Answered step by step
Verified Expert Solution
Link Copied!

Question

1 Approved Answer

Authentication and authorization technologies can prevent identity theft, phishing, and pharming scams. Authentication is a method for confirming users identities. Once a system determines the

Authentication and authorization technologies can prevent identity theft,
phishing, and pharming scams. Authentication is a method for confirming
users identities. Once a system determines the authentication of a user, it
can then determine the access privileges (or authorization) for that user.
Authorization is the process of providing a user with permission, including
access levels and abilities such as file access, hours of access, and amount
of allocated storage space. Authentication and authorization techniques fall
into three categories; the most secure procedures combine all three:
1. Something the user knows, such as a user ID and password. The first
type of authentication, using something the user knows, is the most
common way to identify individual users and typically consists of a
unique user ID and password. However, this is actually one of the most
ineffective ways for determining authentication because passwords are
not secure. All it typically takes to crack one is enough time. More than
50 percent of help-desk calls are password related, which can cost an
page 167
organization significant money, and a social engineer can coax a
password from almost anybody.
2. Something the user has, such as a smart card or token. The second
type of authentication, using something the user has, offers a much more
effective way to identify individuals than a user ID and password.
Tokens and smart cards are two of the primary forms of this type of
authentication. Tokens are small electronic devices that change user
passwords automatically. The user enters his or her user ID and tokendisplayed password to gain access to the network. A smart card is a
device about the size of a credit card containing embedded technologies
that can store information and small amounts of software to perform
some limited processing. Smart cards can act as identification
instruments, a form of digital cash, or a data storage device with the
ability to store an entire medical record.
3. Something that is part of the user, such as a fingerprint or voice
signature. The third kind of authentication, something that is part of the
user, is by far the best and most effective way to manage authentication.
Biometrics (narrowly defined) is the identification of a user based on a
physical characteristic, such as a fingerprint, iris, face, voice, or
handwriting. A voiceprint is a set of measurable characteristics of a
human voice that uniquely identifies an individual. These characteristics,
which are based on the physical configuration of a speakers mouth and
throat, can be expressed as a mathematical formula. Unfortunately,
biometric authentication such as voiceprints can be costly and intrusive.
Provide an example of each of the three primary information security areas
(6points)
(1) authentication and authorization
Use this to answer your questions

Step by Step Solution

There are 3 Steps involved in it

Step: 1

blur-text-image

Get Instant Access to Expert-Tailored Solutions

See step-by-step solutions with expert insights and AI powered tools for academic success

Step: 2

blur-text-image

Step: 3

blur-text-image

Ace Your Homework with AI

Get the answers you need in no time with our AI-driven, step-by-step assistance

Get Started

Recommended Textbook for

The Database Factory Active Database For Enterprise Computing

Authors: Schur, Stephen

1st Edition

0471558443, 9780471558446

More Books

Students also viewed these Databases questions