Free Trial

Safari Books Online is a digital library providing on-demand subscription access to thousands of learning resources.

Share this Page URL

Authentication methods > Aceess control - Pg. 110

110 Eleventh Hour Security : Exam SY0-201 Study Guide DID YOU KNOW? The difference between access control and authentication is a very important distinction, which you must understand in order to pass the Security exam. Access control is used to control the access to a resource through some means. This could be thought of as a lock on a door or a guard in a building. Authentication, on the other hand, is the process of verifying that the person trying to access whatever resource is being controlled is authorized to access the resource. In our analogy, this would be the equivalent of trying the key or having the guard check your name against a list of authorized people. So in summary, access control is the lock and authentication is the key. Access control Access control is a policy, software component, or hardware component that is used to grant or deny access to a resource. Control can be enforced through a variety of ways: Smart Card Biometric device Network access hardware (routers, remote access points) Virtual private networks (VPNs) Wireless access points (WAPs) Access control can also refer to file or shared-resource permissions assigned through network operating systems including: Microsoft Windows with Active Directory UNIX systems using Lightweight Directory Access Protocol (LDAP) Kerberos Sun Microsystems' Network Information System (NIS) and Network Information System Plus (NIS ) Authentication Authentication is the process used to verify that a machine or user attempt- ing access to the networks or resources is, in fact, the entity being presented. Nonrepudiation is the method used (time stamps, particular protocols, or authentication methods) to ensure that the presenter of the authentication request cannot later deny they were the originator of the request. Authentication methods include presentation of credentials (such as a username and password, Smart Card, or personal identification number [PIN]) to a NOS (logging on to a machine or network), remote access authentication, and a discussion of certif- icate services and digital certificates. The authentication process uses the infor- mation presented to the NOS (such as username and password) to allow the NOS to verify the identity based on those credentials.