Information or system access control is almost a necessity in every organization that seeks to perform and achieve productivity. Authentication is the most commonly used mechanism in bid to achieve confidentiality, privacy and solely authorized access to information and the systems at large (Baier, 2010).
The response given to the issue of authentication administrative practices is true but not exhaustive. The Anderson proposal of a two-channel authentication given is one but not the only measure that can be employed (Baier, 2010). Two-way authentication is where the user reveals his/her identity to the system before being allowed to access it, and in return the system is expected to prove authenticity to the user. This helps prevent hacking issues, especially in cases where the user’s passwords and are the only details required for logging in.
The given response explains use of biometrics in authentication, though not in a comprehensive manner. Just a part of Anderson’s explanation on biometrics is given in the response, where it discusses use of mobile devices to enhance authentication. It’s focused on protecting the user, as opposed to the devices as most mechanisms do. The user becomes the main determinant of their identity and not the capability of the systems (Martin, 2009).
In the response, it’s outlined that the shortcomings inherent in wireless devices may compromise the authentication standards. To an extent this is factual; however, with proper manipulation and use of the devices this may not be experienced. The devices are not entirely involved in ensuring strong authentication, but simply leveraged to boost the mechanisms that are already in place.
Its, also, of great importance that the response recognizes and appreciates installation of applications and setting of measures that will govern data storage, transmission and other transactions as a major practice towards ensuring strong authentication (Martin, 2009).
References
Baier, D. (2010). A guide to claims-based identity and access control authentication and authorization for services and the web.. Redmond, Wash.: Microsoft.
Martin, L. (2009). Biometrics. Vacca, J. R. (Ed.), Computer and information security handbook. Boston, MA: Morgan Kaufmann Publishers.
