The chapter on Online Identity Identification and User Management Services introduces the following aspects, digital identity definition, privacy requirements, user center, usability requirements, etc. The article mentioned that with the widespread use of the Internet, there are still security risks, such as the Internet has not developed enough identity layer, network fraud and so on. In this case, online identification and user management services are particularly important.
One of the things I’m most interested in is the description of cookies, which were originally introduced to remember stateful information so that people could continue the process the next time they opened the same web page. For example, the web version shows whether the password is remembered after logging in. Today’s software, however, is clearly exploring users beyond the scope of cookies. Software may request permission to access other software information to confirm user habits. While this does result in a great user experience, it also inevitably invades the user’s privacy. As a simple example, I just told a friend that I want to travel to Dali, and the software will soon push me information about my trip to Dali, which makes me feel spied on.
Identity theft is the crime of obtaining the personal or financial information of another person to use their identity to commit fraud, such as making unauthorized transactions or purchases. Identity theft is committed in many different ways and its victims are typically left with damage to their credit, finances, and reputation.
Identity theft occurs when someone steals your personal information and credentials to commit fraud.
There are various forms of identity theft, but the most common is financial.
Identity theft protection is a growing industry that keeps track of people’s credit reports, financial activity, and Social Security Number use.
I’m interseting in the online privacy.
One of the facts that struck me in the article was evidence that lists of patients suffering from mental illness to sexual dysfunctions, cancer and HIV/AIDS, to name just a few examples, were commonly traded. Even more outrageously, lists of rape victims were publicly advertised and sold. This fact shows that in the current network environment, the sale of personal information has broken through the moral bottom line of human beings to a certain extent. The global nature of the internet presents challenges for online privacy. As individuals interact and engage with online platforms and services across borders, their personal information may be subject to different legal frameworks and data protection standards. This can create discrepancies in privacy protections and make it difficult for individuals to exercise control over their data.
And during the article, with respect to privacy, the three big data paradoxes could be reinterpreted as: opacity and lack of scrutiny of big data organizations; lack of control on personal identities; and asymmetric distribution of power in exploiting big data. Privacy on the Internet and digital society does not look to be in good shape, the augmented sensibility of individuals to its erosion, the many scientific and technological efforts to introduce novel solutions, and a better knowledge of the problem with the help of fresh data contribute to stimulating the need for better protection and fairer use of personal information.
The most interesting point for me is that I learned that there is no absolute security. With the rapid growth of information technology, we are faced with an array of devices capable of grabbing gigabytes of data and moving them anywhere in the world at a moment’s notice. Our laptops, tablets and smartphones with direct connections to corporate data have become “endpoints” in an extensive global network, and data has never been more vulnerable to loss or more valuable to secure protection. And in this, humans are still the primary agents of loss.
There is no absolute security in the world, we can not be sure what will happen next, so we need to constantly improve the protection mechanism of information security, not only external, but also focus on the internal attitude to security, to strengthen the security awareness of corporate employees and management, security can not be provided from a silo, but must be generated organically under the cooperative efforts of all managers in the company. In a globalized digital environment, companies can use their information to their advantage, but only if they are willing to take the risks that come with sharing it.
The interesting point that I’ve learned is about security and privacy in the information age that I live in. Before this class, I simply understood that some of my address and telephone information were not very safe, and I had never understood them systematically. It’s like wireless networks that connect to wherever they go for convenience, without thinking about the security properties of the network. I had enjoyed the benefits of the information age, but I had forgotten about my privacy. In my opinion, while strengthening the software protection of devices, we should also pay attention to the spam or information from abnormal sources to improve our security awareness.
This week’s reading material has been interesting and has given me a lot of knowledge that I didn’t know before. Especially regarding information security, I have learned that there are many hidden dangers and risks in the network environment and data environment we are living in. We need to pay more attention to the sources of data and information, and at the same time, we need to check whether the information and data we output are in compliance. Be aware of the risks of spam and phishing emails. In the enterprise environment and life scene, we also need to reinforce the security of our system, information transmission security and network security at any time.
