Job Aid

Authorization, Authentication, and Access Control

Authorization: I am an employee of Citi Bank, which means that I am allowed access to the bank’s facilities. 

Don't use plagiarized sources. Get Your Custom Essay on
Job Aid
Just from $13/Page
Order Essay

Authentication: I am an employee of Citi Bank and this is my Staff Identification that allows me entry into the company facilities. 

Access Control: As an employee of Citi Bank, I am allowed or restricted to access specific areas of the company based on my position or duties. For example, I am employed at Citi Bank as a Sales Manager. While I have my employee ID that allows me access to the company facilities, I will obviously be denied access to the Bank’s Server room, because I am restricted access to that area. 

Relationship: Authentication is a verification procedure that ensures that a user or person has specified credentials that help the user/person identify themselves or prove who they are. Once the credentials are valid, it leads to authorization, which means the user will have access to the resources or places by verifying those access rights. Both authentication and authorization act as access controls for either denying or granting specific permissions to an illegal or rightful user (Net Informations, n.d.). If the user’s credentials are validated, permission is granted, otherwise access is denied. 

Importance of Authorization, Authentication, and Access Control to Citi’s Security

Authorization, authentication and access control are key ingredients necessary for achieving security at Citi Bank. Through the bank’s authorization policy, guidelines are set out on what a user’s identify permit them to do. A bank’s customer can create a username in order to log into the bank’s Online Service or Website, but the bank’s authorization policy will ensure the same user is allowed access to their online bank account only upon their identity being verified. Authentication can take the form of Single Sign On, Multifactor Authentication, or Consumer Identity Access Management (Gebel, 2018). 

In respect to access controls, the bank’s authorization policy ought to define what a single user or group of users may access, this is known as privileges or permissions, which helps to protect information against unauthorized access, as well as protecting systems from misuse and abuse.  For example, the bank stores customer information like names, addresses, telephone numbers, bank accounts, credit card and social security information. This information cannot be accessed by anyone in the bank. So the authorization and access controls will be restrictive in the following ways:

The Bank’s Database Administrators can have full access by performing actions like creating, modifying and deleting customer records based on their privileges. However, the accounting staff of the bank can only read any field of customer records like names, bank accounts, credit card information, but they cannot create, modify, or delete any records. Therefore, full access to the records is allowed, but they are denied modification or deleting privileges. On the other hand the marketing staff can only read restricted data of the customers and fields like credit card and social security information can be hidden from them (Piscitello, 2016).

Conversely, the bank achieves a greater leverage of security by implementing authorization, authentication, and access controls by granting different users privileges that are relevant to enable them perform their assigned duties, which is known as Role Based Access Control. By implementing all these methods, it helps the bank to monitor the activities of the employees because the systems have an audit trail that helps track all actions performed. By so doing, the systems, resources, data, and assets are adequately protected and secured.

References

Gebel, G. (2018). Why you need both authorization and authentication. Available at: https://www.csoonline.com/article/3269302/authentication/why-you-need-both-authorization-and-authentication.html

Net Informations (n.d.). Difference between Authentication and Authorization. Available at: http://net-informations.com/faq/asp/authentication.htm

Piscitello, D. (2016). Access Controls, User Permissions and Privileges. Available at: https://www.icann.org/news/blog/access-controls-user-permissions-and-privileges

Place your order
(550 words)

Approximate price: $22

Calculate the price of your order

550 words
We'll send you the first draft for approval by September 11, 2018 at 10:52 AM
Total price:
$26
The price is based on these factors:
Academic level
Number of pages
Urgency
Basic features
  • Free title page and bibliography
  • Unlimited revisions
  • Plagiarism-free guarantee
  • Money-back guarantee
  • 24/7 support
On-demand options
  • Writer’s samples
  • Part-by-part delivery
  • Overnight delivery
  • Copies of used sources
  • Expert Proofreading
Paper format
  • 275 words per page
  • 12 pt Arial/Times New Roman
  • Double line spacing
  • Any citation style (APA, MLA, Chicago/Turabian, Harvard)

Our guarantees

Delivering a high-quality product at a reasonable price is not enough anymore.
That’s why we have developed 5 beneficial guarantees that will make your experience with our service enjoyable, easy, and safe.

Money-back guarantee

You have to be 100% sure of the quality of your product to give a money-back guarantee. This describes us perfectly. Make sure that this guarantee is totally transparent.

Read more

Zero-plagiarism guarantee

Each paper is composed from scratch, according to your instructions. It is then checked by our plagiarism-detection software. There is no gap where plagiarism could squeeze in.

Read more

Free-revision policy

Thanks to our free revisions, there is no way for you to be unsatisfied. We will work on your paper until you are completely happy with the result.

Read more

Privacy policy

Your email is safe, as we store it according to international data protection rules. Your bank details are secure, as we use only reliable payment systems.

Read more

Fair-cooperation guarantee

By sending us your money, you buy the service we provide. Check out our terms and conditions if you prefer business talks to be laid out in official language.

Read more
error: Content is protected !!
Live Chat+1(978) 822-0999EmailWhatsApp

Order your essay today and save 20% with the discount code LEMONADE