Skip to content
NGTEdu Logo

NGTEdu

A PRODUCT OF NGTECH.CO.IN

NGTEdu Logo

NGTEdu

  • Home
  • Cyber Attacks
  • Malware
  • Vulnerabilities
  • Data Breach
  • Home
  • Data Breach
  • Identity and Access Management – Who You Are & Where You Need to Be
  • Data Breach

Identity and Access Management – Who You Are & Where You Need to Be

5 years ago Bob Covello
Identity and Access Management – Who You Are & Where You Need to Be

Remember your first day on the job? You might groan just thinking about it, or maybe you are filled with the optimistic nostalgia of all the great things you set out to accomplish.  It’s all a matter of your current perspective.  One of the greatest apprehensions about that first day is meeting all of your new colleagues.  Someone probably gave you a tour of the office, introducing you to all the new faces, as you wondered how you will remember all the names.  It is like the first day of school, without the hormonal awkwardness.  That’s the human side of office life.

The technical introductions are always a bit more challenging.  What computer will you have?  Will you have both a desktop and a laptop? Perhaps an all-purpose tablet that you must care for like a new pet, remembering to not leave it unattended, or forgetting it on a mass-transit system.  Then, there is the login process.

Are you Authentic?

Usually, a new system will display the login screen, showing a name other than your own.  While it may seem trivial to log in as “Other user”, with all the new information coming at you on the first day, this could be just enough to throw off your otherwise confident flow.  Then comes the dreaded “create a new password” moment.

For the non-technical folks, the login process can be one of the most stressful moments of the day, even if it is not the first day on the job.  Why is that?  One of the reasons is because it is the equivalent of the company receptionist asking for your identification card every day that you arrive in the office.  A bit frustrating after about the third day.

However, the machines don’t know who you are from one moment to the next.  They need constant validation that you are who you purport to be.  Sort of like a clumsy dance partner.  Since the machine has no way of recognizing you, it needs your identity, in the form of your username, passphrase, and maybe even the added security of multi-factor authentication.  While mobile phones boast the use of facial recognition as an authentication mechanism, this has been shown to not only in some cases to be weak, but also suffers various biases.

These days, being authentic has a wonderfully warm connotation in social contexts, meaning that you are genuine, with the hopes that you are also empathetic and a nice person.  In computer parlance, authentication is similar, just verifying that you are the real you, and not an imposter.  That is all part of the authentication process.  It’s all just a part of verifying who you are.

Where Are You, Exactly?

Once you successfully satisfy the authentication process, the next step is the authorization process.  Authentication and authorization are two entirely different things.  Authorization is what enables you to access the things that you need to accomplish your job.  Identification is the ticket into the concert arena, whereas authorization is whether you are in the audience, or if you have a back-stage pass.

Authorization can be controlled on a broad level, such as allowing access from a particular network segment, or a set of IP addresses.  This is what is known as Rule-Based Access Control (RBAC).  An easy way to think about how RBAC works is that it is verifying where you are.  When you think about how you need to set up a travel alert to use your credit card in a geographical region other than where you live, you are dealing with rule-based controls.

What Are You?

Another form of RBAC is Role-Based Access Control.  (Since there are two types of RBAC, some people refer to RuBAC, and RoBAC to distinguish between Rule-Based, and Role-Based Access Control.)  When your access is based on your role, it is governed by your specific job function. 

If you are a member of the Finance Team, then you are granted access to the Finance information.  If you are a member of the Human Resources (HR) Team, then you make have a mix of visibility into all of the HR information, as well as some of the financial information, such as the payroll files.

Identity and Access Management (IAM) is a detail-oriented, and specialized skill.  Each aspect of identification and authorization can be customized for specific needs.  Part of the responsibilities of the IAM administrators is to remain aware of any changes to a person’s employment status, as well as any promotions or transfers within the organization.

Rise of The Machines

A new realm of IAM now includes machine identities.  Networked machines communicate with each other all the time.  Without this inter-network communication, networks would not function with their current efficiency.  With the maturity of cloud computing, machine identities must now be protected with the same vigilance as human identities, or they can be compromised and used in similar ways as our personal identities to steal information.

