Authorisation and Security

Authorisation and security technology include many ideas, rules, and tools to keep digital things, like data and services, safe from being accessed, used, shared, disrupted, changed, or destroyed without permission. These technologies are key to keeping information systems and networks private, accurate, and available. For example, when you set up a password for your email, you’re using a basic form of security technology. This password acts as a key to your account, only someone who knows the password can access your emails, which helps keep your messages private and secure.

Authorisation

Authentication and authorisation is the process of verifying the identity of a user, device, or entity. Common methods include passwords, biometric verification (fingerprint, facial recognition), and multi-factor authentication (MFA), which combines something you know (password), something you have (a mobile device), and something you are (biometric verification) with push notifications to verify your identity. Following the example when you enter your password, the email service checks it against the one it has on file. If they match, the service authorises you to access the account but the email service also uses various security measures to protect your account. For example, it might encrypt your password, so even if someone gets access to the email service’s database, they can’t easily see your password. 

Encryption

Encryption is a critical aspect of security, ensuring that data is converted into a coded format to prevent unauthorised access. It’s used both for data at rest (stored data) and data in transit (data being transferred over networks). Key types include symmetric encryption which uses the same key for encryption and decryption or asymmetric encryption which uses a pair of keys (public and private) where one key encrypts the data, and the other decrypts it.

Security

SSL (Secure Sockets Layer) and its successor, TLS (Transport Layer Security), are protocols for encrypting internet traffic and verifying server identity. Any website with “https://” in its URL uses SSL/TLS, ensuring that data transferred between users and sites is secure from spying.

Access Control Models

Access control models define how users gain access to network resources. Common models include Discretionary Access Control (DAC), where the resource owner decides on access, in other words, the person or group that owns the information or resource gets to make those decisions. 

Mandatory Access Control (MAC) which stands for access decisions based on fixed security attributes assigned to resources and users means that is like having strict rules set by the building management on who can enter certain rooms based on their job or role. These rules are fixed and don’t change based on individual preferences. Both the rooms and the people have special labels, and access is allowed or denied based on matching these labels.

Role-Based Access Control (RBAC) where access is based on the roles assigned to users within an organisation, for example, all managers might have a key to certain rooms to share files and data, while interns might have access to different ones. It’s all about the role you play in the company.

 Attribute-Based Access Control (ABAC) where decisions are made by evaluating a set of rules against the attributes of user requests. In other words, it’s like having a security system that checks various things about you (like your job role, the time of day, and whether you have special permissions) before deciding if you can enter a room. Rules are used to evaluate these details and make the decision.

Firewalls

Imagine your computer or network as a house, where a firewall is like a fence with a gate around your house. This gate has rules about who can come in and go out, keeping your digital space safe from unwanted visitors. It checks everyone at the entrance and only lets in those who follow the rules, protecting your network from harmful traffic from the internet.

An Intrusion Detection System (IDS), on the other hand, is like having security cameras and alarms around your house. These cameras watch for anyone acting suspiciously or trying to break in, if they spot something odd, they alert you or the security team, so you know there might be a problem. While the firewall acts as a barrier, the IDS keeps an eye on everything, ready to warn you if there’s any sign of trouble. Together, they work to keep your digital world secure.

The Zero Trust Model

The Zero Trust model assumes that threats can exist both outside and inside the network, so no entity should be automatically trusted. It requires strict identity verification for every person and device trying to access resources on a private network, regardless of whether they are sitting within or outside of the network perimeter.

Blockchain

Blockchain technology provides a secure, decentralised way to ensure data integrity and transparency in transactions. It’s crucial for situations needing unchangeable records, such as financial dealings or supply chain management.

Compliance

Organisations must stick to various regulatory and security standards, such as GDPR (General Data Protection Regulation), HIPAA (Health Insurance Portability and Accountability Act), and PCI DSS (Payment Card Industry Data Security Standard), to protect sensitive information and ensure privacy.

Conclusion

Keeping our digital doors locked tight is more important than ever. Imagine authorisation and security as the keys and alarms to our online homes, where our most precious data lives. Just as new gadgets and things come out, so do new types of digital burglars, always finding clever ways to sneak in. That’s why it’s crucial for any organisation to not just have a good lock on their door but layers of security – like a fence, a guard dog, and a security system. It’s all about staying one step ahead, making sure only the right people have the keys, and keeping everything inside safe and sound. In this digital age, being smart about security isn’t just nice to have; it’s a must to protect the treasures we hold online.