Professional Documents
Culture Documents
ENGINEERING, HASSAN
DEPARTMENT OF COMPUTER SCIENCE & ENGINEERING
WORKSHOP
ON
CYBER SECURITY,
IDENTITY AND ACCESS
MANAGEMENT
WORKSHOP
PATRON
Dr. GEETHA KIRAN A
PROF & HEAD, DEPT OF
CSE, MCE
RESOURCE
Mr. RAVI KUMAR PERSONS
Mrs. Mrs. KAVYA D
D SANGEETHA ASST. PROFESSOR
ASST. PROFESSOR DEPT OF CSE,MCE
S
Objectives
Understand fundamentals around
Identity, Authentication,
Authorization, Accountability &
Access Control
Tom Jack
Bank Card
Jill Tim
Burger Pizza
Identity In The Digital Work
Identity in digital space, is a collection
of data points about an entity,
individual, organization or an
electronics device.
Phone number
Date of birth
Aadhaar ID or SSN
Electronic transaction
records
Authentication And
Authorization
What is Authentication?
Access channel
Time of access
Business rules
Authentication Process
Single Factor
Authenticator
Two- Factor
Management
Multi Factor
Authentication
Single Factor Authenticator
04 01
Authenticator
03 02
Tenets Of Authorization
Segregation of Duties (SoD)
Unsuccessful logons
The least privilege principle and shoes that what can be done
with the information (rwx) is limited to least amount of access
necessary to perform these actions
Unsuccessful Logons
Banners and login displays notify the user who are accessing a confidential
system and if their access the system they may be subject to monitoring , auditing
and justification of system
Access
Access Denied
Match
? Access
Granted
User Credentials
Login Password
IAM Database
Access Control
Rule-Based
Access Control
Key Consideration
Prevent access
Determine Access
Grant Access
Revoke Access
Audit Access
Mandatory Access Control (MAC)
Criteria Can’t be
Enforced By
‘Defined’ by altered by
Access
User Role
Permissons
Rule Base Access Control (RuBAC)
Rules based access control strategy to manage user access on
multiple systems, based on dynamically triggered user rules
Monitoring
&
Reviewing
Provisionin
g
Termination
Access Provisioning
User provisioning
My Access
is
Terminated
Managing digital Identities
IdAM
• Provides the resources a level of confidence that the requesting user authentic
• Something you have example tokens OTP can be changed over time – modern
easy
0
initiation
De-
provisioni
ng
0 1 0 Authentication
identity
Account
terminatio 6 2 establishment
0
n
Monitori
0
ng &
Complian
ce
5 0 3
Authorization
user
4
Account Self-
service
IdAM Implementation
Perspectives
Employees
Customer
Partners
Organization
Business Reality Vs Traditional
IdAM
Hurdles
around
standardizati
on in cross
domain user
provisioning
Disconnected between
soloed IAM traditional IDAM and Weaken
approaches today's digital business control of
different reality authenticatio
audience n and
functional authorizatio
groups n
Concept Of Zero Trust
Zero trust is a security concept according to which, organizations should
never spontaneously trust any request for access irrespective of its location
with respect to the boundaries of its perimeters fully stop each and every
connection request must be thoroughly verified before permitting the access
identify and
dependencies and
other risks.
Analyse executive
attention and buy-in
Avoid disrupting
existing
employees service.
Password Policies and Practices
Having a strong and up-to-date password policy is a security requirements
for an organisation
Identity
Theft
True-
name
identity
Account- theft
takeover
identity
theft
Common Techniques For Identity
Theft
Dumpster
Driving
Shoulder Spammin
Surfing g
Malware
THANK
YOU