Next
Back
Access Control
Restart
Ethics Challenge
1/8
This material was developed with funding
from the National Science Foundation
This work is licensed with a
Creative Commons Attribution 4.0 International LicenseEndFragment
Five Pillars of Information Security
Availability
Authenticity
The data is available
to authorized users
at authorized times
Five Pillars of Information Security
Only authorized
users can view
the data
The data originates
from the claimed
user
Nonrepudiation
Introduction
Integrity
Only authorized
users can make
authorized changes
The action cannot
be denied
Confidentiality
Click on each pillar
2/8
Close
Biometric Authentication Systems
Hand Geometry Recognition
Facial Recognition
Voice Recognition
Iris Recognition
Keystroke Recognition
Retina Recognition
Gait Recognition
Fingerprint Recognition
Signature Recognition
Access Control Systems
Electronic Medial Records
User Account Data
3/8
Click to reveal examples of data
that requires confidentiality
Confidentialty
Firewalls
Click to reveal security components
that support confidentiality
To maintain confidentiality, limit access to data and ensure that only authorized users have access.
Integrity is the assurance that information has not been modified by an unauthorized individual, and significant negative ramifications result if modified by an attacker.
Digital Fingerprint
Click to reveal examples of data
that requires integrity
Click to reveal security technologies
that support integrity
Bank Records
Integrity
4/8
These technollogies generate a digital fingerprint or unique string for an object.
Availability means that information or systems will be accessible to user when they need it.
Off-site Systems
Hot Backup Location
Data Backup
Storage Redundancy
Click to reveal examples of data
that must be available
Ensuring that there are redundant system components is important for supporting availability. These include multiple hard drives, redundant power supplies in servers, and multiple web servers (clustered servers) in the event that one fails or must be taken down. The more critical availability is, the more redundancy must be built in to the system.
5/8
Availability
Click to reveal security technologies
that support availability
+
Authentication verifies that something (or someone) is legitimate. Authentication of data is synonymous with integrity. We can also desire authentication of origin.
Click to reveal examples
of data authentication
6/8
Authentication
Multi-Factor Authentication
Click to reveal security technologies
that support authentication
The most popular form of authentication is the use of a password, passphrase, or PIN (something you know). You can also use something you have, such as a token or key fob or something you (fingerprint, retinol scan or face recognition). If a user needs to provide more than one form of authentication, it is known as a multi-factor authentication.
Non-repudiation applies to formal contracts, a communication, or the transfer of data and ensures that an individual or organization cannot deny the authenticity of their signatures on the documents that are part of the communication.
Non-repudiation
Click to reveal security technologies
that support non-repudiation
Click to see the tangible evidence connectiong the identified party to the communication
Non-repudiation requires the creation of an artifact that proves identity
I did not
send that
transfer
7/8
8/8
Authorization
Authorization grants privileges to a subject. These privileges determine which objects the subject can access and the permissions that control the subject’s actions. Authorization determines access levels or user/client privileges related to system resources including files, services, computer programs, data, and applicaiton features