• Log In
  • Skip to primary navigation
  • Skip to main content
  • Skip to primary sidebar

Security Architecture

MIS 5214 - Section 001 - David Lanter

Security Architecture

MIS 5214.701 ■ Spring 2021 ■ Jose Gomez
  • Homepage
  • Instructor
  • Syllabus
  • Schedule
    • First Half of the Semester
      • Unit 01 – Threat Environment
      • Unit 02 – System Security Plan
      • Unit 03 – Planning and Policy
      • Unit 04 – Cryptography
      • Unit 05 – Secure Networks
      • Unit 06 – Firewalls
      • Unit 07 – Mid-Term Exam
    • Second Half of the Semester
      • Unit 08 – Access Control
      • Unit 9 Host Hardening
      • Unit 10 Application Security
      • Unit 11 Data Protection
      • Unit 12 – Incident and Disaster Response
  • Deliverables
    • Assignments
    • Case Studies
      • Case Study 1 – A High Performance Computing Cluster Under Attack: The Titan Incident
      • Case Study 2 – Cyberattack: The Maersk Global Supply-Chain Meltdown
    • Participation
    • Team Project
  • Harvard Coursepack
  • Gradebook

My question to discuss with my classmates

March 3, 2021 by Jose Gomez 38 Comments

Filed Under: 08 - Access Control Tagged With:

Reader Interactions

Comments

  1. Zibai Yang says

    March 4, 2021 at 10:30 am

    Among all the access control, which do you think is the most practical and efficient?

    Log in to Reply
  2. Xinyi Zheng says

    March 5, 2021 at 10:09 pm

    What are the harmful effects of facial recognition?

    Log in to Reply
    • Priyanka Ranu says

      March 6, 2021 at 10:42 pm

      The harmful effect of facial recognition is the lack of federal regulations. There is concern over the accuracy of the technology and if there are biases and misinformation in them. Another harmful effect is the misidentifying of someone and leading to wrongful convictions as this technology is being used for law enforcement purposes. It’s also invading privacy due to constant surveillance and no body wants to be under constant surveillance and privacy is a fundamental right.

      Log in to Reply
  3. Priyanka Ranu says

    March 5, 2021 at 11:22 pm

    Why is biometric authentication not reliable?

    Log in to Reply
    • Haozhe Lin says

      March 7, 2021 at 4:33 am

      99.99% of biometric authentication is unreliable, mainly because of the complexity of biological experiments. There are too many factors that affect the experimental results, so we don’t know what factors really affect the experimental results. Sometimes we can’t repeat the experiment in another environment. Maybe it’s because something unknown in the original laboratory affects the experimental results, so sometimes biological experiments are complex Miscellaneous. But no matter how complicated it is, biology is a science. Since it is a science, it is necessary to stand up to repetition. Only in this way can it be regarded as truth.

      Log in to Reply
  4. Haozhe Lin says

    March 7, 2021 at 4:30 am

    what is the difference between Discretionary Access Control and Role-Based Access Control?

    Log in to Reply
    • Anthony Wong says

      March 8, 2021 at 8:40 am

      Discretionary access control is controlled by the owner of the resource. The owner can decide who does and who doesn’t need access to the resource.

      Role-based access control determines access based off of the user’s role and job function within an organization. For example, someone in the accounting department will need access to different systems compared to a user in the sales department.

      Log in to Reply
  5. Ting-Yen Huang says

    March 7, 2021 at 8:32 am

    is it possible that the biometric authentication document being stolen and the hacker was able to go through security without using an actual fingerprint or eye, but just input the document or file into the system?

    Log in to Reply
  6. Anthony Wong says

    March 7, 2021 at 10:07 am

    What is AAA? And why is each important in access control?

    Log in to Reply
    • Junhan Hao says

      March 9, 2021 at 2:30 am

      Authentication, Authorization, Accounting. AAA servers usually work with network access control, gateway servers, databases, and user information directories. The network connection server interface that cooperates with the AAA server is RADIUS.

      Log in to Reply
  7. Jonathan Castelli says

    March 7, 2021 at 2:26 pm

    Which of the access controls measures is the most intrusive and why?

    Log in to Reply
  8. Cami Chen says

    March 7, 2021 at 5:31 pm

    What are the challenges for these access controls? How do we mitigate the risk from these access controls?