I thought an interesting point in the readings was the section regarding mix nets in the Privacy-Enhancing Technologies chapter. This is a data minimization technology that hides the relation between incoming and outgoing messages. I found it interesting because I had heard of this technology regarding the “Tor” browser but I had never really considered it as a tool that could be implemented for an organization. I really only considered this in more of a personal situation. It was also interesting breaking down how the communication takes place via the four steps outlined in the section. Detailing how this technology works gave me a better understanding of it’s potential usefulness, as I was not previously fully aware of all the intricacies of which it is comprised.
I learned that there is no such thing as perfect security. With the rapid development of information technology, our laptops, tablets and smartphones that connect directly to corporate data have become the “endpoints” of an extensive global network, and never has the data been so easy to lose or so valuable to secure. In this respect, human beings remain the principal agents of loss. There is no absolute security in the world, and we cannot be sure what will happen next. Therefore, we need to constantly improve the protection mechanism of information security, not only external, but also internal attitude towards security, and strengthen the security awareness of employees and management of enterprises. Security cannot be provided from the island, but must be organically produced under the joint efforts of all managers of the company. In a globalized digital environment, companies can use their information to their advantage, but only if they are willing to take the risks that come with sharing it.
An interesting point to learn from this week’s reading is that autonomous access control (DAC) offers great trade-offs. It ensures user flexibility while reducing IT’s management overhead. But malware can work within the user’s identity (security context). For example, if a user opens a virus-infected file, the code can install itself without the user’s awareness of the context, which poses a potential vulnerability. The code inherits all the rights and privileges of the user and can perform all the activities that the user can perform on the system, sending a copy of itself to all the contacts in the user’s email client.
The interesting thing to me is that if the user is a local administrator or has a root account, once the malware is installed they can do anything. It’s not even possible to protect the system from the huge damage that can be done by security.
This week’s reading deals with the importance of identity and access management in cybersecurity. I learned the difference between identity management and access management and how they are both key components of a comprehensive cybersecurity strategy. The readings also highlight the importance of implementing appropriate measures to protect digital assets and prevent unauthorized access.
One interesting point is that access management is becoming increasingly important due to the rise of cloud computing and mobile devices. With more employees working remotely and accessing company resources from various devices, it is essential for businesses to have effective access management controls in place to protect their sensitive data and resources.
I interest is Privacy and Big Data section. Big data privacy involves properly managing large amount of data to minimize risk and protect sensitive information (mainly for corporations). It describes enormous quantities of personal data which are continuously being gathered and are often so huge that it’s impossible to analyze them using traditional data analysis. For privacy purposes, the term “anonymity” is brought up “as the only safe harbor for ordinary people in the battle for preserving privacy from the prying eyes of data brokers, Internet corporations, social networks and governments.”
What I am interested in is that with the development of computer technology, remote work has become the norm, and the usage of mobile devices has reached the maximum, the management of information security will be particularly important.
I think the online privacy part is very interesting, it talks about the many definitions of privacy. Privacy, like games, public space, democracy, and probably even security, are examples of cluster concepts.
Information privacy has two broad categories which are value-based and cognate-based. For online privacy, the most relevant conceptualization is to consider privacy as a problem of control of access to self.
One interesting point I learned from the readings is Identity theft.
Identity theft refers to the fraudulent acquisition and use of someone’s personal information, typically for financial gain or other malicious purposes. It involves the unauthorized use of personal identifying information, such as Social Security numbers, credit card details, bank account numbers, or other sensitive data. The stolen information is then used to impersonate the victim, commit fraudulent activities, or gain unauthorized access to accounts and resources.
Information security is relative and there is no absolute security; Information security is a dynamic process, and information security protection is a comprehensive protection process. Continuous attention and improvement are needed, and there will never be a one-time safety protection measure.
