8
Chapter 1: Fundamental Security Concepts
CertPrs8/Sun Certified Security Administrator for Solaris 9 & 10 Study Guide/Chirillo and Danielyan/225423-8/Chapter 1
What You Are
What you are authentication refers to biometric authentication methods. A biometric
is a physiological or behavioral characteristic of a human being that can distinguish
one person from another and that theoretically can be used for identification or
verification of identity. Biometric authentication methods include fingerprint,
iris, and retina recognition, as well as voice and signature recognition, to name
a few. Biometric authentication methods are less well understood than the other
two methods but when used correctly, in addition to what you have or what you
know authentication, may significantly contribute to strength of authentication.
Nevertheless, biometrics is a complex subject and is much more cumbersome to
deploy than what you know or what you have authentication. Unlike what you know
or what you have authentication methods, whether or not you know the password
or have the token, biometric authentication systems say how much you are like
the subject you are claiming to be; naturally this method requires much more
installation-dependent tuning and configuration.
Authorization
After declaring identity at the identification stage and proving it at the authentication
stage, users are assigned a set of authorizations (also referred to as rights, privileges, or
permissions) that define what they can do on the system. These authorizations are
most commonly defined by the system’s security
policy and are set by the security or system
administrator. These privileges may range from
the extremes of “permit nothing” to “permit
everything” and include anything in between.
As you can see, the second and third stages
of the identify-authenticate-authorize process
depend on the first stage, and the final goal of
the whole process is to enforce access control
and accountability, which is described next.
User account management and access control
in Solaris 10 are described in more detail in
Chapters 9 and 10.
Accountability
Accountability is another important principle of information security that refers to
the possibility of tracing actions and events back in time to the users, systems, or
processes that performed them, to establish responsibility for actions or omissions.
Authorization is the
process of ensuring that a user has
sufficient rights to perform the requested
operation and preventing those without
sufficient rights from doing the same. At
the same time, authorization is also the
process which gives rights depending on
the identity of the user—be it a human or
another system.
ch01.indd 8 4/20/05 12:50:03 PM
剩余31页未读,继续阅读
唐炎
- 粉丝: 0
- 资源: 1
我的内容管理
展开
最新资源
- zlib-1.2.12压缩包解析与技术要点
- 微信小程序滑动选项卡源码模版发布
- Unity虚拟人物唇同步插件Oculus Lipsync介绍
- Nginx 1.18.0版本WinSW自动安装与管理指南
- Java Swing和JDBC实现的ATM系统源码解析
- 掌握Spark Streaming与Maven集成的分布式大数据处理
- 深入学习推荐系统:教程、案例与项目实践
- Web开发者必备的取色工具软件介绍
- C语言实现李春葆数据结构实验程序
- 超市管理系统开发:asp+SQL Server 2005实战
- Redis伪集群搭建教程与实践
- 掌握网络活动细节:Wireshark v3.6.3网络嗅探工具详解
- 全面掌握美赛:建模、分析与编程实现教程
- Java图书馆系统完整项目源码及SQL文件解析
- PCtoLCD2002软件:高效图片和字符取模转换
- Java开发的体育赛事在线购票系统源码分析
资源上传下载、课程学习等过程中有任何疑问或建议,欢迎提出宝贵意见哦~我们会及时处理!
点击此处反馈
