Professional Windows Server 1002003 Security A Technical Reference [Electronic resources] نسخه متنی

اینجــــا یک کتابخانه دیجیتالی است

با بیش از 100000 منبع الکترونیکی رایگان به زبان فارسی ، عربی و انگلیسی

Professional Windows Server 1002003 Security A Technical Reference [Electronic resources] - نسخه متنی

Roberta Bragg

| نمايش فراداده ، افزودن یک نقد و بررسی
افزودن به کتابخانه شخصی
ارسال به دوستان
جستجو در متن کتاب
بیشتر
تنظیمات قلم

فونت

اندازه قلم

+ - پیش فرض

حالت نمایش

روز نیمروز شب
جستجو در لغت نامه
بیشتر
لیست موضوعات
توضیحات
افزودن یادداشت جدید







Chapter 2. Authentication: Proof of Identity


The most important thing that you can do to manage information access is to require that those who want to access information provide proof of identity. If you require all potential users of your information system resources to authenticate themselves, that is, to prove they are who they say they are, then you can restrict system and resource access to approved identities. Authentication can be a precursor to authorization and accountability. Authorization determines the type of access the authenticated users are allowed and the rights they have on the system. Accountability is the ability to determine who did what. It is based on your ability to record the systems and resources that users have accessed and the things they have done while connected to these resources. Requiring authentication facilitates both authorization and accountability. However, if you know nothing about processing credentials and verifying identities, and if you do not harden and manage these processes, you can support neither authorization nor accountability. You may as well have required no proof of identity at all. The content in this chapter will provide the knowledge and best practices you need to successfully harden authentication.

The process of authentication is familiar to most people. In the real world, we are often required to authenticate ourselves. We present a driver's license before we can board a plane, a passport before we can enter a different country, or a company ID to enter business offices. These documents are validated, in many cases, by the simple process of comparing the picture on the document with the person presenting it, and comparing the features of the credentials (official stamps, seals, and signatures) with those we know to be valid. In legacy versions of the Windows operation system, authentication is optional. However, authentication is required to access Windows systems based on Windows NT technologies (Windows NT 4.0, Windows 2000, Windows XP Professional, and Windows Server 2003). Authentication occurs when each user logs on, and again when that user attempts to access resources such as files, remote computers, printers, and so forth. The credentials required consist of a valid account and some factor such as password, biometric, token, or certificate. The process used to authenticate the user will vary depending on the specific authentication algorithm used and how it is configured. An important part of authentication management is knowing what's possible, what's practical, and what's allowed and then knowing how to use that information to make your systems as secure as they can be.

TIP: Monitor Security Logs During Times of Normality

Failed logons and other authentication anomalies may be user errors, improper system configurations, or network problems, or they may be indications of an attack. If you monitor the authentication process and learn to determine the cause of errors, you will be able to better respondwhatever the real cause.


Stop! Think Before Changing the Authentication Process


Before you make changes to your authentication process, such as modifying the password policy, configuring authentication protocols, or hardening authentication process-related settings, you must evaluate the impact of these changes, and you must review your organization's security policy for the appropriateness of the change. Your security implementation decision should always be based on fulfilling the organization's security policy. Not only is this a standard that governs your actions, but changing authentication requirements or processes also can inadvertently damage your organization by making it impossible for people to do their jobs. Users can find themselves unable to log on, processes may halt, resources can become inaccessible, and actual work can be reduced to a trickle.authentication algorithms and their configuration

State best practices for authentication management


This chapter will not provide the details of the remote or web authentication process; these will be detailed in Chapter 14, "Securing Remote Access." Nor will it describe Group Policy processing. You will find additional information on Group Policy and the management of authentication in a Windows domain in Chapter 7, "Active Directory's Role in Domain Security." Information on auditing authentication is detailed in Chapter 19, "Monitoring and Assessment."


/ 194