As mobile devices become more affordable and portable, organizations and users are more willing to purchase and use mobile devices. With the popularity of wireless internet, various mobile devices have become more vulnerable to attacks and are more likely to face the risk of data leakage. Authentication and authorization through various mobile devices is very convenient, but it also increases risk due to the removal of restrictions on protected enterprise boundaries. With the advent of the digital age, how to carry out security protection will also face enormous challenges.
In the course of this week’s study, I think the area of interest is the protection of personal and organizational information. Since the advent of the Internet, there are many examples that prove that it is crucial to do a good job of network information security. Hackers will steal information through many different means, trap emails, spam advertisements, etc. It may be a devastating blow to a company, so how to do a good job of information protection is a point that I am very interested in.
I learned a lot from this week’s reading, but one thing that caught my attention was single sign-on, which is named for eliminating the requirement for multiple password problems and dangerous passwords. Single sign-on (SSO) does make it easier to log in without having to remember multiple usernames and passwords for those accounts. It definitely makes your job easier in situations where you have to log in to multiple applications.
The point that I’m interesting is Physical and Environmental Security. I think it’s interesting because I didn’t know that there are so many physical and environmental sources of threats:
vandalism, sabotage, theft, terrorism, war, floods, leaks, smoke, toxic materials, industrial pollution, virus, bacteria, animal, insect, wind, fire, explosion, electricity, magnetism, radio wave anomalies
After reading this part, I realized that most of these issues that we may not able to predict when will happen , so all we can do is using Business Continuity Plan (BCP) and Disaster Recovery Plan (DRP) to recovery information as much as possible if that happens.
How to choose between identity management and access management
What kind of software and features your organization needs ultimately depends on the specific requirements and challenges that come with your specific IT setup. Are you a small company with few accounts to manage, but a lot of data and a very complex access structure? An access management solution or data governance tool could be the right choice in your case. Similarly, if you’re dealing with a lot of accounts, but don’t need to fine-tune the permissions for different groups among them, a simple user management platform might do the trick.
Most businesses, however, need both identity and access management. By bringing together both disciplines, an IAM platform helps you safeguard business-critical information through granular access control, while ensuring compliance with detailed logs and reports and saving valuable time thanks to automated user and permission management.
1. The three main types of access control are preventive, detective and corrective. Preventive access control attempts to prevent events before they occur. Detective access control attempts to detect an event after it has occurred. Corrective access control attempts to correct the problem after the event has been detected. Control is achieved through administrative, logical and physical means. Administrative controls are also known as management controls and include policies and procedures. Logical controls are also known as technical controls and are implemented through technology. Physical controls use physical means to protect the object.
2. The four main access control elements are identification, authentication, authorisation and accountability. The subject (user) declares an identity, such as a username, and uses an authentication mechanism, such as a password, to prove identity. Once the subject is authenticated, an authorisation mechanism controls his or her access rights and an audit trail records his or her activities so that the subject is accountable for his or her actions.
3. The three main factors of authentication are what you know (e.g. a password or PIN), what you have (e.g. a smart card or token) and who you are (identified by biometrics). Multi-factor authentication uses multiple authentication factors and is more powerful than using any single authentication factor.
4. Authentication methods
(1) Single sign-on allows users to authenticate once and access any resource in the network without having to authenticate again.
(2) Kerberos is a popular single sign-on authentication protocol that uses a ticket for authentication. kerberos uses a subject database, symmetric encryption and system time.
Kerberos uses a subject database, symmetric encryption and system time synchronisation to issue tickets.
(3) Federated Identity Management is a single sign-on solution that can be extended beyond a single organisation. Multiple organisations create or join and agree to a method of sharing identities between organisations. SAML is a common protocol used for SSO on the Internet.
(4) AAA protocols provide authentication, authorisation and accountability. Popular AAA protocols are RADIUS, TACACS+ and Diameter.
