. If a user is not on the list, they have no ability to even know that the information resource exists.

ACLs are simple to understand and maintain. However, they have several drawbacks. The primary drawback is that each information resource is managed separately, so if a security administrator wanted to add or remove a user to a large set of information resources, it would be quite difficult. And as the number of users and resources increase, ACLs become harder to maintain. This has led to an improved method of access control, called role-based access control, or RBAC. With RBAC, instead of giving specific users access rights to an information resource, users are assigned to roles and then those roles are assigned the access. This allows the administrators to manage users and roles separately, simplifying administration and, by extension, improving security.