What is Identity Management & Authentication?

Identity management is the process of authenticating users to find the access that they have. It will help the individual to get access to the system which they are authorized. Identity management is focused on authentication.

Computers these days are capable of handling multiple users at a single time. Data of multiple users are stored on a single database and they are managed with proper access control. The process of verifying the identity of users by matching the credential provided is called authentication.

The main function of authentication is to grant the right access to the right person at the right time so that there will not be any unauthorized access on the system. Different people in any organization will have different role and functions so they will have different access right and identity management is to ensure that the users only get access to the system that is assigned to them. Authentication works by providing the proof of its identity to the server by a client, generally, username and password are used a proof of identity. Authentication doesn't identify the role and permission that is assigned to the user there will be a different process for that and it's called authorization.

User authentication is very important for any enterprise and individual to enhance network, application and data security, reduce fraud and other risks. It is critical for the security of the computer systems because without the proper authentication we canned decide whether the requested operation should be allowed or not.

Identity management can be done either with single-factor authentication or with multi-factor authentication. In a single factor authentication, access will be granted once the user inputs the credential like a password. But in multi-factor authentication, two or more credential must be verified to get access on the system. The goal of multi-factor authentication is to reduce the risk of information being accessed by an unauthorized person. If one factor is compromised, then the attacker must submit one more credential which reduces the chances of unauthorized access in case of a password or another provided credential is compromised.

Why should we stop using SMS-based two-factor authentication?

Today, securing an application is challenging as attackers are becoming increasingly sophisticated. A proper authentication system plays a significant role in application security, as, without one, the app’s vulnerability could allow a malicious person to gain unauthorized access. Poorly configured authentication systems and human error are the most common reasons for data breaches. Therefore, to address this issue, the concept of two-factor authentication (2FA) or multifactor authentication is applied. In addition to user ID and password, 2FA requires users to input a temporary code unique to them to verify their identity. This creates an extra layer of security by adding one more element to the authentication process. If a user’s login credentials are compromised, malicious actors won’t be able to access the resources since they would need to have both the login credentials and the 2FA code. One of the most widely used methods of 2FA is an SMS-based code, where the user ne...

What is Ransomware & How to Prevent it?

Hackers are looking for a new and easier way to make money by entering on other people's system and ransomware is one of the tools they use to make money by locking the computer of people and organization. In my previous article, I discussed cryptojacking malware and why it is a big threat to information security. On that article, you can read how and why bad guys are injecting code on people's computer to make money from that. Ransomware is another major threat to cyberspace that I would like to discuss this article. What is ransomware? Ransomware is a software that is designed to block access to any system, files or operating system until we pay a certain amount to the attacker. Most of the time the attacker will encrypt the files of the computer and they will provide the key to decrypt only after paying the amount they are demanding. Most of the ransomware attack will give very limited time to the victim to pay the demanded amount and if they fail to decrypt it within th...

Triton: A Malware That can Kill Human

When we think of malware we think of a program that is designed to harm a computer device, servers or network. But these days bad guys are creating malware targetting the critical infrastructure which can deliberately kill people. Malware that is targetting critical infrastructure and human damage is not new in the cyberspace as there were few other cases before like Stuxnet but nowadays such malware is increasing at an alarming rate. Recently one malware was detected by an experienced cyber responder Julian Gutmanis which could pose a serious threat to human life. The malware was found on the server of the petrochemical plant in Saudi Arabia in the summer of 2017. The initial vector of malware infection is still unknown but it could be the result of a phishing attack. Hacker managed to deploy their malicious program on the plant's safety instrumented system so that they could have full control of the safety system of the plant. Hackers were able to control the plant's system...

Amar Bhattarai

Search This Blog