AUTHENTICATION AUTHORIZATION DF 3
docx
keyboard_arrow_up
School
Harvard University *
*We aren’t endorsed by this school
Course
S
Subject
Information Systems
Date
Nov 24, 2024
Type
docx
Pages
4
Uploaded by ColonelEnergy6151
1
Discussion Post
Student’s name
Affiliation
Professor’s name
Course
Date
2
In 100-200 words, please explain in your own words the difference between Authentication
and Authorization and how they work together.
Authentication refers to the procedure of verifying an individual's claimed identity to
ensure that it is accurate and truthful. In contrast, authorization refers to the procedure of
verifying whether a user possesses the appropriate permissions to access specific software,
documents, and information (Ferrag et al., 2019). The scenario is analogous to that of an airline
company that is faced with the decision of selecting which passengers to permit to embark on the
flight. In order to verify the authenticity of a passenger's identity, it is necessary to conduct an
identity check. Following the verification of a passenger's identity, the subsequent measure
involves ascertaining their eligibility for any exclusive amenities, such as premium-class
transportation or entry to the VIP lounge. The user is granted visibility and modification
privileges for certain aspects of authentication, while being precluded from accessing or altering
any facets of authorization.
In 100-200 words, outline the Incident Response steps. Does Digital Forensics work into the
Incident Response process? If so, please explain.
The incident response steps encompass preparation which is effective incident response.
Detection and reporting also form part of the incident response steps that play integral role of
detecting, alerting, and reporting any security issues. Moreover, triage and analysis step of
incident response is essential for deeply analyzing the security incident making sure the scope of
the issue is tackled to the core. Another step that ensure the normalcy of the operations is the
containment and neutralization which is the most critical step in the response involving
coordinated shutdown, wipe and rebuild, and threat mitigation request. Post incident activity is
the last step that involve work that is done after resolving the incident. According to
Ahmad et al.
3
(2020)
Digital Forensics work in the incident response, playing integral role in the investigation,
containing and recovery from the security incident.
Your preview ends here
Eager to read complete document? Join bartleby learn and gain access to the full version
- Access to all documents
- Unlimited textbook solutions
- 24/7 expert homework help
4
Reference
Ferrag, M. A., Maglaras, L., & Derhab, A. (2019). Authentication and authorization for mobile
IoT devices using biofeatures: Recent advances and future trends.
Security and
Communication Networks
,
2019
.
Ahmad, A., Desouza, K. C., Maynard, S. B., Naseer, H., & Baskerville, R. L. (2020). How
integration of cyber security management and incident response enables organizational
learning.
Journal of the Association for Information Science and Technology
,
71
(8), 939-
953.
Reply 1
I agree with the points that are articulated in the discussion. The differentiation of
authentication and authorization have been clearly explained. However, I would like to add a
difference between authorization and authentication. In authentication the user is able to observe
the mechanics of authentication and implement modifications to its functionality, whereas in
authorization the user lacks both visibility and control with regards to authorization.
Reply 2
The discussion make excellent points that are expressed in simple and insightful
language. Moreover, I would like to provide an additional concept regarding Digital Forensics.
The significance of incident response in a company's cyber security program cannot be
overstated. A prompt and efficient response to security incidents mitigates harm, expedites
recuperation, restores business operations, and minimizes expenses.