Home > Audit, Authentication, Peak Performance > Primer on the four basic categories of security

Primer on the four basic categories of security

Here is a refresher on the four fundamental
categories of security – authentication, authorization, administration and
audit. Each poses a basic question.  And each must be addressed before the next becomes fully effective. 

Authentication
Are you who you say you are? Authentication
is the set of tools and processes for identifying people and machines. ID
badges, key cards, passwords, biometrics all deliver information about whether
a person is who they claim to be.

Authorization
I know who you are, but what may you do?
Authorization technologies limit and control behavior, but also aim to allow
appropriate activities. Locks, entry devices, card readers, antivirus software,
encryption, even fences and guards require or respond to information about
one’s privileges, then ensure that one can perform all the duties of his or her
job. 

Administration
Lots of you are doing lots of things. How do
I manage it? Administration is both a set of processes and a technological act,
often requiring software and computers or data repositories called directories.
Access control administrator software, provisioning software, the forms you
pass around to managers to get approvals, all allow organizations to add,
delete or modify information about people and their privileges.

Audit
What’s happening? Is the authentication and
authorization working correctly? The last of the four categories, audit, is
arguably the most important. Cameras, video recorders, monitoring stations,
alarms, IT-SIM and PSIM products, risk assessments and computer audit logs collect
and display the current state to whomever is concerned. The better systems, of
course, correlate and prioritize events to help people respond to the
interesting incidents.

Security employs technologies and processes
to ask those questions and respond to the information in the most efficient and
effectives ways.

About these ads
  1. October 23, 2007 at 4:58 pm

    Steve,
    Very useful reminder of the questions that need to be answered.
    Interestingly this is a binary thing either you have something or there is nothing.
    In order to establish an identity (authentication and as you importantly point out this applies to both people and things) you must register that person, this requires an administration process (sponsor, breeder documents, background checks, approval), this requires authorization for approvers and an audit to keep it straight.
    For authorization you would preferably start with strong authentication, you need administration around granting access and again audit trail.
    Work through the problem, you need it all or you have nothing.

  2. November 11, 2013 at 4:01 am

    Heya just wanted to give you a quick heads up and
    let you know a few of the pictures aren’t loading properly.
    I’m not sure why but I think its a linking issue.
    I’ve tried it in two different browsers and both show
    the same results.

  3. November 18, 2013 at 10:56 am

    Professional Online buy bags ugg paris France 2013

  4. December 5, 2013 at 12:44 pm

    You are so interesting! I do not believe I’ve truly read through anything like this before.
    So great to discover someone with a few genuine thoughts on
    this issue. Really.. many thanks for starting this up.
    This web site is one thing that is needed on the web,
    someone with a little originality!

  5. December 6, 2013 at 10:45 pm

    I have to thank you for the efforts you have put in
    penning this site. I really hope to check
    out the same high-grade blog posts by you in the future as
    well. In truth, your creative writing abilities has motivated me to get my own site now ;
    )

  6. May 31, 2014 at 6:14 pm

    Thank you for the good writeup. It in fact was a amusement account it.

    Look complicated to more added agreeable from you!
    However, how can we keep in touch?

  1. No trackbacks yet.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

Follow

Get every new post delivered to your Inbox.

%d bloggers like this: