Dear Readers, in this edition I am trying to give some information about ‘User Identification’ which are very important to know and I am sure that it will help you all, to understand its importance in Information Security domain. Information technologies and its resources are an integral part of any business/ organization, and to secure them is a strategic priority. According to the current IT security breaches scenario, information security breaches are considered to be the most threatening issues both for private and public sector organizations.
The primary function of any information security system is user identification and access rights management tools which should be designed to safeguard corporate data. Identification is the means by which a user claims his identity to a system and the most common example is the User ID which is issued to identify different users in a same network even if two users carry or share same Name. This identification entity is commonly used for User Access Control, where identification is necessary for authentication and authorization.
The major requirements imposed on the identification components of a corporate information system are as follows:
• Authenticity of user identification by distinct features;
• Efficient integration of User Identification and Access Management Tools into the company's information infrastructure without interrupting its business processes;
• Impossibility to steal, lose or replace identification credentials or obtain them in any fraudulent manner;
• Prevention of sharing identifiers and the related user rights and permissions;
• Non-repudiation of actions confirmed by identifiers meeting the above criteria;
• Workload reduction for users, system administrators and security staff;
• Reducing expenses related to the implementation of user identification and access management tools.
Relevant Technology related to Identification:
A conventional password system is widely recognized as unreliable, inconvenient, inefficient and out-dated as per the current security flaws. In addition, it can hardly be called “free of charge. Identification solutions which are based on smart cards, tokens or hardware keys enjoy more attractiveness among corporate customers. Some of them ensure data protection through Encryption, generation of random passwords, E-Signature and Digital Certificates.
Biometric Identification:
As a rule, Data protection means additional workload and responsibilities for users, system administrators, and Information Security staff. Biometrics is an exception to a common rule and implementing it helps to reduce the burden on the above groups while significantly enhancing the overall information security level.
• Unification of access procedures based on a single identifier like a fingerprint;
• Protection of Corporate Data against unauthorized access or access based on violated access rights and security policies;
• Automation and centralization of User Management, User Accounts and related permissions in Operating Systems and other Applications;
• Accelerating access processes for reliable users to corporate data, and full transparency of these access procedures;
• Reduction of idle hours caused by errors while entering the login/ password or blocking user accounts;
• Enhancement of system administrators' operations due to a reduced number of identification, verification and authorization helpdesk calls;
• Prompt addition of new users and modification of user accounts of transferred or dismissed employees.
If an application uses standard Windows-based identification tools then the passwords which are required to access such an application can be replaced by users with fingerprint identification. If an application uses other identification techniques, then it should be supplemented with biometrics advanced software development toolkit.