5.The identity and access configuration lifecycle includes the process of creating, managing and deleting accounts used by the subject. Access configuration (provisioning) involves the initial steps of creating accounts and ensuring that they are granted appropriate access to the objects. As users’ jobs change, they often need to change their initial access rights. The account review process ensures that account modifications follow the principle of least privilege.
Information security is crucial. There are different security technologies and solutions based on different business environments and requirements. But the core focus is on assets. Information security protection requires comprehensive management of assets, vulnerabilities, and threats.
Information security makes me feel both interesting and terrible. Through reading, I find that information security is a double-edged sword. It not only serves our lives, but also poses a threat to our personal information.
For example, I told my friends in the morning that I wanted to eat a certain dish and wanted to learn how to do it. In the afternoon, the information pushed by my Baidu search or other software was all about this dish.
I feel like my phone is like my good friend and a bug. Good friends sometimes will quarrel with me, if my mobile phone betrayed me, it will be how terrible things!! How can I know if my phone will betray me?
Social engineering is something I have learned with great interest. Social engineering is a process in which the victim’s psychological weakness, instinctive reaction, curiosity, trust, greed and other psychological traps are subjected to harmful means such as deception and harm, and the purpose is achieved through means. The initial way of expression is to attack the weakest link in the information security chain with the human factor, and invade the computer system of the deceived by means of deception. Later extended to the real society, social workers usually use the way of conversation to extract users’ secrets, so as to collect information to infiltrate the victims.
Chenhao Zhang says
The chapter on Online Identity Identification and User Management Services introduces the following aspects, digital identity definition, privacy requirements, user center, usability requirements, etc. The article mentioned that with the widespread use of the Internet, there are still security risks, such as the Internet has not developed enough identity layer, network fraud and so on. In this case, online identification and user management services are particularly important.
Yujie Cao says
One of the things I’m most interested in is the description of cookies, which were originally introduced to remember stateful information so that people could continue the process the next time they opened the same web page. For example, the web version shows whether the password is remembered after logging in. Today’s software, however, is clearly exploring users beyond the scope of cookies. Software may request permission to access other software information to confirm user habits. While this does result in a great user experience, it also inevitably invades the user’s privacy. As a simple example, I just told a friend that I want to travel to Dali, and the software will soon push me information about my trip to Dali, which makes me feel spied on.
Chun Liu says
Identity theft is the crime of obtaining the personal or financial information of another person to use their identity to commit fraud, such as making unauthorized transactions or purchases. Identity theft is committed in many different ways and its victims are typically left with damage to their credit, finances, and reputation.
Identity theft occurs when someone steals your personal information and credentials to commit fraud.
There are various forms of identity theft, but the most common is financial.
Identity theft protection is a growing industry that keeps track of people’s credit reports, financial activity, and Social Security Number use.
Shuting Zhang says
I’m interseting in the online privacy.
One of the facts that struck me in the article was evidence that lists of patients suffering from mental illness to sexual dysfunctions, cancer and HIV/AIDS, to name just a few examples, were commonly traded. Even more outrageously, lists of rape victims were publicly advertised and sold. This fact shows that in the current network environment, the sale of personal information has broken through the moral bottom line of human beings to a certain extent. The global nature of the internet presents challenges for online privacy. As individuals interact and engage with online platforms and services across borders, their personal information may be subject to different legal frameworks and data protection standards. This can create discrepancies in privacy protections and make it difficult for individuals to exercise control over their data.
And during the article, with respect to privacy, the three big data paradoxes could be reinterpreted as: opacity and lack of scrutiny of big data organizations; lack of control on personal identities; and asymmetric distribution of power in exploiting big data. Privacy on the Internet and digital society does not look to be in good shape, the augmented sensibility of individuals to its erosion, the many scientific and technological efforts to introduce novel solutions, and a better knowledge of the problem with the help of fresh data contribute to stimulating the need for better protection and fairer use of personal information.
