Loading...

Messages

Proposals

Stuck in your homework and missing deadline? Get urgent help in $10/Page with 24 hours deadline

Get Urgent Writing Help In Your Essays, Assignments, Homeworks, Dissertation, Thesis Or Coursework & Achieve A+ Grades.

Privacy Guaranteed - 100% Plagiarism Free Writing - Free Turnitin Report - Professional And Experienced Writers - 24/7 Online Support

Access control advantages and disadvantages

26/11/2021 Client: muhammad11 Deadline: 2 Day

Discuss Both Advantages And Disadvantages Of Remote Authentication Protocols.

Access Control, Authentication, and Public Key Infrastructure

Lesson 12

Access Control Solutions for Remote Workers

© 2015 Jones and Bartlett Learning, LLC, an Ascend Learning Company

www.jblearning.com

All rights reserved.

Page ‹#›

Access Control, Authentication, and PKI

© 2015 Jones and Bartlett Learning, LLC, an Ascend Learning Company

www.jblearning.com

All rights reserved.

1

Learning Objective

Implement a secure remote access solution.

Page ‹#›

Access Control, Authentication, and PKI

© 2015 Jones and Bartlett Learning, LLC, an Ascend Learning Company

www.jblearning.com

All rights reserved.

2

Key Concepts

Remote access solutions

Remote access protocols with their respective applications

Virtual private networks (VPNs), Secure Sockets Layer (SSL), and Citrix

Secure Web authentication examples

Page ‹#›

Access Control, Authentication, and PKI

© 2015 Jones and Bartlett Learning, LLC, an Ascend Learning Company

www.jblearning.com

All rights reserved.

3

Remote Access Methods

Page ‹#›

Access Control, Authentication, and PKI

© 2015 Jones and Bartlett Learning, LLC, an Ascend Learning Company

www.jblearning.com

All rights reserved.

RADIUS

RAS

TACACS+

VPN

Identification, Authentication, and Authorization (IAA)

Page ‹#›

Access Control, Authentication, and PKI

© 2015 Jones and Bartlett Learning, LLC, an Ascend Learning Company

www.jblearning.com

All rights reserved.

USB Tokens:

Password required(second authentication factor) to gain access to the computer system

Hard to duplicate and tamper resistant

Ability to store digital certificates that can be used in a public key infrastructure (PKI) environment

Key Questions to Discuss:

Does second authentication factor assure complete security?

Even though USB devices are hard to duplicate and tamper resistant, what factors still allow sensitive information stored in USBs vulnerable?

Can you come up with more weaknesses or strengths of USBs???

Smart Cards—Advantages

Contains a microprocessor–enables storage and processing of data and use of more robust authentication schemes:

Valid recognition of smart card (first authentication factor)

Requirement of password (second authentication factor)

Smart Cards—Disadvantage Requires installation of a hardware reader and associated software drivers on the consumer’s home computer

Why is it a disadvantage? Let’s discuss!!!!

Password Generating Tokens

Unique pass-code, also known as a one-time password (OTP)—ensures that the same OTP is not used consecutively

User name and regular password (first authentication factor)

OTP generated by the token (second authentication factor)

What makes password generating tokens so secure ???

Password-generating tokens are secure because of the time-sensitive, synchronized nature of the authentication. The randomness, unpredictability, and uniqueness of the OTPs substantially increase the difficulty of a cyber thief capturing and using OTPs gained from keyboard logging.

Biometric Techniques and Identifiers

Fingerprint Recognition

Face Recognition

Voice Recognition

Keystroke Recognition

Handwriting Recognition

Finger and Hand Geometry

Retinal Scan

Iris Scan

Key Questions to Discuss for Biometrics

How can biometrics help financial institutions in replacing the use of Automated Teller Machine (ATM) cards?

Currently, some financial institutions, domestic and foreign, that use fingerprint recognition and other biometric technologies to authenticate ATM users, are eliminating the need for an ATM card and the expense of replacing lost or stolen cards.

Once enrolled, customers interact with the live-scan process of the biometrics technology. The live scan is used to identify and authenticate the customer.

Web Browsers

Today, Web browsers such as Internet Explorer, Mozilla Firefox, and Apple Safari (to name a few), are installed on almost all computers. Because Web browsers are used so frequently, it is vital to configure them securely.

Often, the Web browser that comes with an operating system is not set up in a secure default configuration.

Not securing your Web browser can lead quickly to a variety of computer problems caused by anything from spyware being installed without your knowledge to intruders taking control of your computer.

Vulnerabilities

Ideally, computer users should evaluate the risks from the software they use. Many computers are sold with software already loaded. Unfortunately, it is not practical for most people to perform this level of analysis.

There is an increasing threat from software attacks that take advantage of vulnerable Web browsers.

We have observed a trend whereby new software vulnerabilities are exploited and directed at Web browsers through use of compromised or malicious Web sites.

This problem is made worse by a number of factors, including the following:

Many users have a tendency to click on links without considering the risks of their actions.

Web page addresses can be disguised or take you to an unexpected site.

Many Web browsers are configured to provide increased functionality at the cost of decreased security.

http://www.cert.org/tech_tips/securing_browser

Key Questions to Discuss

Are Web browsers secure?

What are the vulnerabilities of Web browsers?

Why do we need to secure the Web browsers?

How can Web browsers be made secure?

Reducing Risks in Web Browsers Force authentication(strong authentication preferred)

Configure browser for safe operation

Use remote access server (RAS) to validate access

Use secure protocols

Use host and network firewalls

Use antivirus (update it frequently)

Guard against malware

8/20/2018

5

Identification

The process of uniquely distinguishing an individual

Authentication

The process of verifying that users are who they say they are

Authorization

Determining which actions are allowed or not allowed by a user or system

Access Protocols to Minimize Risk

Authentication, Authorization, and Accounting (AAA)

Remote Authentication Dial In User Service (RADIUS)

Remote Access Server (RAS)

Terminal Access Controller Access Control System Plus (TACACS+), XTACACS, and TACACS+

Page ‹#›

Access Control, Authentication, and PKI

© 2015 Jones and Bartlett Learning, LLC, an Ascend Learning Company

www.jblearning.com

All rights reserved.

Authentication, Authorization, and Accounting (AAA)

Network services that provide security through:

A framework of access controls and policies

Enforcement of policies

Information needed for billing purposes

Framework that multiple protocols are based on

Example: RADIUS protocol uses the AAA framework to provide the three AAA components, but supports authentication and authorization separately from accounting

Page ‹#›

Access Control, Authentication, and PKI

© 2015 Jones and Bartlett Learning, LLC, an Ascend Learning Company

www.jblearning.com

All rights reserved.

Remote Authentication Dial In User Service (RADIUS)

A client/server protocol that provides authentication and authorization for remote users

Also provides accounting capabilities

A network protocol providing communication between a network access server (NAS) and an authentication server

Page ‹#›

Access Control, Authentication, and PKI

© 2015 Jones and Bartlett Learning, LLC, an Ascend Learning Company

www.jblearning.com

All rights reserved.

RADIUS Infrastructure

Page ‹#›

Access Control, Authentication, and PKI

© 2015 Jones and Bartlett Learning, LLC, an Ascend Learning Company

www.jblearning.com

All rights reserved.

Remote Access Server (RAS)

Provides authentication for remote access in an Internet and dial-up scenario

Process:

User connects to the RAS

Credentials are compared against database

If credentials match, authentication has occurred, and user is granted access to the network

Page ‹#›

Access Control, Authentication, and PKI

© 2015 Jones and Bartlett Learning, LLC, an Ascend Learning Company

www.jblearning.com

All rights reserved.

TACACS+

A Cisco-proprietary protocol developed to provide access control for routers, network access servers, and other network devices via one or more centralized servers

Utilizes TCP, ensuring message delivery

Is an extension of TACACS but differs by:

Separating authentication, authorization, and accounting architecture

Encrypts the communication

Page ‹#›

Access Control, Authentication, and PKI

© 2015 Jones and Bartlett Learning, LLC, an Ascend Learning Company

www.jblearning.com

All rights reserved.

RADIUS vs. TACACS+

Attributes RADIUS TACACS+
Transport Protocol User Datagram Protocol (UDP) Transmission Control Protocol/Internet Protocol (TCP/IP)
Encryption Encrypts only password Encrypts the entire body of the packet
Authentication, authorization, and accounting (AAA) Not considered a pure AAA architecture Pure AAA
Page ‹#›

Access Control, Authentication, and PKI

© 2015 Jones and Bartlett Learning, LLC, an Ascend Learning Company

www.jblearning.com

All rights reserved.

