Information security authentication program for Moonshine Mining Essay

distil excavation deals with the mining business related to diamond, sapphire, gold etc. Moonshine mining maintains altogether its intellectual properties and other master(prenominal) documents in 3 internal servers in Perth head office. This study is in truth confidential to the moon shining. This information should be operable only to the internal moon shining employees and other authorized personnels. Moonshine has identified the potential risk for the information assets through the risk assessment procedure.To overcome these risks, proper corroboration and other auspices procedures essential be implemented in the organization. apiece and e rattling method has its make disadvantages and advantages, the proper investigation and study must be performed to choose the best fit method for the organization. basis Computer surety must be an integral part of the organization. Computer Security is the protection afforded to an modify information system in order to attain the applicable objectives of preserving the integrity, availability and confidentiality of information system resources. by dint of the selection and application of appropriate base hitguards, security department helps the organizations mission by protecting its strong-arm and financial resources, reputation, legal position, employees, and other tangible and intangible assets (NIST 2006). many another(prenominal) organizations be sp fetch uping millions of dollars in ready reckoner security. Computer security policies and goals should be inline with the organization mission and policies. Computer security should be very cost effective. Specialized teams must be formed in the organization for monitoring and controlling the computer security policies and procedures.Basic Security policies should be followed in Moonshine Company Computer security policies must be accessible by everyone in the organization. Each and every single personnel in the organization is accountable for imple menting and maintaining the computer security. User support must be provided for solving various problems related to computer security. suffice desks atomic number 18 needed to be created for this type of support. Additional support batch be any helpline and online chat. package support should be available in the organization. Various restrictions be needed to be imposed on the usage of several kind of softwargon in the organization.Licensed and manifest software are recommended for publish free working environment. Backup plan should be implemented and followed carefully for restoration if disaster or unrecoverable errors ca apply. Media should be properly kept up(p) and periodic assessments are to be needed. Login information should be unbroken secret and several log records are to be assed for spotting unauthorized user access. Basic security features like firewall, antivirus software are to be made ready in the system. Integrity checks and other checks are to be perfor med frequently.Documentation and maintenance are the important activities needed to be done regarding computer security. certificate Authentication is very important for maintaining the computer security. Each and every personnel must be authenticated for accessing the information resources. There are many types of trademark methods. It rear end be broadly classified into deuce categories, Biometric authentication and Non Biometric authentication. The authentication must be implemented with the proper security algorithm to avoid intrusions. Many authentication schemes are developed over the years.Several hashing and other schemes are combined to make the unwrap authentication protocol. Privacy through Biometric Authentication It is found on identifying the person based on their in the flesh(predicate) and behavioral traits. There are several biometric authentication methods like finger print recognition, mettle recognition, flag recognition. Some the distinct advantages of b iometric method are users need not required to remember password/codes, invariable characteristics and ease of use. Finger print authentication Finger print authentication is the basic biometric authentication method.The patterns available on ridges and valleys of persons finger are unique for every individual (Harris D. 2000). Several algorithms are available in the market to uniquely identify the persons based on the patterns. The finger print authentication can be implemented in moon mining company with a very splendid amount of investment. The cost of installing devices and other software required for finger print authentication would be very minimal when compared to other biometric authentication methods. When compared to non biometric methods the database size would be litter larger for biometrics methods.Since the total of users in the moon mining company is very less the biometrics method can be easily implemented without any trouble. Finger print authentication method is not very a great deal suitable for moon shine mining company because in the mining company the person industrial plant with lot of dusts and smoke. Some readers might not recognize the dirty and dusted hands. Since it is a mining company persons may have some cuts in their hand so the readers may not work properly in those situations. Most of the time users might wear gloves in their hand, they might feel uneasy to remove for apiece and every time for the authentication.Face recognition Face recognition is another basic biometric authentication method. In this method, the persons face is captured using camera or infrared waves and it is authenticated with the existing database. The spatial geometry in the face is analyzed to uniquely identify the face. The face can be easily recognizes with change of facial expressions or change of hair style etc. The advantages of face recognition it is the contact free process. The database should be maintained with facial information of the users. The change in the face is very minimal.The moon mining company can prefer this method of authentication. The cost of execution of instrument is to a fault not so high. Some of the disadvantages include detecting the face mask and low start out environment (Vijayan 2009). Since it is a mining company it would operate in low light areas, so proper methods must be chosen to avoid low light environment problems. People from some ethnic groups and nationalities wont expose the face to outer world. In those situations the face recognition it is not possible to implement. Iris Recognition Iris recognition is one of the modish methods of biometric authentication.The food colored area that surrounds pupil is used for the identification of the persons (Daouk 2006). Every people have unique color pattern. It is also a non contact method of authentication. The cost of implementation is little high when compared to other methods. It is very fast and robust. The latest iris technologie s are very powerful in recognizing the patterns even though they are covered with the contact lenses and glasses. Iris based authentication is recommended if the moon mining company wants high end solution for the biometric authentication and ready for little high investment.Digital Signatures A digital signature is an modify method of verifying our usual handwritten signatures. The various features like speed, pressure, nodes etc are verified for authentication. This method is based on behavioral aspect of the person. It is simple method for authentication. It has many disadvantages like it can be imitated by others easily signature is tending to change slowly by time. Its not so safe to go with this type of authentication method. Privacy through Non Biometric Authentication The non biometric method for authentication is very viridity in the organization.It is simple and easy to implement. No extra infrastructure is required to implement these authentication methods. It is very c ost effective method. RFID Authentication method The privacy can be provided by ensuring the proper authentication mechanism in practice. Several authentication protocols are used in existence systems. The authentication allow be performed in the readers and authentication parameters and value are stored in the RFID tags. The RFID readers would be available in distributively and every computers of the moon shining company.One of the common practices is store common password in all the RFID tags to be used. Whenever the tag is read if the password matches the other processing is done else the tag would be neglected. another(prenominal) method for authentication is to assign store all the RFID tags unique number in database, when the tag is detected the number is cross checked with the database for authentication. Despite the numerous benefits of RFID systems, it has few pitfalls and some common problems. The main security threat in the RFID system is the privacy security breaches. each(prenominal) the information is stored in the RFID tags.The RFID tags can also be read by others who have the RFID readers. The data can be read and modified in the tags by any one using the RFID readers (Moscatiell 2007). The RFID systems may be collapsed if several RFID tags are processed together. The RFID tags can communicate only to one RFID reader at instance. If two RFID readers are accessing a single tag, at that place may be a junk or collapse in the system. Other Radio direct interference can violate some of the properties of the RFID systems. Some other security threats also exist for the RFID systems. thingummy Based AuthenticationIn this device based authentication, some special secure devices are used to generate the passcodes. These passcodes are verified for authorizing the persons. One of the famous devices is RSA based secureId device. It uses public key encryption for generating the passcode. Each and every user will have a small hand held device to gener ate the passcodes. These passcode are verified using the security algorithms for authentication. This method of authentication is also suggested for moon mining company. Conclusion All the organization should follow the tight computer security principles and policies.The basic security features must be installed in each and every computer system in the organization. All the users must be educated about(predicate) the computer security principles and various threat regarding. The company can also go for the third parties for implementation and maintenance of computer security in the organization. This would help the organization to have the better security. Dedicated teams must be available for performing and monitoring all the computer security activities. The organization will be in trouble if the computer security practices are not followed in the organization.