Chapter 4 - 02 - Discuss Identity and Access Management (IAM) - 02_ocred.pdf

Full Transcript

Certified Cybersecurity Technician Identification, Authentication, and Authorization Exam 212-82 User Identity Management (IDIVI) Identity Management v’ v Identity Repository User Identification involves a method to ensure that an individual holds a valid identity v’ The user repository is a database where attributes related to the users' identities are stored Examples of user identity includes attributes such as a username, account number, user roles, etc. v’ Identify Management involves storing and managing user attributes in their repositories \ \ L All Rights Reserved. Reproduction is Strictly Prohibited w User Identity Management (IDIM) Identification deals with confirming the identity of a user, process, or device accessing the network. User identification is the most commonly used technique for authenticating the users in the network and applications. Users have a unique user ID which helps in their identification. Identify Management involves storing and managing user attributes in their repositories. Here, the user repository is a database where attributes related to the users' identities are stored. The authentication process includes verifying a user ID and a password. Users are required to provide both the credentials in order to gain access to the network. The network administrators provide access controls such as the username, account number, etc. and permissions to various other services depending on the user IDs. Module 04 Page 469 Certified Cybersecurity Technician Copyright © by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited. Certified Cybersecurity Technician Identification, Authentication, and Authorization Exam 212-82 User access management (AM) is the process of A ,and authorized users’ access to an IT system, application, or resource It includes all the » 3 , and required for the maintenance of AM with IT infrastructure Identity management and various users, roles, groups, and policies AM and that all the defined roles and policies are followed User Access Management (AM) User access management (AM) is the process of identifying, monitoring, and regulating authorized users’ access to an IT system, application, or resource. It includes all the policies, processes, methodologies, and tools required for the maintenance of AM with IT infrastructure. User AM is used as part of the IAM functionality. Identity management creates and controls various users, roles, groups, and policies. AM and policies are followed. Module 04 Page 470 monitors and ensures that all the defined roles Certified Cybersecurity Technician Copyright © by EG-Council All Rights Reserved. Reproduction is Strictly Prohibited. Certified Cybersecurity Technician Exam 212-82 Identification, Authentication, and Authorization User Access Management (AM): User Authentication O Authentication involves validating the identity of an individual with a system, application, Authentication System or network b hashed credentials 4 User Access Management Factors User Verifies user credentials with P L T ——————————r (AM): User Authentication (Cont’d) i | \ Attributes v" Something you know: Also known as knowledge factor. Something that user knows like username or password v Somewhere you are: Also known as location-based authentication. Refers to authentication based on user’s physical location v Something you have: Also known as owner factor or hard tokens. Something that users retain with them such as a hardware token, v" Something you do: Also known as behavioral characteristics. Refers to authentication based on user’s actions such as gesture or touch inputs employee ID cards, etc. v" v Something you are: Also known as biometric gy factor. Something that is inherent in users, such as biometrics, voice recognition, retina scan, etc. v Something you exhibit: Also known as behavioralbased authentication and authorization. Refers to authentication exhibiting some device or thing v Someone you know: : Relies Reli on web of trust model. Refers to authentication through peer-level certification and reputation networks ‘Copyright © by EC-Council Al Rights Reserved. Reproductions Strietly Prohibited. User Access Management (AM): User Authentication Authentication involves verifying the credentials provided by a user while attempting to connect to a network. Both wired and wireless networks authenticate users before allowing them to access the resources in the network. A typical user authentication scheme consists of a user ID and a password. Other forms of authentication include the authentication of a website using a digital certificate and the comparison of the product and label associated with it. Module 04 Page 471 Certified Cybersecurity Technician Copyright © by EG-Council All Rights Reserved. Reproduction is Strictly Prohibited. Certified Cybersecurity Technician Exam 212-82 Identification, Authentication, and Authorization User provides UID:2001 & Pwd: $5$ Authentication System User Verifies user credentials with hashed credentials Figure 4.10: User authentication Factors Factors refer to the ways in which users can verify their identity during the authentication process. The factors associated with the process of authentication are as follows. = Something you know: Something you know is also known as the knowledge factor. The user should know information such as username and password when attempting to log into a system or network. Other examples of this factor include personal identification numbers (PINs), swipe patterns on touchscreen devices, and challenge questions during the account reset process. = Something you have: Something you have is also known as the owner factor or hard tokens. The user should hold information such as a one-time password token, USB fob, employee ID cards, and account number when attempting to log into a system or network. = Something you are: Something you are is also known as the biometric factor. The user should use their biometric characteristics such as voice, retina scan, and fingerprint scan when attempting to log into a system or network. Attributes A user can be identified using a collection of attributes supported in authentication. Some of the attributes are as follows. = Somewhere you are: Somewhere you are is also known as location-based authentication. It refers to the physical location of the user that can be used for authentication. It is also used to block access if the location does not match. This attribute includes geo-location and IP address. = Something you do: Something you do is also known as behavioral characteristics. It refers to the actions that a user must perform to gain access. This attribute includes gestures or touch inputs. = Something you exhibit: Something you exhibit is also known as behavioral-based authentication and authorization. It refers to a device or an object that the user must exhibit in order to authenticate themselves. For example, a legitimate user can be identified based on the normal behavioral pattern of a user on a device; if it deviates, the device will be locked out, and the user must attempt reauthentication. Module 04 Page 472 Certified Cybersecurity Technician Copyright © by EG-Gouncil All Rights Reserved. Reproduction is Strictly Prohibited. Certified Cybersecurity Technician Exam 212-82 Identification, Authentication, and Authorization Someone you know: Someone you know relies on the web-of-trust model. It refers to authentication through peer-level certification and reputation networks, which depends on the reliance of humans on one another. It can be used when primary factors such as passwords and hardware tokens are unavailable. The commonly used authentication methods are as follows: Password Authentication Smart Card Authentication Biometric Authentication Two-factor Authentication Single Sign-on (SSO) Authentication Module 04 Page 473 Certified Cybersecurity Technician Copyright © by EG-Council All Rights Reserved. Reproduction is Strictly Prohibited.