CyberSecurity: The AAA Framework
Authentication
You
have just returned from a lovely holiday - how do you enter your house again?
The answer seems to be a no-brainer – you use a key to unlock the door. It also
ensures that nobody else can enter your house whilst you’re away, so your
belongings are well out of harm’s way. In cybersecurity, authentication is no
different. Authentication is simply asking the user one question – are
you who you claim to be? To understand authentication, it is imperative to
understand the concept of identification. Identification is your claim – for
example, when you mention what your name is, you are claiming to be a certain
entity. Authentication is the concept of proving that claim. By unlocking your
house door, you are authenticating that you are the house owner (your
identification). Likewise, when you log into a computer, you must enter its
corresponding password to prove that you are the designated user. This is
called Single-Factor Authentication (or SFA). However, there is one catch – how
can you stop anyone with malicious intent from gaining access to a computer
system without your permission? All it takes is for them to find one piece of
information to help back their false claim – your password. Multi-Factor
Authentication (or MFA) is a better option. As you can probably
figure out, this is a method of authentication that utilises not one, but
multiple factors that prove that you are who you claim to be. These factors
include what the user knows (like a password), what the user has (security
token) and who the user is (biometrics). For example, one can gain access to a
system by scanning his/her fingerprint (biometrics to prove who you are) followed
by entering a PIN to thoroughly prove your claim.
Authorization
When you unlock the door to your house and step inside,
logic dictates that you only see your belongings in your property. You are not permitted
to see the interior of your neighbour’s house and their items. In
cybersecurity, this is what we refer to as authorization – what you are meant
to see and what you are not. You may have authenticated yourself into the
house, but that doesn’t mean you can see absolutely everything. Some
information may not be relevant to you – you see what you need to see. So,
how does a computer system dictate what information you are required to gain
access to? Role-based access control, or RBAC, works best here. Imagine you
work as a developer for AkellaTech Inc – you work with code and spend most of
your time creating applications for the company. All you really need to know is
the information about your projects as well as any related concerns. You do not,
however, need to see information about the financial status of the organisation
or the salaries of your colleagues unless it is relevant to the application you
are creating. This access control uses the security principle of the least
privilege model, which refers to the amount of privilege that is needed for
one’s job.
Accounting
How do you explain to a friend what you did over the
weekend? You tell them that you did lots of activities and tasks – these form a
detailed account as your response. Accounting in cybersecurity is the same. You
list all the little things the user has done and compile them into one big report.
This then quite literally translates to the question – what did you do? What makes accounting so vital to computer systems and organisations? For starters, if there is a breach in a system, accounting methods can be used to discover who was responsible or reveal a few clues. Three common methods of accounting are logs, web
browser history and tracking. Web browser history is rather easy to understand –
all web browsers track where you’ve gone and what kind of websites you have
visited. They use something called a HTTP Cookie, which are enabled to save
little pieces of data that help identify your computer whilst on the network. Logs are similar, only they record your
actual computer’s events and is not restricted to just your web browser. It can
track things such as the applications that you opened and what kind of
activities you performed whilst on them. Finally, tracking refers to how the OS
(operating system) observes your activity and geographic location.
In conclusion, we now know how the AAA framework can relate
to cybersecurity and why it is so important for computer systems to implement. Little measures such as enabling
MFA as opposed to single factor authentication or enabling access controls and
logging can go a long way in protecting your personal information. In the world
of technology, you can never trust anybody or anything completely. It is
undeniable that hackers are getting smarter by the minute causing security to
be tested time and time again. Cybersecurity will no longer be the defender of
companies, but the defender of our technologically advancing world and its
future.
This comment has been removed by the author.
ReplyDeleteThanks! I'll need that support :)
ReplyDelete