1) Authentication:-Attackers can try to gainaccess to sensitive data and services. Access control limits is one of the wayto secure the sensitive data. It give limitations to users who or what can usespecific resources as well as the services or options available once access isgranted. The simplest and easiest form ofauthentication is passwords. This method is easy to implement but also theweakest and least secure. Password-only logins are very vulnerable to brute forceattacks and provides no accountability. Anyone with the password can gain entryto the device and alter the configuration.
There are many types ofauthentication methods which are better than passwords.· Certificate-BasedAuthentication: -This type uses an x.509 certificate forpublic/private key technology.
· Token-BasedAuthentication: – A token, such as SecurID, is a hardware devicethat displays an authentication code for 60 seconds; a user uses this code tolog into a network. · BiometricAuthentication: – This type uses a physical characteristic suchas fingerprint, eye iris, or handprint to authenticate the user.2) Authorization:- the selected After users are successfullyauthenticated against the selected data source, they are than authorized for specificdata or database or network resources. Authorization is basically what a usercan and cannot do on the network after that user is authenticated.
Authorization is typicallyimplemented using a AAA server-based solution. Authorization uses a created setof attributes that describes the user’s access to the specific data or database.These attributes are compared to information contained within the AAA database,and determination of restrictions for that user is made and delivered to thelocal router where the user is connected.3) Encryption:-Encryption can be used toencrypt data while it is in transit or while it’s stored on a hard drive.
Cryptography is the study of protecting information by mathematicallyscrambling the data, so it cannot be deciphered without knowledge of themathematical formula used to encrypt it. This mathematical formula is known asthe encryption algorithm. Cryptography is composed of two words: crypt (meaningsecret or hidden) and graphy (meaning writing). Cryptography literally meanssecret or hidden writing.
Cleartext is the plan text which can be read byeveryone and understandable data, and cipher text is the scrambled text as aresult of the encryption process. Cipher text should be unreadable and show norepeatable pattern to ensure the confidentiality of the data.There are three criticalelements to data security.
Confidentiality, integrity, and authentication areknown as the CIA triad. Data encryption provides confidentiality, meaning thedata can only be read by authorized users. Message hashing provides integrity,which ensures the data sent is the same data received and the information wasnot modified in transit. Message digital signatures provide authentication(ensuring users are who they say they are) as well as integrity.
Message encrypting,and digital signatures together provide confidentiality, authentication, andintegrity.