1.

Password-based authentication

Definition:
- Password-Based Authentication is a widely used technique renowned for its low cost
and straightforward methodology. Users are able to log in using a set of credentials
that includes their unique username and password.

Use:
- In password authentication, the user must supply a password for each server, and
the administrator must keep track of the names and passwords of all users.

Example:
- LDAP allows a user to bind with a Distinguished Name (DND). The server determines
whether the password sent from the client matches the password stored for the
entry with the DND. If so, the server allows the client to access the resource.

2. Multi-factor authentication

Definition:
- With multi-factor authentication (MFA), you need to provide two or more verification
factors in order to access a resource like an application, an online account, or a VPN.
MFA asks for one or more extra verification elements in addition to the standard
login and password.

Use:
- Multifactor Authentication (MFA) is a security mechanism that confirms a user's
identity for a login or other transaction by requiring multiple ways of authentication
from separate categories of credentials.

Example:
- Personal security questions and answers, codes sent to email addresses, codes
generated by mobile apps, and fingerprints are a few examples of multi-factor
authentication.

3. Certificate-based authentication

Definition:
- Prior to allowing access to an application, network, or resource, certificate-based
authentication employs a digital certificate to identify a user, computer, or device.
 Use:
- Certificate-based authentication is the use of a Digital Certificate to identify a user,
machine, or device before granting access to a resource, network, application, etc. In
the case of user authentication, it is often deployed in coordination with traditional
methods such as username and password.

Example:
- Certificates replace the authentication portion of the interaction between the client
and the server. To authenticate a user to a server, a client digitally signs a randomly
generated piece of data. The server authenticates the user's identity on the strength
of this evidence.

4. Biometric authentication

Definition:
- In order to confirm that people are who they claim to be, biometric authentication
uses the distinctive biological traits of each person. Systems for biometric
authentication match physical characteristics or behavioral patterns to previously
authenticated data that has been recorded in a database.

Use:
- It is utilized in programs and systems like national identity cards for ID and health
insurance schemes that make use of fingerprints for identification. airport safety
This industry occasionally makes use of biometrics like iris recognition.

Example:
- By examining the distribution of blood vessels at the back of the eyes, retina scans
allow for subject identification. A photograph of the iris is used in iris recognition to
identify individuals. People can be recognized using fingerprint scanning.

5. Token-based authentication

Definition:
- creates encrypted security tokens through a protocol. It enables users to
authenticate themselves to websites, which creates a special encrypted
authentication token as a result.

Use:
- Users can use it to authenticate themselves to websites, which creates a special,
encrypted authentication token.
Example:
 - To read the user's planned events and add new events, for instance, a Calendar
application needs access to a Calendar API in the cloud.

What are the four types of access control model? List the definition, what is the
use of this model and example of this model?

1. Discretionary Access Control (DAC)

Definition:
- The concept of limiting access to things based on the identity of the subject is
known as discretionary access control (the user or the group to which the user
belongs).

Use:
- Discretionary Access Control (DAC) allows users complete control over the items
they've made or been given access to, including the ability to share them with other
users. The data are in the hands of the subjects, who are empowered.

Example:
- A typical example of DAC is Unix file mode, which defines the read, write and execute
permissions in each of the three bits for each user, group and others.

2. Mandatory Access Control (MAC)

Definition:
- Mandatory access control (MAC) is a security strategy that restricts the ability of
resource owners to grant or deny access to file system objects. MAC criteria are
defined by the system administrator and strictly enforced by the operating system.
While it is the most secure access control setting, MAC requires careful planning and
continuous monitoring.

Use:
- The ability of individual resource owners to allow or refuse access to resource
objects in a file system is constrained by the security measure known as mandatory
access control (MAC).

Example:
- A case of MAC can be seen in military security, where the owner of the data cannot
select who receives a top-secret clearance or modify an object's classification from
top-secret to secret.
3. Role-Based Access Control (RBAC)

Definition:
- RBAC is a technique for controlling network access based on the roles of specific
individuals inside an organization. RBAC guarantees that employees only have
access to the information they require to do their duties and stops them from
obtaining information that is irrelevant to them.

Use:
- Based on the responsibilities of certain users within a business, role-based access
control (RBAC) is a technique for limiting network access. RBAC guarantees that
workers only have access to the data they require to perform their duties and stops
them from accessing data that has no bearing on their work.

Example:
- Common examples of RBAC include:. Software engineering role:. Has access to
GCP, AWS, and GitHub. Marketing role has access to HubSpot, Google Analytics,
Facebook Ads, and Google Ads.

4. Rule-Based Access Control (RBAC)

Definition:
- Rule Based Access Control (RBAC) allows system owners to personalize the type of
access a user has based on their role within an organization. Users can be grouped
into roles based on who they are and how much access they have to systems such
as email, phone or web access.

Use:
- Security managers govern access points within a building using rule-based access
management, similar to role-based approaches. Access permissions, however, are
independent of particular jobs and may be used to supersede other rights that an
employee is in possession of.

Example:
- An administrator might specify access times for the typical business day in a rule-
based access control setup, for instance. In this case, a person cannot enter your
building after 9:00 AM and before 5:00 PM.