Cybersecurity Access Control: AAA, MFA, Biometrics, and FIM

Authentication

It verifies the identity of each user, to prevent unauthorized access.

Authorization

It determines which resources users can access, along with the operations that users can perform.

Accounting

It keeps track of what users do — including what they access, the amount of time they access resources, and any changes they make.

Access Control List (ACL)

An ACL determines whether a user has certain access privileges once the user authenticates.

Two Factor Authentication

The system requires a combination of two of the following: something they know, something they have, or something they are.

Identification

It enforces the rules established by the authorization policy.

Unique Identifier

A unique identifier ensures the proper association between allowed activities and subjects.

Username

A username is the most common method used to identify a user.

Password

A string of characters used to prove a user's identity, which should be at least eight characters and contain a combination of upper and lowercase letters, numbers, and special characters.

Passphrase

A term generically referred to as a password, which can be a string of characters used to prove a user's identity.

Personal Identification Number (PIN)

An example of something that the user knows to prove their identity.

Smart Card

An example of something that the user has to prove their identity.

Biometric Authentication

Includes methods such as fingerprint, retina scan, or voice recognition to verify a user's identity.

Cybersecurity Accounting

Tracks and monitors user activities in real time and provides auditing results.

Computer Policies

System administrators can set up these policies to enable system auditing.

Access Control

The concept that involves managing who can access resources and what actions they can perform.

Unauthorized Access

Access to a computer, network, database, or other data resource that is not permitted.

Security Services

The three services involved in administrative access controls: authentication, authorization, and accounting (AAA).

Criminal Access

If a criminal cracks the user's password once, they will have access to all the user's accounts.

Access Request

Every time access to a resource is requested, the access controls determine whether to grant or deny access.

Alphanumeric Combination

A type of username that can include letters and numbers.

Character Combination

A password should contain a combination of upper and lowercase letters, numbers, and special characters.

Smart cards

A small plastic card, about the size of a credit card, with a small chip embedded in it that is capable of processing, storing, and safeguarding data.

Security key fob

A device that is small enough to attach to a keyring, often used for two-factor authentication (2FA).

Two-factor authentication (2FA)

A method of authentication that uses two different factors for verification, making it more secure than a username and password combination.

Biometric security

A method that compares unique physical characteristics against stored profiles to authenticate users.

Physiological characteristics

Biometric identifiers such as fingerprints, DNA, face, hands, retina, or ear features.

Behavioral characteristics

Biometric identifiers based on patterns of behavior such as gestures, voice, gait, or typing rhythm.

Biometrics

The use of unique physical or behavioral characteristics for authentication, increasingly popular in public security systems, consumer electronics, and point-of-sale applications.

Reader or scanning device

A device used in biometric systems to capture physical characteristics for authentication.

Strong password

A password that combines alphanumeric characters, symbols, and may include spaces.

Weak password

A password that is simple, dictionary-based, or easily guessable.

Federated Identity Management

A system that allows multiple enterprises to let their users use the same identification credentials to access networks across the group.

Cascading effect

The increased probability of a widespread impact from an attack due to interconnected systems.

Single sign-on

A user experience that allows access to multiple applications with one set of login credentials.

Identity thieves

Individuals who steal personal information to commit fraud.

Authorized device

A device that is permitted to access a user's identity information in federated identity management.

Multi-Factor Authentication

A security process that requires two or more methods of verification for access.

Fingerprint scan

A biometric method that uses a person's unique fingerprint for authentication.

Alphanumeric characters

Characters that include both letters and numbers.

Symbols

Special characters used in passwords to enhance security.

Social login credentials

Login information that allows users to access multiple websites using their social media accounts.

Identity management systems

Systems that manage user identities and credentials across different platforms.

Scanned information

Data captured by a biometric reader or scanning device for authentication purposes.

Database of biometric data

A storage system that holds biometric information for comparison during authentication.

Password and something you have

A common method of verification in multi-factor authentication.