The two forms of control Physical access control
This ensures intruders do not get near computer equipment or storage media.
Methods of controlling human access include:
Personnel (security guards)
Mechanical devices (lock and keys)
Electronic identification (card swipe systems, keypad systems)
Logical access systems
These are controls designed to prevent those who have access to a terminal or computer from gaining access to data or software. A logical access system performs three operations when access is requested:
Identification of the user.
Authentication of the user identity.
Check on user authority.
Logical access is accomplished through:
– Password systems
– Encryption
– Biometrics
Password systems
A password is a set of characters, which may be allocated to a user, terminal or facility which are required to be keyed into the system before further access is permitted. Passwords should be kept secret, changed regularly and should not be obvious.
Encryption
Data transmitted over telecommunication links or networks suffers three security dangers:
Hardware faults.
Unauthorised access by eavesdroppers.
Direct intervention by an impostor who sends false messages down the line.
Encryption involves scrambling the data at one end of the line, transmitting the scrambled data and unscrambling (decrypting) it at the receiving end of the line.
Authentication involves making sure that the message has come from an authorised user by the addition of an extra identification field to the message.
Biometrics- use of human biological features e.g retina, sound, to identify orauthenticate individuals accessing the system.