27 Define Access Control, Authentication, Authorization, and Encryption with reference to Wireless Networks
Understanding the differences in authentication, authorization, and access control forms the basis of understanding wireless security. Access Control, Authentication, authorization and access control are individual steps performing distinct functions. Though these terms are sometimes used interchangeably, they refer to distinct steps that must be negotiated successfully to determine whether a particular request for a resource will result in that resource actually being returned. This is true for both a wired and wireless network.
Access Control: This can be software or a hardware mechanism. It restricts the access to the resources of the network. It supports design strategies and ensures that only permitted users are allowed access to the resources on a network. It is one of the steps that is undertaken to ensure a secure network. It is not an easy to implement concept. Network resources are files, folders, internet access, hard disks and in large environments, managing them can be demanding.
Authentication: This process verifies the identity of users and even computers attempting to establish access. Presenting the username and the password are the two steps taken while authenticating. Some of the sophisticated methods that can be used for authentication are:
- Smart Cards - Biometrics
- Voice Recognition - Fingerprints
Authorization: Authorization is the step undertaken after authentication. Once authentication is done, it is checked if the user or computer that has been allowed has access to a particular resource. This step is undertaken through group association. Group Association is attaching a particular level of security with a particular group. For example, under a group security policy the professors may be allowed access to certain data while the students of the university may be blocked out.
Encryption: Encryption is the process in which the data that is sent over remote connections is encoded. This makes it difficult for unauthorized users to read the same without intercepting. The encoding is done based on an algorithm that is a mathematical value known as a key. There are two kinds of keys that can be used: Public Keys and Private Keys. Keys that can be shared are referred to as public keys and the ones that cannot be shared are referred to as private keys. A large number of bits come together to make a key and the bigger the key number the more difficult is it to guess. Incase the correct key is not known, access to the data will not be made available.