Yawen Du says
The most interesting point for me is that I learned that there is no absolute security. With the rapid growth of information technology, we are faced with an array of devices capable of grabbing gigabytes of data and moving them anywhere in the world at a moment’s notice. Our laptops, tablets and smartphones with direct connections to corporate data have become “endpoints” in an extensive global network, and data has never been more vulnerable to loss or more valuable to secure protection. And in this, humans are still the primary agents of loss.
There is no absolute security in the world, we can not be sure what will happen next, so we need to constantly improve the protection mechanism of information security, not only external, but also focus on the internal attitude to security, to strengthen the security awareness of corporate employees and management, security can not be provided from a silo, but must be generated organically under the cooperative efforts of all managers in the company. In a globalized digital environment, companies can use their information to their advantage, but only if they are willing to take the risks that come with sharing it.
Guanhua Xiao says
The interesting point that I’ve learned is about security and privacy in the information age that I live in. Before this class, I simply understood that some of my address and telephone information were not very safe, and I had never understood them systematically. It’s like wireless networks that connect to wherever they go for convenience, without thinking about the security properties of the network. I had enjoyed the benefits of the information age, but I had forgotten about my privacy. In my opinion, while strengthening the software protection of devices, we should also pay attention to the spam or information from abnormal sources to improve our security awareness.
Yuanjun Xie says
This week’s reading material has been interesting and has given me a lot of knowledge that I didn’t know before. Especially regarding information security, I have learned that there are many hidden dangers and risks in the network environment and data environment we are living in. We need to pay more attention to the sources of data and information, and at the same time, we need to check whether the information and data we output are in compliance. Be aware of the risks of spam and phishing emails. In the enterprise environment and life scene, we also need to reinforce the security of our system, information transmission security and network security at any time.
Zhang Yunpeng says
I thought an interesting point in the readings was the section regarding mix nets in the Privacy-Enhancing Technologies chapter. This is a data minimization technology that hides the relation between incoming and outgoing messages. I found it interesting because I had heard of this technology regarding the “Tor” browser but I had never really considered it as a tool that could be implemented for an organization. I really only considered this in more of a personal situation. It was also interesting breaking down how the communication takes place via the four steps outlined in the section. Detailing how this technology works gave me a better understanding of it’s potential usefulness, as I was not previously fully aware of all the intricacies of which it is comprised.
Chunqi Liu says
I learned that there is no such thing as perfect security. With the rapid development of information technology, our laptops, tablets and smartphones that connect directly to corporate data have become the “endpoints” of an extensive global network, and never has the data been so easy to lose or so valuable to secure. In this respect, human beings remain the principal agents of loss. There is no absolute security in the world, and we cannot be sure what will happen next. Therefore, we need to constantly improve the protection mechanism of information security, not only external, but also internal attitude towards security, and strengthen the security awareness of employees and management of enterprises. Security cannot be provided from the island, but must be organically produced under the joint efforts of all managers of the company. In a globalized digital environment, companies can use their information to their advantage, but only if they are willing to take the risks that come with sharing it.
Hao Zhang says
An interesting point to learn from this week’s reading is that autonomous access control (DAC) offers great trade-offs. It ensures user flexibility while reducing IT’s management overhead. But malware can work within the user’s identity (security context). For example, if a user opens a virus-infected file, the code can install itself without the user’s awareness of the context, which poses a potential vulnerability. The code inherits all the rights and privileges of the user and can perform all the activities that the user can perform on the system, sending a copy of itself to all the contacts in the user’s email client.
The interesting thing to me is that if the user is a local administrator or has a root account, once the malware is installed they can do anything. It’s not even possible to protect the system from the huge damage that can be done by security.
Shuyi Dong says
This week’s reading deals with the importance of identity and access management in cybersecurity. I learned the difference between identity management and access management and how they are both key components of a comprehensive cybersecurity strategy. The readings also highlight the importance of implementing appropriate measures to protect digital assets and prevent unauthorized access.
