Cyber Security: Authentication and AAA Framework

Questions and Answers

What is the primary goal of access control in operating systems?

To manage access to system resources, such as files, directories, pipes, and sockets.

In a Role-Based Access Control (RBAC) system, what determines the level of access a user has?

The user's role, such as 'Basic', 'Standard', or 'Premium'.

In UNIX-like systems, what do the permissions 'r', 'w', and 'x' represent?

Read, write, and execute, respectively, which determine a subject's access to an object.

What is the primary advantage of using Attribute-Based Access Control (ABAC) over RBAC?

ABAC provides more granular access control by considering multiple attributes, such as user subscription level, content rating, and device type.

In a Discretionary Access Control (DAC) model, who has complete control over object access permissions?

The owner of the object.

What is the significance of the 'set-UID' and 'set-GID' permissions in UNIX-like systems?

They allow a program to run with the privileges of the owner or group, respectively, rather than the user executing the program.

What is the primary goal of Authentication in the context of cyber security?

To ensure that only authorized subjects (users, devices, or systems) can access protected resources.

What are the three components of the AAA framework?

Authentication, Authorization, and Accounting.

What is the difference between unidirectional and bidirectional authentication in a client-server scenario?

Unidirectional authentication involves the client proving its identity to the server, while bidirectional authentication involves both the client and server proving their identities to each other.

What is the purpose of the challenge step in the authentication process?

To request proof of identity from the client.

What are the benefits of implementing Authentication in a system?

It maintains the confidentiality, integrity, and availability of data and systems, and provides an audit trail for security monitoring and compliance purposes.

What is the relationship between Authentication and Authorization in the AAA framework?

Authentication verifies the identity of the subject, while Authorization determines whether the authenticated subject has the necessary permissions to access the requested resource.

What is a recommended practice to minimize the risk of unauthorized access when using SSH key-based authentication?

Regularly rotate SSH keys and remove unused or compromised keys from the authorized_keys file.

What is the primary concept of Role-Based Access Control (RBAC)?

Assigning users to predefined roles based on their job functions or responsibilities.

What is the purpose of implementing SSH key management systems, two-factor authentication, or IP address restrictions?

To add extra layers of protection to SSH key-based authentication.

Why is it important to use strong passphrases to protect private keys?

To protect private keys from unauthorized access, especially if the keys are stored on a shared or public machine.

What is the purpose of monitoring SSH access logs and using intrusion detection systems (IDS)?

To identify and respond to suspicious activities or unauthorized access attempts.

What is the benefit of using public/private key authentication with SSH?

To ensure secure remote access to servers and network devices, protecting sensitive data and systems from unauthorized access and potential breaches.

Study Notes

Access Control in Operating Systems

• The primary goal is to restrict access to system resources to authorized users only.
• Enforces security policies to prevent unauthorized access or misuse.

Role-Based Access Control (RBAC)

• User access levels are determined by roles assigned based on job responsibilities.
• Roles encapsulate permissions that users inherit, simplifying management.

UNIX-Like Permission System

• 'r' represents read permission, allowing users to view content.
• 'w' signifies write permission, enabling users to modify content.
• 'x' denotes execute permission, letting users run executable files.

Attribute-Based Access Control (ABAC)

• Provides greater flexibility by using attributes (user, resource, environment) to make access decisions.
• Can adapt to complex scenarios better than RBAC, which relies on fixed roles.

Discretionary Access Control (DAC)

• Object owners have complete control over permissions and access rights.
• Users can grant or revoke access to their resources without centralized authority.

Set-UID and Set-GID in UNIX

• 'set-UID' allows users to execute a file as the file owner, enabling higher privilege tasks.
• 'set-GID' lets users execute a file with the file group’s permissions, influencing group-based access.

Authentication in Cybersecurity

• The primary goal is to verify the identity of users or systems attempting access.
• Ensures that credentials match recognized information.

AAA Framework Components

• Authentication: Validates user identity.
• Authorization: Determines user permissions post-authentication.
• Accounting: Tracks user activities for auditing purposes.

Unidirectional vs. Bidirectional Authentication

• Unidirectional authentication verifies the client’s identity to the server only.
• Bidirectional authentication involves mutual verification between both client and server.

Challenge Step in Authentication

• Involves the system issuing a test to confirm the identity of the user or entity.
• Ensures that the user possesses the correct credentials or private key.

Benefits of Implementing Authentication

• Protects sensitive data and system resources from unauthorized access.
• Builds trust by ensuring only legitimate users can access specific resources.

Relationship Between Authentication and Authorization

• Authentication is the first step, allowing access to resources.
• Authorization determines permissions once the user is authenticated.

SSH Key-Based Authentication Best Practices

• Use strong, unique passwords for private keys to minimize unauthorized access risk.
• Regularly rotate keys and restrict access based on user need.

Core Concept of Role-Based Access Control (RBAC)

• Access is granted based on predefined roles rather than individual user identities.
• Helps streamline permission management and enforces the principle of least privilege.

Purpose of SSH Key Management Systems

• Enhance security by managing, rotating, and monitoring SSH keys.
• Two-factor authentication adds an extra security layer against unauthorized access.

Importance of Strong Passphrases for Private Keys

• Protects against brute-force attacks and limits unauthorized access.
• Ensures sensitive keys are not easily compromised.

Monitoring SSH Access Logs and IDS

• Helps detect unauthorized access attempts and identifies potential security breaches.
• Enables proactive responses to suspicious activities.

Public/Private Key Authentication with SSH

• Offers strong security through asymmetric cryptography, avoiding the need for plaintext passwords.
• Reduces the risk of credential theft while simplifying the login process.

Description

Test your knowledge on the crucial role of authentication in cyber security, including the AAA framework's comprehensive approach to security. Learn about verifying identities and maintaining data confidentiality, integrity, and availability.