    Log in to Reply
  9. Krish Damany says

    March 7, 2021 at 6:26 pm

    Is IAL, AAL, or FAL better for an organization? Or is it a combination of the three?

    Log in to Reply
  10. Mei X Wang says

    March 7, 2021 at 7:50 pm

    What forms of access controls does your organization use?

    Log in to Reply
    • Anthony Wong says

      March 8, 2021 at 7:52 am

      Role-based and discretionary access control. For main applications and systems, there is a formal approval process to request access with manager sign-off and the reason you need access. Discretionary access control with personal files for collaboration within project teams.

      Log in to Reply
    • Cami Chen says

      March 9, 2021 at 7:46 pm

      Hi, Mei. We use discretionary access control (DAC), which the data owner decides to provide to the person. I think that this is easy to manage the information, but we need to ensure that the access will provide to the correct user. If not, we may lose not only the data but also the reputation. In doing the DAC, the data owner is responsible for all the access provided to the authorized user, and he or she must check the access that is read-only or edit. Sometimes the data owner may need to set up password protection for the authorized user to decrypt the file.

      Log in to Reply
    • Austin Mecca says

      March 9, 2021 at 9:46 pm

      Mainly role based due to the nature of the industry. Since financial institutions are so heavy regulated and deal with a great amount of PII as well as research that could cause large market swings if leaked, almost everything is role-based and if you are trying to access something and it won’t allow you, odds are you will need a supervisor to get it. There is also the possibility that the supervisor won’t allow you to have it due to these permissions and they will elevate the issue to a team that will/can.

      Log in to Reply
  11. Anthony Messina says

    March 7, 2021 at 9:00 pm

    What is the principle of least permissions?

    Log in to Reply
    • Zibai Yang says

      March 8, 2021 at 12:49 am

      The least privilege principle requires that each module of a specific abstraction layer in the computing environment, such as a process, user, or computer program, can only access the information or resources necessary for the moment. Giving every legal action the minimum authority is to protect data and functions from being damaged by mistakes or malicious actions.

      Log in to Reply
    • Kyuande Johnson says

      March 9, 2021 at 9:30 pm

      The Principle of Least Privilege states that a subject should be given only those privileges needed for it to complete its task. If a subject does not need an access right, the subject should not have that right.

      Log in to Reply
  12. Heather Ergler says

    March 7, 2021 at 9:40 pm

    The identity validation process and controls are significant for most governmental agencies. What is the biggest risk and its mitigation?

    Log in to Reply
  13. Vanessa Marin says

    March 7, 2021 at 10:19 pm

    Access Control System range from simple key fob entry to encryption based algorithms and keys. What are the best systems out there that incorporate a variety of access control management both in the IT and Physical infrastructure of a company?

    Log in to Reply
  14. Wenyao Ma says

    March 7, 2021 at 10:33 pm

    Do you think biometrics is an effective tool for multi-factor authentication?

    Log in to Reply
    • Zibai Yang says

      March 8, 2021 at 12:44 am

      Biometric authentication includes two main stages: registration and verification. In the registration stage, it is necessary to collect the individual’s biometric data, convert it into a specific template (digitally encode the extracted information), and save it to the local device or upload it to the server for unified management. In the verification phase, the user provides personal biometric data through a sensor or reader and then compares the collected biometric template with the pre-stored template. If it matches, it means that the authentication is successfully passed. As the biometric identification system matures, accuracy continues to improve, and the recognition error rate gradually declines. Biometric identification technology has gradually become an efficient and convenient means of identity authentication, which is widely used in various payment scenarios.

      Log in to Reply
      • Vanessa Marin says

        March 9, 2021 at 11:39 pm

        Definitely agree with you Zibai! I too think that as biometric scanning matures, it will improve.

        Let’s think about the issue of our digital identities and social media. Our biometrics are everywhere it seems. I use facial recognition for nearly every apple device, they also have my fingerprint from back when I had an iphone7. My biometrics are in some database somewhere. I also use fingerprint authentication to get into work laptops and my own personal laptop. Who is to say someone couldn’t hack into said databases and “steal” my fingerprint? Not to mention that facial recognition has been widely used for years. There are so many things to learn in the biometrics fields. It’s definitely niche!