Hongli Ma says
One interesting point is that access management is becoming increasingly important due to the rise of cloud computing and mobile devices. With more employees working remotely and accessing company resources from various devices, it is essential for businesses to have effective access management controls in place to protect their sensitive data and resources.
Shijie Yang says
I interest is Privacy and Big Data section. Big data privacy involves properly managing large amount of data to minimize risk and protect sensitive information (mainly for corporations). It describes enormous quantities of personal data which are continuously being gathered and are often so huge that it’s impossible to analyze them using traditional data analysis. For privacy purposes, the term “anonymity” is brought up “as the only safe harbor for ordinary people in the battle for preserving privacy from the prying eyes of data brokers, Internet corporations, social networks and governments.”
Nana Li says
What I am interested in is that with the development of computer technology, remote work has become the norm, and the usage of mobile devices has reached the maximum, the management of information security will be particularly important.
Haoran Wang says
I think the online privacy part is very interesting, it talks about the many definitions of privacy. Privacy, like games, public space, democracy, and probably even security, are examples of cluster concepts.
Information privacy has two broad categories which are value-based and cognate-based. For online privacy, the most relevant conceptualization is to consider privacy as a problem of control of access to self.
Yi Liu says
One interesting point I learned from the readings is Identity theft.
Identity theft refers to the fraudulent acquisition and use of someone’s personal information, typically for financial gain or other malicious purposes. It involves the unauthorized use of personal identifying information, such as Social Security numbers, credit card details, bank account numbers, or other sensitive data. The stolen information is then used to impersonate the victim, commit fraudulent activities, or gain unauthorized access to accounts and resources.
Haixu Yao says
Information security is relative and there is no absolute security; Information security is a dynamic process, and information security protection is a comprehensive protection process. Continuous attention and improvement are needed, and there will never be a one-time safety protection measure.
As mobile devices become more affordable and portable, organizations and users are more willing to purchase and use mobile devices. With the popularity of wireless internet, various mobile devices have become more vulnerable to attacks and are more likely to face the risk of data leakage. Authentication and authorization through various mobile devices is very convenient, but it also increases risk due to the removal of restrictions on protected enterprise boundaries. With the advent of the digital age, how to carry out security protection will also face enormous challenges.
Xiaozhi Shi says
在本周的学习过程中,我认为感兴趣的地方是对于个人和组织信息的保护,在网络出现以来,有许多的例子的都证明了做好网络信息安全保护是至关重要的,黑客会通过许多不同的手段来窃取信息,陷阱邮件,垃圾广告等等,一旦中招,对于一个公司来说可能会是毁灭性的打击,因此如何做好信息保护是我非常感兴趣的一点。
Xiaozhi Shi says
In the course of this week’s study, I think the area of interest is the protection of personal and organizational information. Since the advent of the Internet, there are many examples that prove that it is crucial to do a good job of network information security. Hackers will steal information through many different means, trap emails, spam advertisements, etc. It may be a devastating blow to a company, so how to do a good job of information protection is a point that I am very interested in.
Hao Li says
I learned a lot from this week’s reading, but one thing that caught my attention was single sign-on, which is named for eliminating the requirement for multiple password problems and dangerous passwords. Single sign-on (SSO) does make it easier to log in without having to remember multiple usernames and passwords for those accounts. It definitely makes your job easier in situations where you have to log in to multiple applications.
Yue Ma says
The point that I’m interesting is Physical and Environmental Security. I think it’s interesting because I didn’t know that there are so many physical and environmental sources of threats:
vandalism, sabotage, theft, terrorism, war, floods, leaks, smoke, toxic materials, industrial pollution, virus, bacteria, animal, insect, wind, fire, explosion, electricity, magnetism, radio wave anomalies
After reading this part, I realized that most of these issues that we may not able to predict when will happen , so all we can do is using Business Continuity Plan (BCP) and Disaster Recovery Plan (DRP) to recovery information as much as possible if that happens.
