Information security authentication program for Moonshine Mining Essay Example for Free

Information security dodge authentication program for Moonshine Mining raiseMoonshine mining deals with the mining business related to diamond, sapphire, gold etc. Moonshine mining primary(prenominal)tains all its intellectual halal(a)ties and different(a) important documents in 3 internal servers in Perth head office. This information is very confidential to the moon shining. This information should be available only to the internal moon shining employees and other authorized psychenels. Moonshine has identified the potential risk for the information assets through the risk assessment procedure.To overcome these risks, proper authentication and other security procedures must be implemented in the fundamental law. distributively and every method has its own disadvantages and advantages, the proper investigation and study must be performed to choose the topper fit method for the organization. Introduction Computer security must be an integral part of the organization. Computer Security is the protection afforded to an automated information system in order to attain the applicable objectives of preserving the integrity, availability and confidentiality of information system resources.Through the selection and application of appropriate safeguards, security helps the organizations mission by defend its physical and financial resources, reputation, legal position, employees, and other tangible and intangible assets (NIST 2006). Many organizations ar spending millions of dollars in reckoner security. Computer security policies and goals should be inline with the organization mission and policies. Computer security should be very cost effective. Specialized teams must be formed in the organization for monitoring and controlling the information processing system security policies and procedures. staple fiber Security policies should be followed in Moonshine Company Computer security policies must be accessible by everyone in the organization. Each and every single personnel in the organization is responsible for implementing and maintaining the computer security. User support must be provided for solving various problems related to computer security. Help desks be needed to be created for this type of support. Additional support can be any helpline and online chat. Software support should be available in the organization. Various restrictions are needed to be imposed on the usage of several(prenominal) kind of software in the organization.Licensed and authenticated software are recommended for trouble free working environment. Backup plan should be implemented and followed carefully for restoration if disaster or unrecoverable errors cause. Media should be properly keep and periodic assessments are to be needed. Login information should be kept secret and several log records are to be assed for detecting unauthorized user access. Basic security features like firewall, antivirus software are to be made ready in the system. Integrity checks and other checks are to be performed frequently.Documentation and maintenance are the important activities needed to be done regarding computer security. Authentication Authentication is very important for maintaining the computer security. Each and every personnel must be authenticated for accessing the information resources. There are many types of authentication methods. It can be broadly classified into two categories, Biometric authentication and Non Biometric authentication. The authentication must be implemented with the proper security algorithm to avoid intrusions. Many authentication schemes are developed over the years.Several hashing and other schemes are combined to affect the better authentication protocol. Privacy through Biometric Authentication It is base on identifying the person based on their personal and behavioral traits. There are several biometric authentication methods like riff publish recognition, face recognition, iris recognition. So me the distinct advantages of biometric method are users need not required to remember word/codes, permanent characteristics and ease of use. riff print authentication Finger print authentication is the basic biometric authentication method.The patterns available on ridges and valleys of persons finger are unique for every individual (Harris D. 2000). Several algorithms are available in the market to uniquely identify the persons based on the patterns. The finger print authentication can be implemented in moon mining company with a very small amount of investment. The cost of installing devices and other software required for finger print authentication would be very minimal when compared to other biometric authentication methods. When compared to non biometric methods the database size would be litter larger for biostatistics methods.Since the numbers of users in the moon mining company is very less the biometrics method can be easily implemented without any trouble. Finger prin t authentication method is not very much suitable for moon shine mining company because in the mining company the person works with lot of dusts and smoke. Some readers might not recognize the dirty and dusted moots. Since it is a mining company persons may suck in some cuts in their hand so the readers may not work properly in those situations. Most of the time users might wear gloves in their hand, they might feel uneasy to murder for each and every time for the authentication.Face recognition Face recognition is another basic biometric authentication method. In this method, the persons face is captured using camera or infrared waves and it is authenticated with the surviveing database. The spatial geometry in the face is analyzed to uniquely identify the face. The face can be easily recognizes with change of facial nerve expressions or change of hair style etc. The advantages of face recognition it is the contact free process. The database should be maintained with facial in formation of the users. The change in the face is very minimal.The moon mining company can prefer this method of authentication. The cost of implementation is also not so high. Some of the disadvantages acknowledge detecting the face mask and low light environment (Vijayan 2009). Since it is a mining company it would operate in low light areas, so proper methods must be chosen to avoid low light environment problems. People from some ethnic groups and nationalities wont expose the face to out world. In those situations the face recognition it is not possible to implement. Iris Recognition Iris recognition is one of the latest methods of biometric authentication.The colored area that surrounds pupil is used for the identification of the persons (Daouk 2006). Every people have unique color pattern. It is also a non contact method of authentication. The cost of implementation is little high when compared to other methods. It is very fast and robust. The latest iris technologies are v ery powerful in recognizing the patterns even though they are covered with the contact lenses and glasses. Iris based authentication is recommended if the moon mining company wants high end solution for the biometric authentication and ready for little high investment.Digital Signatures A digital sense of touch is an automated method of verifying our usual handwritten signatures. The various features like speed, pressure, nodes etc are verified for authentication. This method is based on behavioral aspect of the person. It is ingenuous method for authentication. It has many disadvantages like it can be imitated by others easily signature is tending to change slowly by time. Its not so safe to go with this type of authentication method. Privacy through Non Biometric Authentication The non biometric method for authentication is very common in the organization.It is simple and easy to implement. No extra infrastructure is required to implement these authentication methods. It is very cost effective method. RFID Authentication method The privacy can be provided by ensuring the proper authentication mechanism in practice. Several authentication protocols are used in existence systems. The authentication impart be performed in the readers and authentication parameters and tax are neckclothd in the RFID tags. The RFID readers would be available in each and every computers of the moon shining company. wizard of the common practices is store common password in all the RFID tags to be used. Whenever the tag is read if the password matches the other processing is done else the tag would be neglected. Another method for authentication is to assign store all the RFID tags unique number in database, when the tag is detected the number is cross checked with the database for authentication. Despite the numerous benefits of RFID systems, it has few pitfalls and some common problems. The main security threat in the RFID system is the privacy security breaches. All the info rmation is stored in the RFID tags.The RFID tags can also be read by others who have the RFID readers. The data can be read and modified in the tags by any one using the RFID readers (Moscatiell 2007). The RFID systems may be collapsed if several RFID tags are touch on together. The RFID tags can communicate only to one RFID reader at instance. If two RFID readers are accessing a single tag, there may be a discard or collapse in the system. Other Radio signal interference can violate some of the properties of the RFID systems. Some other security threats also exist for the RFID systems. Device Based AuthenticationIn this device based authentication, some special secure devices are used to aim the passcodes. These passcodes are verified for authorizing the persons. One of the famous devices is RSA based secureId device. It uses public key encryption for generating the passcode. Each and every user will have a small hand held device to generate the passcodes. These passcode are ver ified using the security algorithms for authentication. This method of authentication is also suggested for moon mining company. Conclusion All the organization should follow the tight computer security principles and policies.The basic security features must be installed in each and every computer system in the organization. All the users must be enlightened about the computer security principles and various threat regarding. The company can also go for the third parties for implementation and maintenance of computer security in the organization. This would help the organization to have the better security. Dedicated teams must be available for performing and monitoring all the computer security activities. The organization will be in trouble if the computer security practices are not followed in the organization.