        Log in to Reply
    • Xinyi Zheng says

      March 8, 2021 at 3:13 am

      Biometric Authentication have three step. First, it compares two data – the first one is set by the device owner, while the second one belongs to the visitor of the device. Then, while matching the user data, the recognition system designs the process from each angle to be most effective. Last, if the biometric information and identity data are almost alike, identification systems recognize that ‘visitor’ and ‘owner’ are one & the same and provide access to the person. While biometric verification does have some drawbacks, it is still much more secure than traditional methods, so I think biometrics is an effective tool for multi-factor authentication.

      Log in to Reply
  15. Zhen Li says

    March 7, 2021 at 11:00 pm

    Which biometric method is most effective? Why?

    Log in to Reply
    • Zibai Yang says

      March 8, 2021 at 12:47 am

      Iris (the circular part between the black pupil and the white sclera) recognition technology, its recognition error rate can be as low as one in a million, compared with the fingerprint recognition error rate of 0.8%, human face The recognition rate is 2%.

      Log in to Reply
    • Xinyi Zheng says

      March 8, 2021 at 3:19 am

      Iris recognition is considered to be one of the most accurate and quickest methods of biometric authentication tool. The iris is the colored tissue surrounding the pupil of the eye and is composed of intricate patterns with many furrows and ridges, iris recognition can takes images of your eyes to validate your identity and maps your distinctive iris pattern. Besides, this method is non-invasive, non-contact, and hygienic.

      Log in to Reply
  16. Austin Mecca says

    March 7, 2021 at 11:10 pm

    Should organizations move to complete biometric authorization/verification? Why or why not?

    Log in to Reply
    • Xinyi Zheng says

      March 8, 2021 at 3:06 am

      Yes. Especially compare to tradition authorization or verification tools, such as passwords, keys, etc. biometrics products provides a higher level of identity authorization. Biometrics can identify and authenticate individuals in a safe and quick way by specific biological features.

      Log in to Reply
    • Junhan Hao says

      March 9, 2021 at 2:19 am

      There are still some issues that need to be resolved with biometric verification. Once the biometric technology is exposed/damaged, you cannot replace it. There is no way to refresh or update your fingerprint, retina or your face. Therefore, if the user’s biometric information is exposed, any account that uses this authentication method will be at risk, and there is no way to reverse the damage

      Log in to Reply
  17. Junhan Hao says

    March 8, 2021 at 4:23 am

    What’s the difference between false acceptance and false rejection.

    Log in to Reply
    • Priyanka Ranu says

      March 9, 2021 at 11:18 am

      False acceptance – an unauthorized person is identified as an authorized person.
      False rejection – the system fails to recognize an authorized person and rejects that person as an impostor.

      Log in to Reply
    • Kyuande Johnson says

      March 9, 2021 at 9:28 pm

      False Acceptance occurs When a biometric system incorrectly identifies a biometric subject or incorrectly authenticates a biometric subject against a claimed identity. False Rejection occurs when the system rejects a valid speaker, and false acceptance when the system accepts an imposter.

      Log in to Reply
  18. Humbert Amiani says

    March 9, 2021 at 8:05 pm

    which physical access control mechanism is prone to failure?

    Log in to Reply
    • Kyuande Johnson says

      March 9, 2021 at 9:23 pm

      A method that could compromise physical access control is tail gating. Tailgating occurs when an unauthorized person follows an authorized individual to enter a secured premise. Organizations are required to train employees to reconize this social engineering technique. When securing resricted areas it’s best practice to ensure that one person enters through the door a one time.

      Log in to Reply
  19. Kyuande Johnson says

    March 9, 2021 at 9:17 pm

    What are the cons of applying biometric authentication? Are there certain methods that are more effective than others?

    Log in to Reply

Leave a Reply Cancel reply

You must be logged in to post a comment.

Primary Sidebar

Weekly Discussions

  • 01 – Introduction (2)
  • 01 – Threat Environment (3)
  • 02 – System Security Plan (6)
  • 03 – Planning and Policy (7)
  • 04 – Cryptography (6)
  • 05 – Secure Networks (7)
  • 06 – Firewalls (5)
  • 08 – Access Control (7)
  • 09 – Host Hardening (5)
  • 10 – Application Security (6)
  • 11 – Data Protection (4)
  • 12 – Incident and Disaster Response (5)
  • 13 – Review (1)
  • 13 – Team Project Presentations and Review for Final (1)
Fox School of Business

Copyright © 2025 · Course News Pro on Genesis Framework · WordPress · Log in