QeeqBox

Tag: Identification

  • Identification, Authentication, Authorization, and Accountability

    Identification

    Identification is the process of claiming or declaring an identity, where a person, system, or object presents information that indicates who or what they are. It is the first step in identity verification, often involving credentials such as a username, ID number, card, or biometric data that represent the claimed identity. Identification by itself does not prove authenticity; instead, it signals the intent of the entity to be recognized, which is later confirmed through authentication mechanisms. This process is essential in security systems, as it establishes the basis for determining access rights and privileges.

    • Username
    • SSN

    Example

    id # command that shows user identity information (UID, GID, groups)

    id

    whoami # command that prints the current logged-in username

    whoami

    Authentication

    Authentication is the process of verifying that a claimed identity is valid by confirming that the person, system, or object truly is who or what they assert to be. It typically follows identification and uses various methods such as passwords, PINs, security tokens, smart cards, or biometrics like fingerprints and facial recognition. Authentication can be implemented through single-factor, two-factor, or multi-factor approaches, depending on the required security level. By validating the authenticity of an identity before granting access, authentication helps prevent unauthorized use, strengthens trust, and protects sensitive systems and data.

    Authentication factors

    • Something you know
      • Password
        • A sequence of characters that identifies a user
      • Personal Identification Number (PIN)
        • A sequence of numbers that identifies a user
    • Something you have
      • Passport
        • A travel document issued by a government that verifies their identity and international travel
      • Smartphone
        • A cellular telephone with an integrated computer 
      • Smart Card
        • A physical plastic card with an embedded microprocessor that stores and processes data (It acts as a security token)
      • Token
        • A device that’s used to gain access to restricted resource (Might include name, password, key, certificate, group, privilege)
    • Something you are
      • Fingerprint
        • A unique pattern made by a person’s fingertip friction ridges
      • Facial recognition
        • A technology that identifies a user based on their faces
      • Iris Scan
        • A technology that identifies a user based on their iris
    • Somewhere you are
      • IP address
        • A logical network address that is used to locate the device
      • MAC Address
        • A physical network address that is used to locate the device
    • Something you do
      • Pattern unlock
        • A technology that identifies a user based on drawing a specific pattern 
      • Picture Password
        • A technology that identifies a user based on selection of images

    Example

    passwd # command used to set or change a user’s password in Linux

    passwd

    Authorization

    Authorization is the process of determining what actions, resources, or services a person, system, or object is permitted to access after their identity has been successfully verified through authentication. It defines the level of access granted, such as whether a user can read, modify, delete, or execute specific files, applications, or functions. Authorization is typically enforced through policies, access control lists, or role-based access control (RBAC), ensuring that users only perform actions aligned with their roles and responsibilities. This step is critical for enforcing the principle of least privilege, reducing security risks, and protecting sensitive information from misuse or unauthorized access.

    • Access Control
      • A security technique to protect a system against unauthorized access

    Example

    echo # command that prints text to the terminal or output stream
    “example” # the text string being displayed 
    > # output redirection operator 
    file # the file where the output will be written (created or overwritten)

    echo "QeeqBox" > file

    sudo # run the command with administrative (root) privileges
    groupadd # command used to create a new group in Linux
    sales # name of the group being created

    sudo groupadd sales

    chown # command to change ownership of a file
    john # user who will become the new owner
    file.txt # file whose ownership is being changed

    chown john file.txt

    chgrp # command to change group ownership of a file
    sales # group that will become the new group owner
    file.txt # file whose group is being changed

    chgrp sales file.txt

    Accountability (Auditing)

    Accountability (Auditing) is the ability to trace actions, events, or system changes back to a specific individual, system, or object, ensuring that every activity within an environment can be attributed to its source. It involves maintaining detailed logs, audit trails, and monitoring mechanisms that record who did what, when, and how. Accountability helps detect misuse, supports investigations, enforces compliance with policies and regulations, and promotes responsible behavior by making users aware that their actions are being tracked. By providing transparency and traceability, auditing strengthens overall security and trust within an organization’s systems.

    • Audit logs

    Example

    who # shows currently logged-in users on the system

    who

    last # shows history of user logins and system reboots

    last

    sudo # runs the command with root (admin) privileges
    cat # command used to display file contents
    /var/log/auth.log # system authentication log file (login, sudo, SSH events)

    sudo cat /var/log/auth.log

    Identity Management (IdM)

    Identity Management (IdM) is the process of managing and controlling digital identities within an organization or system. It involves creating, maintaining, and governing user accounts, as well as assigning appropriate access rights and permissions based on roles or responsibilities. IdM ensures that only authorized individuals can access specific resources, applications, or data, while also maintaining compliance and security. This process includes activities such as authentication, authorization, password management, and account lifecycle management, helping to protect sensitive information and streamline user access.

    Example

    sudo # run command with admin (root) privileges
    useradd # command to create a new user account
    john # username being created

    sudo useradd john

    sudo # run command with admin (root) privileges
    passwd # command to set/change a user password
    john # username whose password is being set

    sudo passwd john

    Access Management (AM)

    Access Management (AM) is the process of ensuring that people, systems, or objects have the appropriate level of access to resources, applications, and data based on their roles and responsibilities. It deals specifically with permissions and privileges, determining what a user or entity can do once authenticated. AM enforces policies such as granting, restricting, or revoking access, often using methods like role-based access control (RBAC), attribute-based access control (ABAC), or least privilege principles. By managing access effectively, organizations can reduce the risk of unauthorized activities, protect sensitive assets, and maintain compliance with security and regulatory requirements.

    Example

    echo # command that prints text to the terminal or output stream
    “example” # the text string being displayed 
    > # output redirection operator 
    file # the file where the output will be written (created or overwritten)

    echo "QeeqBox" > file

    sudo # run the command with administrative (root) privileges
    groupadd # command used to create a new group in Linux
    sales # name of the group being created

    sudo groupadd sales

    chown # command to change ownership of a file
    john # user who will become the new owner
    file.txt # file whose ownership is being changed

    chown john file.txt

    chgrp # command to change group ownership of a file
    sales # group that will become the new group owner
    file.txt # file whose group is being changed

    chgrp sales file.txt

    Identity and Access Management (IAM)

    Identity and Access Management (IAM) is the integrated framework of policies, processes, and technologies used to manage and control digital identities while ensuring that users, systems, or objects have the appropriate level of access to organizational resources. It combines Identity Management (IdM), which focuses on creating and maintaining digital identities, with Access Management (AM), which governs permissions and privileges. IAM solutions handle authentication, authorization, and account lifecycle management, enforcing security principles like least privilege and separation of duties. By implementing IAM, organizations can safeguard sensitive data, streamline user access, improve operational efficiency, and ensure compliance with industry regulations.