ACCESS CONTROL IMPLEMENTATION
Centralized Authentication
- All access to objects controlled by a single entity
- Ease of administration
- Allows for strict access control
- Can be slower with a large no. of users
- Single point of failure
REMOTE AUTHENTICATION DIAL-IN USER SERVER
- Serve dial-up connetctions
- Authenticates and authorizes users, normally through dial-up connections
- Provides the authentication mechanism
TACACS
TERMINAL ACCESS CONTROLLER ACCESSS CONTROL SYSTEM
- Authentication and authorization for direct access
- TACACS+ implements 2-factor authentication
- Single-factor authentication requires only 1 piece of input
- 2-factor authentication requires 2 pieces of input
- Remote authentication
- Access administration is handled closer to the objects being controlled
- More adnministration overhead
- Security domain
- Sphere of influence
- Defines a group of objects a subject can access
- Subjects can be constrained using domains
- Combination of centralized and decentralized models
- Used in systems where some data or resources must be more tightly secured than others
- Centralized authentication for high security resources
- Sensitive files
- Database
- Decentralized authentication for other objects
- Local files
0 Comments:
Post a Comment
<< Home