Monday, August 26, 2019
Design System and Security Control Essay Example | Topics and Well Written Essays - 3250 words
Design System and Security Control - Essay Example This includes user errors, malicious and non-malicious attacks, accidents as well as external attack from hackers, who try to gain access to the system and disrupt the various system operations hence rendering it useless, or data alteration or even data loss. There are a number of system security and control requirements that are required for the implementation of the ACA Technology. The system will need protection in terms of the following aspects of data. The system should ensure confidentiality. This implies that the system should hold information that requires its protection from any unauthorized disclosures. This includes personal information as well as business proprietary information. Authentication Secondly, authentication is another important aspect of any given system. This is defined as the act of establishing the identity of a given user as well as the host being used. The first objective of authentication is usually first to establish that the given person and/ or system which is attempting to gain access to the system has the permission to do so. The second objective is usually the gathering of the information detailing the way the particular user is gaining access to the system. Smart cards, bank cards, computer chips are used to identify the identity of a given person. Some of the devices require the user to also supply a password or personal identification number (PIN) to verify their identity. The third method is by use of Biometric identification. This method uses the Biometric science that identifies a given person based on their physical characteristics. This includes voice recognition, palm, thumbprint identification as well as retinal scan. Authorization Thirdly is the authorization which is another vital aspect of system control. This is defined as the act of determining the access level that a particular user has to behavior and data. Under this aspect of system control, effective approaches to authorization need to be first established . A number of questions need to be addressed i.e. ââ¬Å"What shall we control access to?â⬠As we know itââ¬â¢s possible to implement secure access to both data and functionality for example access to monthly sales figures and the ability to fire a given employee respectively. While this is being done a number of factors need to be checked to ensure that the implementation is cost effective and conforms to the performance constraints. The second question that arises is ââ¬Å"what rules shall be applicable?â⬠to be in a position to answer this question effectively, the stakeholders' requirements need to be factored in and included should be other security factors which the stakeholders may not be aware of. These factors will include; the connection type, update access, the time of the day, the existence, privileges level, global permissions etc.
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment
Note: Only a member of this blog may post a comment.