Yuming He says
How to choose between identity management and access management
What kind of software and features your organization needs ultimately depends on the specific requirements and challenges that come with your specific IT setup. Are you a small company with few accounts to manage, but a lot of data and a very complex access structure? An access management solution or data governance tool could be the right choice in your case. Similarly, if you’re dealing with a lot of accounts, but don’t need to fine-tune the permissions for different groups among them, a simple user management platform might do the trick.
Most businesses, however, need both identity and access management. By bringing together both disciplines, an IAM platform helps you safeguard business-critical information through granular access control, while ensuring compliance with detailed logs and reports and saving valuable time thanks to automated user and permission management.
Yue Wang says
1. The three main types of access control are preventive, detective and corrective. Preventive access control attempts to prevent events before they occur. Detective access control attempts to detect an event after it has occurred. Corrective access control attempts to correct the problem after the event has been detected. Control is achieved through administrative, logical and physical means. Administrative controls are also known as management controls and include policies and procedures. Logical controls are also known as technical controls and are implemented through technology. Physical controls use physical means to protect the object.
2. The four main access control elements are identification, authentication, authorisation and accountability. The subject (user) declares an identity, such as a username, and uses an authentication mechanism, such as a password, to prove identity. Once the subject is authenticated, an authorisation mechanism controls his or her access rights and an audit trail records his or her activities so that the subject is accountable for his or her actions.
3. The three main factors of authentication are what you know (e.g. a password or PIN), what you have (e.g. a smart card or token) and who you are (identified by biometrics). Multi-factor authentication uses multiple authentication factors and is more powerful than using any single authentication factor.
4. Authentication methods
(1) Single sign-on allows users to authenticate once and access any resource in the network without having to authenticate again.
(2) Kerberos is a popular single sign-on authentication protocol that uses a ticket for authentication. kerberos uses a subject database, symmetric encryption and system time.
Kerberos uses a subject database, symmetric encryption and system time synchronisation to issue tickets.
(3) Federated Identity Management is a single sign-on solution that can be extended beyond a single organisation. Multiple organisations create or join and agree to a method of sharing identities between organisations. SAML is a common protocol used for SSO on the Internet.
(4) AAA protocols provide authentication, authorisation and accountability. Popular AAA protocols are RADIUS, TACACS+ and Diameter.
5.The identity and access configuration lifecycle includes the process of creating, managing and deleting accounts used by the subject. Access configuration (provisioning) involves the initial steps of creating accounts and ensuring that they are granted appropriate access to the objects. As users’ jobs change, they often need to change their initial access rights. The account review process ensures that account modifications follow the principle of least privilege.
Zhaomeng Wang says
Information security is crucial. There are different security technologies and solutions based on different business environments and requirements. But the core focus is on assets. Information security protection requires comprehensive management of assets, vulnerabilities, and threats.
Xuanwen Zheng says
Information security makes me feel both interesting and terrible. Through reading, I find that information security is a double-edged sword. It not only serves our lives, but also poses a threat to our personal information.
For example, I told my friends in the morning that I wanted to eat a certain dish and wanted to learn how to do it. In the afternoon, the information pushed by my Baidu search or other software was all about this dish.
I feel like my phone is like my good friend and a bug. Good friends sometimes will quarrel with me, if my mobile phone betrayed me, it will be how terrible things!! How can I know if my phone will betray me?
Yiwei Hu says
Social engineering is something I have learned with great interest. Social engineering is a process in which the victim’s psychological weakness, instinctive reaction, curiosity, trust, greed and other psychological traps are subjected to harmful means such as deception and harm, and the purpose is achieved through means. The initial way of expression is to attack the weakest link in the information security chain with the human factor, and invade the computer system of the deceived by means of deception. Later extended to the real society, social workers usually use the way of conversation to extract users’ secrets, so as to collect information to infiltrate the victims.