Remote Authentication Protocols

Point-to-Point Protocol (PPP)

Challenge Handshake Authentication Protocol (CHAP)

Extensible Authentication Protocol (EAP)

Page ‹#›

Access Control, Authentication, and PKI

© 2015 Jones and Bartlett Learning, LLC, an Ascend Learning Company

www.jblearning.com

All rights reserved.

EAP over RADIUS

Page ‹#›

Access Control, Authentication, and PKI

© 2015 Jones and Bartlett Learning, LLC, an Ascend Learning Company

www.jblearning.com

All rights reserved.

Virtual Private Networks (VPNs)

A secure connection over an unsecure network—the Internet

Security over VPN is provided through encryption

Tunneling protocols

Point-to-Point Tunneling Protocol (PPTP)

Layer 2 Tunneling Protocol (L2TP)

Internet Protocol Security (IPSec)

Page ‹#›

Access Control, Authentication, and PKI

© 2015 Jones and Bartlett Learning, LLC, an Ascend Learning Company

www.jblearning.com

All rights reserved.

Web Authentication

Ensuring users are who they say they are through a Web application

User ID and password is the basic form of authentication

Other forms of authentication:

One-time password authentication

Digital certificates

Knowledge-based authentication (KBA)

Page ‹#›

Access Control, Authentication, and PKI

© 2015 Jones and Bartlett Learning, LLC, an Ascend Learning Company

www.jblearning.com

All rights reserved.

Best Practices for Remote Access Controls to Support Remote Workers

Determine the security risk associated with remote access

Select a remote access option that addresses security needs

Determine the appropriate level of authentication based on the security risk

Ensure the systems that are accessing the network meet the security policies of the organization

Ensure protection of the systems that remote workers access

Page ‹#›

Access Control, Authentication, and PKI

© 2015 Jones and Bartlett Learning, LLC, an Ascend Learning Company

www.jblearning.com

All rights reserved.

Summary

Remote access methods

Remote access management

RADIUS versus TACACS+

Remote access implementation requirements

Security concerns in remote access

Page ‹#›

Access Control, Authentication, and PKI

© 2015 Jones and Bartlett Learning, LLC, an Ascend Learning Company

www.jblearning.com

Homework is Completed By:

Writer Writer Name Amount Client Comments & Rating
Instant Homework Helper

ONLINE

Instant Homework Helper

$36

She helped me in last minute in a very reasonable price. She is a lifesaver, I got A+ grade in my homework, I will surely hire her again for my next assignments, Thumbs Up!

Order & Get This Solution Within 3 Hours in $25/Page

Custom Original Solution And Get A+ Grades

  • 100% Plagiarism Free
  • Proper APA/MLA/Harvard Referencing
  • Delivery in 3 Hours After Placing Order
  • Free Turnitin Report
  • Unlimited Revisions
  • Privacy Guaranteed

Order & Get This Solution Within 6 Hours in $20/Page

Custom Original Solution And Get A+ Grades

  • 100% Plagiarism Free
  • Proper APA/MLA/Harvard Referencing
  • Delivery in 6 Hours After Placing Order
  • Free Turnitin Report
  • Unlimited Revisions
  • Privacy Guaranteed

Order & Get This Solution Within 12 Hours in $15/Page

Custom Original Solution And Get A+ Grades

  • 100% Plagiarism Free
  • Proper APA/MLA/Harvard Referencing
  • Delivery in 12 Hours After Placing Order
  • Free Turnitin Report
  • Unlimited Revisions
  • Privacy Guaranteed

6 writers have sent their proposals to do this homework:

Engineering Mentor
Unique Academic Solutions
Top Quality Assignments
Online Assignment Help
Instant Assignment Writer
Innovative Writer
Writer Writer Name Offer Chat
Engineering Mentor

ONLINE

Engineering Mentor

As an experienced writer, I have extensive experience in business writing, report writing, business profile writing, writing business reports and business plans for my clients.

$39 Chat With Writer
Unique Academic Solutions

ONLINE

Unique Academic Solutions

I can assist you in plagiarism free writing as I have already done several related projects of writing. I have a master qualification with 5 years’ experience in; Essay Writing, Case Study Writing, Report Writing.

$42 Chat With Writer
Top Quality Assignments

ONLINE

Top Quality Assignments

I have assisted scholars, business persons, startups, entrepreneurs, marketers, managers etc in their, pitches, presentations, market research, business plans etc.

$32 Chat With Writer
Online Assignment Help

ONLINE

Online Assignment Help

I am an elite class writer with more than 6 years of experience as an academic writer. I will provide you the 100 percent original and plagiarism-free content.

$49 Chat With Writer
Instant Assignment Writer

ONLINE

Instant Assignment Writer

I will provide you with the well organized and well research papers from different primary and secondary sources will write the content that will support your points.

$26 Chat With Writer
Innovative Writer

ONLINE

Innovative Writer

As per my knowledge I can assist you in writing a perfect Planning, Marketing Research, Business Pitches, Business Proposals, Business Feasibility Reports and Content within your given deadline and budget.

$39 Chat With Writer

Let our expert academic writers to help you in achieving a+ grades in your homework, assignment, quiz or exam.

Similar Homework Questions

Which artifact depicts the unification of upper and lower egypt - Enduring power of attorney short form - Aswan high dam location - Ipad trial presentation software - ECO 100 DISCUSSION FEDERAL RESERVE BANK - European train driving licence requirements - Catholic religious orders abbreviations - Form 842 offshore humanitarian visa - Atkinson theory of motivation ppt - Knight company reports the following costs and expenses in may - Discussion forum on chapter readings - The norton introduction to literature portable 11th edition pdf - Geometry area apothem worksheet key - Sixth century courses aberdeen - Bbo intermediate ballet syllabus - Hima aus education consultancy pokhara - Bsbmgt502 task 1 answers - "A" WORK PLAGIARISM FREE - Admin sadeempc com - Of mice and men past questions - Job safety analysis template - 200 kva transformer load capacity - Refutation in letter from birmingham jail - Discussion paper with 2 responses - Nates pizza menu travelers rest - Ohm's law lab report sample - Diamond foods annual report - Vcaa 2011 biology exam 2 answers - Blue haven spa manual - Application of complex numbers in electronics - Business Policy and Strategy III Questions & Answers - Fiction book report example - Kfsensor honeypot free download - CC W 1 D - Hearthstone puzzle lab solutions lil stormy - Rcd meaning penn foster - Discussion 7 - Buffalo wild wings strengths and weaknesses - Ncm 100 fundamentals nursing - Graded assignment - Frankenstein critical essay - incubation period microbiology - T.s eliot module b questions - A life cycle of a wolf - Well child visit template - Hp scanjet pro 4500 fn1 network scanner software download - Essay 3 - 3-methylcrotonylglycinuria in adults symptoms - Discussion needed by friday @ 6pm - Chaparral rainfall graph - Problem solution persuasive speech outline - Implementation of the iom future of nursing report - G http www adobe com go reader_download - Nokia strengths and weaknesses 2012 - Peter pan and wendy play script pdf - Csi wildlife worksheet answer key - Amy ( 12 pages due by 24th OCT) - Floridasnursing - Information Governance Research paper 2 - Nature of mathematics 13th edition smith pdf - Bibliography of teenage early pregnancy - Bolman and deal reframing organizations 5th edition - Project control should always focus on the critical path - Life cycle of a wolf - Cell phones being allowed in school - General capitulary for the missi summary - Glencoe accounting first year course answers - What is an annotated outline - Macbeth act 4 scene 3 summary - 1776 david mccullough study guide - 735 Wk 1 DQ 1 - Accounting rules - Drive-reduction motivation arises from: - Empty nest syndrome scholarly articles - Final Research Paper - Words with crat in them - Executive decision making at general motors case analysis - The computer workstation furniture manufacturing that santana rey - Palo alto networks reporting - Trainor alston lawyers coatbridge - A worthy woman from beside bath city - Cyclic code generator polynomial example - Information technology in Global Economy - Cromwell direct property fund - Obtain the thevenin equivalent at terminals ab - Meritor savings bank v vinson quizlet - How much money do criminal profilers make - Nec portable generator requirements - Rmit interview questions - Sc1040 week 3 assignment - Chemistry data booklet ib - Explain how ahima's data quality management model works - Modigliani and miller - IA week10 DB - The three major sociological theories - Ethics In Literature Discussion Board - Defense justification of usp - Apply tort and criminal law irac case brief - Exxonmobil business strategy - Mitosis and meiosis lab 5 answers