Identification is one of the basic requirements of any access control system. Users must have a way to identify themselves uniquely to a system using technology that ensures they are not confused with any other user of the system. In this video, learn about two basic means of identification: usernames and access cards.
- [Instructor] Identification is one of the basic requirements of any access control system. Users must have a way to identify themselves uniquely to a system using technology that ensures they will not be confused with any other user of the system. Let's talk about two common identification mechanisms. User names and access cards. User names are, by far, the most common means of identification for electronic systems. Organizations typically provide every individual who will access their computing systems with the unique identifier that they use across all electronic systems.
Commonly, user names take the form of a first initial and last name or a similar pattern that makes it easy for those seeing the user name to identify the corresponding person. Remember, user names are for identification, not authentication, so there's no need to keep them secret. Obvious usernames make everyone's lives easier. Organizations also commonly use card-based identification systems. Many organizations issue employee identification cards to their entire staff and that card often access the primary proof of employment.
Some cards also serve as access control devices for entering buildings or sensitive areas. They sometimes also provide access to electronic systems. In these cases, identification cards may serve as both an identification and an authentication tool. Card-based system require the use of a reader and the reading mechanism varies across card systems. The most basic card readers use magnetic stripes, similar to the one that appears on the back of your credit cards.
These magnetic stripes are easily duplicated with readily available equipment so they should not be considered secure. Anyone who gains possession of a magnetic stripe card, or even knows how the card is encoded, can create a copy of that card. Smart cards take identification card technology to the next level by making it much more difficult to forge cards. Smart cards contain an integrated circuit chip that works with the card reader to prove the authenticity of the card. Some smart cards are read by directly inserting them into a card reader.
The Department of Defense common access card shown here is one such card. Chip and PIN credit cards use similar technology. When a user wants to identify to a system, here she inserts the smart card into a reader that interacts with the card's chip. Contactless smart cards or proximity cards simply need to be placed near the reader, and an antenna in the card communicates with the reader. Some of these cards, known as passive cards, must be placed into or extremely close to the reader to work properly.
They receive power from the reader that energizes the chip so they last indefinitely. Other proximity cards, known as active cards, contain batteries and transmitters. They use these batteries and can then transmit over longer distances and be read from several feet away. Toll transponders use this technology. The disadvantage to active cards is that they contain batteries and must be replaced periodically. Whichever technology you use, an identification system must at least satisfy the basic requirement of uniquely identifying system users.
We are now a CompTIA Content Publishing Partner. As such, we are able to offer CompTIA exam vouchers at a 10% discount. For more information on how to obtain this discount, please download these PDF instructions.
- Provisioning and deprovisioning
- Identity security issues
- Using biometric measures as identification mechanisms
- Multifactor authentication
- Password authentication protocols
- How LDAP and Kerberos work together
- Identity as a Service (IDaaS)
- Mandatory and discretionary access controls
- Defending against password attacks
- Social engineering attacks