From the course: CISSP Cert Prep (2021): 5 Identity and Access Management
Usernames and access cards
From the course: CISSP Cert Prep (2021): 5 Identity and Access Management
Usernames and access cards
- [Instructor] Identification is one of the basic requirements of any access control system. Users must have a way to identify themselves uniquely to a system using technology that ensures that they will not be confused with any other user of the system. Let's talk about two common identification mechanisms: usernames and access cards. Usernames are by far the most common means of identification for digital systems. Organizations typically provide every individual who will access their computing systems with a unique identifier that they use across all systems. Commonly, usernames take the form of a first initial and last name or a similar pattern that makes it easy for someone seeing the username to identify the person who owns it. Now remember, usernames are for identification, not authentication, so there's no need to keep them secret. Obvious usernames make everyone's lives easier. Organizations also commonly use access card-based identification systems. Many organizations issue employee identification cards to their entire staff, and that card often acts as the primary proof of employment. Some cards also serve as access control devices for entering buildings or sensitive areas. They sometimes also provide access to digital systems. In these cases, identification cards may serve as both an identification and an authentication tool. Card-based systems require the use of a reader and the reading mechanism varies across card systems. The most basic card readers use magnetic stripes, similar to the one that appears on the back of your credit cards. These magnetic stripes are easily duplicated with readily available equipment so they should not be considered secure. Anyone who gains possession of a magnetic stripe card or even knows how the card is encoded can create a copy of the card. Smart cards take identification card technology to the next level by making it much more difficult to forge cards. Smart cards contain an integrated circuit chip that works with the card reader to prove the authenticity of the card. Some smart cards are read by directly inserting them into a card reader. The Department of Defense common access card shown here is one such card. Chip and pin credit cards use similar technology. When a user wants to identify to a system, they insert the smart card into the reader that interacts with the card's chip. Contactless smart cards or proximity cards simply need to be placed near the reader. An antenna in the card communicates with the reader. Some of these cards known as passive cards must be placed into or extremely close to the reader to work properly. They receive power from the reader that energizes the chip so they last indefinitely. Other proximity cards known as active cards contain batteries and transmitters. They use batteries and can then transmit over longer distances and be read from several feet away. Toll transponders use this technology. The disadvantage to active cards is that they contain batteries and must be replaced periodically. Whichever technology you use, an identification system must at least satisfy the basic requirements of uniquely identifying system users.
Download courses and learn on the go
Watch courses on your mobile device without an internet connection. Download courses using your iOS or Android LinkedIn Learning app.