Security Dose 06122023- Nonrepudiation and its implementation!
Security Dose 06122023- What is Nonrepudiation in Security and its implementation!
Nonrepudiation ensures that one who perform an action cannot
deny that it is performed by him. It prevents a person from claiming not to
have sent a message, not to have accessed data, not to have been a cause of an
event.
All that is possible with identification, Authentication,
Authorization, Accounting, and Auditing. Nonrepudiation is implemented using
certificates, transaction logs, access control mechanisms and other transaction
control systems. Nonrepudiation is an important part of accountability.
In an IT environment, AAA is a one of the core components to
implement nonrepudiation. The AAA stands for Authentication, Authorization, and
Accounting/Auditing. AAA includes the following elements –
Identification – claiming to be an identity when we are trying
to access secure system.
Authentication – is a way to ensure that you are what you claim
to be.
Authorization – defines what all you are supposed to perform
in system when you are granted access. It’s related to permissions.
Audit – records all your activities once you are identified,
authenticated, authorized - during your interaction with system.
Accounting – reviewing of audit logs for compliance and violations
to hold you accountable for your actions in case of violation of security
policies.
AAA is foundational concept for security and sometime
referenced in relation to secure authentication systems. Missing AAA elements
in any network can result in incomplete security implementation where it is
easy to repudiate.
Hope you find this information useful!
- Security: Cisco ASA Vs Cisco FTD - The Network DNA
- Site-to-Site VPN: IPSEC Tunnel Between an ASA and a Cisco IOS Router
- Cisco Security: Cisco ASA 5505 Interfaces configuration for Access Ports
- Cisco Security: Cisco ASA 5505 Interfaces configuration for Trunk Port
- Cisco ASA Series 1: Restoring the ASA to Factory Default Configuration
- Cisco ASA Series 2: Configuring NAT
- Cisco ASA Series 3: Easy VPN Remote
- Cisco ASA Series 4: Configuring VLANs and Sub interfaces
- Cisco ASA Series 5: Configuring Threat Detection
- Site to Site IPSec VPN Tunnel between Cisco ASA and Palo Alto Firewalls