Latest

Home / cissp / nonrepudiation / Security / Security Dose 06122023- Nonrepudiation and its implementation!

Security Dose 06122023- Nonrepudiation and its implementation!

December 07, 2023 , ,

Security Dose 06122023- What is Nonrepudiation in Security and its implementation!


Security Dose 06122023- Nonrepudiation and its implementation!

Nonrepudiation ensures that one who perform an action cannot deny that it is performed by him. It prevents a person from claiming not to have sent a message, not to have accessed data, not to have been a cause of an event.

All that is possible with identification, Authentication, Authorization, Accounting, and Auditing. Nonrepudiation is implemented using certificates, transaction logs, access control mechanisms and other transaction control systems. Nonrepudiation is an important part of accountability.

In an IT environment, AAA is a one of the core components to implement nonrepudiation. The AAA stands for Authentication, Authorization, and Accounting/Auditing. AAA includes the following elements –

Identification – claiming to be an identity when we are trying to access secure system.

Authentication – is a way to ensure that you are what you claim to be.

Authorization – defines what all you are supposed to perform in system when you are granted access. It’s related to permissions.

Audit – records all your activities once you are identified, authenticated, authorized - during your interaction with system.

Accounting – reviewing of audit logs for compliance and violations to hold you accountable for your actions in case of violation of security policies.

AAA is foundational concept for security and sometime referenced in relation to secure authentication systems. Missing AAA elements in any network can result in incomplete security implementation where it is easy to repudiate.

Hope you find this information useful!

  Continue Reading...