Academic Integrity: tutoring, explanations, and feedback — we don’t complete graded work or submit on a student’s behalf.

write an authentication policy for a hypothetical organization. This policy shou

ID: 3863321 • Letter: W

Question

write an authentication policy for a hypothetical organization. This policy should address the use of various authentication schemes for different assets. The policy can select from an array of authentication technology including: passwords, passphrases, image selection, pattern matching and other multi-factor authentication technology depending on the asset being protected. This is an authentication policy which is a subset of a full security policy. writing a complete security policy is too large a project. Therefore we are focusing on a subset of functionality which is authentication. This assignment is to write an authentication policy for the assets defined in the problem. With that said there are numerous issues, process and procedures that touch on the topics of authentication related to the assets in this problem. The requirements for this policy are below. When writing a policy you should consider providing an overview and a scope statement. There may be other sections you consider important. This is an authentication policy which is a subset of a full security policy. The intent of this exercise is to provide you practice in writing a policy that conforms to various requirements. For some functional areas you need to implement a password policy. You need to describe who the policy applies to and what assets are covered by the policy. For some functional areas you need to implement a password policy. You need to clearly define the policy for how passwords are selected by users. You need to define how passwords are used. You need to clearly describe how each authentication procedure is to be used by the user. When you document a policy for a particular functional area or asset you should explain and justify your choice of functionality. For some functional areas you should implement various multi-factor authentication schemes. You need to clearly define the policy for the schemes you select and describe how the procedures are used. Your policy must address the authentication for the following assets:

• Authentication for desktop workstations • Authentication for laptops that connect wirelessly.

• Authentication for laptops.

• Authentication for laptops that go off site and contain critical client and company information. Also consider the authentication needed for these laptops that connect into the organizations network.

• Authentication for handheld devices (e.g. Android, Iphone) that go off site and contain critical client and company information. Also consider the authentication needed for these handheld devices that connect into the organizations network.

• Authentication for administrator accounts on servers

• Authentication to physically access computer lab rooms that store critical client and company information on servers

• Authentication to physically access rooms that store employee salary and performance review information

Explanation / Answer

Authentication is the process of determining whether someone or something is, in fact, who or what it is declared to be.With the increasing number of Internet-enabled devices, reliable machine authentication is crucial to allow secure communication in home automation and other networked environments. In the Internet of things scenario, which is increasingly becoming a reality, almost any imaginable entity or object may be made addressable and able to exchange data over a network. It is important to realize that each access point is a potential intrusion point. Each networked device needs strong machine authentication and also, despite their normally limited activity, these devices must be configured for limited permissions access as well, to limit what can be done even if they are breached.

In private and public computer networks (including the Internet), authentication is commonly done through the use of login IDs (user names) and passwords. Knowledge of the login credentials is assumed to guarantee that the user is authentic. Each user registers initially (or is registered by someone else, such as a systems administrator), using an assigned or self-declared password. On each subsequent use, the user must know and use the previously declared password. However, password-based authentication is not considered to provide adequately strong security for any system that contains sensitive data.

Strong authentication is a commonly used term that is largely without a standardized definition. For general purposes, any method of verifying the identity of a user or device that is intrinsically stringent enough to ensure the security of the system it protects can be considered strong authentication.

The term strong authentication is often used to refer to two factor authentication (2FA) or multifactor authentication (MFA). That usage probably came about because MFA is a widely-applied approach to strengthen authentication. In cryptography, strong authentication is defined as a system involving multiple challenge/ response answers. Because such a system involves multiple instances from a single factor (the knowledge factor), it is an example of single-factor authentication (SFA), regardless of its strength.

An authentication policy defines the Kerberos protocol ticket-granting ticket (TGT) lifetime properties and authentication access control conditions for an account type. The policy is built on and controls the AD DS container known as the authentication policy silo.

Authentication policies control the following:

Biometric authentication is used to positively identify the user at login. Full disk encryption prevents unauthorized users from accessing the system data. If you put biometric authentication on the laptop and it's stolen, without full disk encryption, there's nothing to prevent someone from pulling the disk drive out of the laptop, putting it in an external case and reading the data on another system.


if you're logging into the domain then it authenticates with a Domain Controller. If you're logging into the local computer then it authenticates with the local security authority of the computer that you're logging into. It doesn't matter that the usernames and passwords are the same.

In short, todays world of era being linked with internet is not securre,to do some task on has to be secure, and authentication is the part of being secure.Which help to be secure in order to perform some task.

The TGT lifetime for the account, which is set to be non-renewable.

The criteria that device accounts need to meet to sign in with a password or a certificate.

The criteria that users and devices need to meet to authenticate to services running as part of the account.

Related Questions

write a step by step mechanism for the following reactions. Indicate the major a
Question #606004
write a step by step mechanism for the following reactions. Indicate the major a
Question #745902
write a structure that assigns the value of low to the variable name pressure if
Question #3706079
write a subroutine named \"median\" which will sort an array of integers so that
Question #3674523
write a summary of what you read. 1. You have a teenaged friend who is a vegan a
Question #242313
write a sumo robot c program for an aduino board, using 2 motors. 2 phototransis
Question #3554538
write a temperature application . Your solution should be a 2 class application
Question #3565305
write a temperature application . Your solution should be a 2 class application
Question #3565502

Navigate

Previous
write an assignment about alcohol addiction related to nursing and how would the
Next
write an awk script ‘list_sizes.awk’ that prints the size of every element in th

Integrity-first tutoring: explanations and feedback only — we do not complete graded work. Learn more.