Welcome Aboard!

Whether it is your first day on the job, or just any old morning, and you find yourself slogging through the login process, just remember that the process you are participating in is part of a finely choreographed dance, serving to make everything flow smoothly.  The process is not there to be your enemy, rather, it is your partner.  Dance with the process, and make it a productive day.

Editor’s Note: The opinions expressed in this guest author article are solely those of the contributor, and do not necessarily reflect those of Tripwire, Inc.

The post ” Identity and Access Management – Who You Are & Where You Need to Be” appeared first on TripWire

Source:TripWire – Bob Covello

Tags: Cloud, TripWire

Continue Reading

Previous ProtonMail Shares Activist’s IP Address With Authorities Despite Its “No Log” Policy
Next Latest Atlassian Confluence Flaw Exploited to Breach Jenkins Project Server

More Stories

  • Cyber Attacks
  • Data Breach

TeamPCP Pushes Malicious Telnyx Versions to PyPI, Hides Stealer in WAV Files

9 hours ago [email protected] (The Hacker News)
  • Cyber Attacks
  • Data Breach
  • Vulnerabilities

LangChain, LangGraph Flaws Expose Files, Secrets, Databases in Widely Used AI Frameworks

17 hours ago [email protected] (The Hacker News)
  • Cyber Attacks
  • Data Breach
  • Malware

WebRTC Skimmer Bypasses CSP to Steal Payment Data from E-Commerce Sites

2 days ago [email protected] (The Hacker News)
  • Cyber Attacks
  • Data Breach

LeakBase Admin Arrested in Russia Over Massive Stolen Credential Marketplace

2 days ago [email protected] (The Hacker News)
  • Cyber Attacks
  • Data Breach
  • Malware

GlassWorm Malware Uses Solana Dead Drops to Deliver RAT and Steal Browser, Crypto Data

2 days ago [email protected] (The Hacker News)
  • Critical Vulnerability
  • Cyber Attacks
  • Data Breach
  • Vulnerabilities

The Kill Chain Is Obsolete When Your AI Agent Is the Threat

3 days ago [email protected] (The Hacker News)

Recent Posts

  • Apple Sends Lock Screen Alerts to Outdated iPhones Over Active Web-Based Exploits
  • TeamPCP Pushes Malicious Telnyx Versions to PyPI, Hides Stealer in WAV Files
  • Open VSX Bug Let Malicious VS Code Extensions Bypass Pre-Publish Security Checks
  • AitM Phishing Targets TikTok Business Accounts Using Cloudflare Turnstile Evasion
  • We Are At War

Tags

Android APT Bug CERT Cloud Compliance Coronavirus COVID-19 Critical Severity Encryption Exploit Facebook Finance Google Google Chrome Goverment Hacker Hacker News High Severity Instagram iPhone Java Linux Low Severity Malware Medium Severity Microsoft Moderate Severity Mozzila Firefox Oracle Patch Tuesday Phishing Privacy QuickHeal Ransomware RAT Sim The Hacker News Threatpost TikTok TripWire VMWARE Vulnerability Whatsapp Zoom
Copyright © 2020 All rights reserved | NGTEdu.com
This website uses cookies to improve your experience. We'll assume you're ok with this, but you can opt-out if you wish. Read More here.Cookie settingsACCEPT
Privacy & Cookies Policy

Privacy Overview

This website uses cookies to improve your experience while you navigate through the website. Out of these cookies, the cookies that are categorized as necessary are stored on your browser as they are essential for the working of basic functionalities of the website. We also use third-party cookies that help us analyze and understand how you use this website. These cookies will be stored in your browser only with your consent. You also have the option to opt-out of these cookies. But opting out of some of these cookies may have an effect on your browsing experience.
Necessary
Always Enabled
Necessary cookies are absolutely essential for the website to function properly. This category only includes cookies that ensures basic functionalities and security features of the website. These cookies do not store any personal information.
Non-necessary
Any cookies that may not be particularly necessary for the website to function and is used specifically to collect user personal data via analytics, ads, other embedded contents are termed as non-necessary cookies. It is mandatory to procure user consent prior to running these cookies on your website.
SAVE & ACCEPT