In this video you will learn to discuss the terms identification and AAA in the context of cybersecurity. You'll also learn how to discuss the three types of authentication and the use of controls. >> Identifications and AAA. Identification. What is identification? It's when we first present ourselves against a resource. This could be by username and password, this could be by token. Let's use authenticating against a social network as an example. Once we present ourselves with a username password, the application or the resources will not authenticate us against its resources. So it's going to make sure that we actually exist on that environment. From there, it's going to authorize us or it's going to give us the purpose rights in order to access that information. If we're using the social network sample, we should be getting a user type of role associated with us. We shouldn't be enabled to use any admin type of rights. From there, we're going to be able to have accountability of the things that we do. We spoke about this on that every chapter, so we're going to have the accountability of the things that we do with that idea for the authentication, authenticated ID. We're going to explain a little bit better how this works. In order to use a resource, we first need to identify, to get the proper rights. And the authorization in order to use that resource. When we use that resource, we're going to actually get some accountability of our actions. So everything that we do is going to keep a log of things. Then, we're going to talk about authentication methods. There are many methods out there, this can be summarize in three. First thing is something that you know. What is something that I know? Could be a username and a password. Then, something that I have. Usually this is being broadly used account with banking trying to upscale the security, basically give us a token or a smart card. Then, there something that you are. What are we, what can we provide? This usually falls with biometric controls. In this case, we're going to use fingerprints as an example. Something that you have. As you can see, this is something that we use on daily lives. We have a credit card with that chip. The chip is something that we have and authenticated with it. In some countries, for example, in the US, when you use a credit card, you need to put a pin. That is something that I know. And then, something that I have, I actually with the chip that I have. Also, the RCA token, when I authenticate against a banking site, I know that they gave me a username and password. But the RCA token will actually create the random number, or token, in order to confirm that that it's me, that I'm logging into that resource. So something that you have is going to be something physical. It could be an app on your phone, it could be another piece of hardware, but it's something that you're going to actually have with you. Something that you are. What are we, what can we provide to the to a server or to an authenticating method? There are many, many things out there, things all away from brainwaves frequencies, but the most commonly used are fingerprints. Fingerprints, retina scanners, and biometric signatures. Could fall into anything, really. What's the basic flow of this? It's going to start with the biometric capture. Then, we're going to translate that image or that sample from the biometric capture into become bytes that computer can understand and create an algorithm and find a parallel unique pattern against us. It's going to take that and compare it against the one that it has on its database and it's going to give us a match. Usually, there's a brain chip error. In this case, we're going to capture for fingerprints. We have a 90% chance of actually being accurate for it. There's a 5% error. Controls. We're going to speak of gun controls that we have or do we use our daily bases. This has been summarized on three. Administrative, technical, and physical. Method controls could be any policy or procedure that we have in our enterprise. It could be such a thing as a spam policy. For example, they many likely be receive as an e-mail is most reported spam. That it's something that we can use to prevent that malware coming into our system. When controls or when the user behavior is in place, we can also add a layer of security where technical controls. What could be a technical control? In this case, it could be a firewall. Not only we have a quality control that when a span e-mail comes into our e-mail, we need to report it. But in case somebody actually opens that information, we have a firewall. Also, we have our physical controls. Our physical controls could be anything that at this point. It could be a separate room with having different biometric controls in order to get in. It could be a a door. Anything that actually physically restrain us from reaching that resource. So control. We spoke regarding the control types that we have, and we're going to speak a little bit of the subcategories that we also have on those. We have our corrective controls, which actually correct support problem after discovering it. What can be a corrective control? Could be a policy, trainings, any kind of penalty for breaking those procedures that we have in our enterprise. Preventive are things that actually help us to prevent or to uncover violations of internal controls. What could it be something that is preventive? Internal audits, random internal audits. Dissuasive, we are trying to or with this we're trying to encourage violators. This could be a camera on a server room in order to prevent that type of behavior around the servers. Maybe a person would stop or would think twice regarding doing something outside the policy, or the company's policy, because his movements are being recorded. We also have our recovery controls with different things that would actually recover us in case of a disaster. And here, we could mention backups. Then, we have our detective controls would actually help us identify possible violations. On here, we can add our firewalls. Then, compensatory on here. If we were able to identify a gap, and then it wasn't enough to cover it with a policy, which is an administrative control, we got a compensatory control. Which could be a firewall just in case somebody actually clicks a spam e-mail. In order to prevent that from coming into the enterprise, we're going to have the compensatory control that will actually block any type of malware by adding that model into our firewall. On here, I'm going to share a little bit of a chart which actually goes a little bit more in depth into the control and type of controls. Also have the type of control, the preventive, detective directive, dissuasive, and recovery.
