Authentication and Authorization Methodologies Essay

Authentication and Authorization Methodologies

Student’s name

Institution Affiliation


Don't use plagiarized sources. Get Your Custom Essay on
Authentication and Authorization Methodologies Essay
From as low as $9/Page
Order Essay

Authentication and Authorization MethodologiesIn our generation digital environment is highly vulnerable to attacks such as hackers and spammers. Therefore, implementing authentication and authorization are the most vital factors should be put in place when it comes to the security of information. The system meant for authentication purpose in any organization must be integrated in a manner that guarantees customer’s security of their data. Organizations led by Chief Executive Officer (CEO), Chief Information Officer (CIO) together with their team of staffs have a greater responsibility of making use of authentication and authorization as a top prior to ensure security of the databases.

, this could be organization’s planning/management data, their client’s data or partners. This context focuses on options for the authentication and authorization methodologies but particularly for the Navy Federal Credit Union the organization of choice and finally, recommend on how to mitigate the impacts of risks from vulnerabilities.

Roles of Employed by Navy Federal Credit Union Regarding Data Security.

Accounts existence are scattered across the internet. Each and every one of those accounts is has potential vulnerability to attacks and can interfere with confidentiality of vital data. The Navy Federal Credit Union has employed creation of unique username and password when users are creating their accounts. Their systems also incorporate password reset as well as change of username in case one has forgotten any of the later or suspects information leak. Moreover, the organization ensure their ATM’s used by their customers are safe from phishing and others attacks. Their entrusted staffs are ever alert and constantly keep monitoring systems for possible suspicious occurrence.

Common Attacks Against Access Control Methods

Although Navy Federal Credit Union has put in place security measures to control access of data as explained above, there are still vulnerabilities. For instance, they have not yet established a formal password policy that is able to meet the organization’s regulatory requirement. Instead, makes it optional for its clients to choose their passwords that are at times inconvenient and unreliable due to their weak status. Moreover, the organization uses a single-factor authentication which compromises the clients’ personal information such as the social security number, income, account transaction payment history, account information and account balance. The Navy Federal Credit Union uses a single Sign-On technology where the user is assigned into a single screen name which results in the logging in or unlocking of multiple webpages/sites and applications. Integrated systems with the ability to monitor the accessibility or permissions attracts vulnerability to attack due to the use of single authentication protocol. For instance, the system incorporate password reset feature, unauthorized person might gat an opportunity to predict a current or future password in the process of changing it via single authentication. It has been proven that regular changing of passwords does more harm than good, furthermore, this act is ineffective as a means of securing data.

Countermeasures to Reduce Vulnerabilities and Mitigate Potential Attacks on Access Methods.

Two-factor authentication is greatly recommended where an account is secured by two different locks with different factors before access is granted. Rather than the password, the two-factor authentication adds an added security. It can be a number of questions which have to be provided with the right answers in order to validate the actual account owner. An SMS message can be sent to your phone number, as a secret key. The organization should also put in place a password policy in the context of mandatory password expiration to increase the security (Wanger et al., 2015).

All the servers in the organization should use Active networks as they involve fast dynamics of varying element configuration because of the downloading and performing of Active Applications (AAs). These changes are required to be automated in order to launch an AA, on the other hand, the system that automates configuration should also be updated as new AA is launched. Conclusively, the self-configuring network automates configuration management (Kim, 2013).

The Navy Federal Union should react in ad-hoc fashion with a response plan in the aim of limiting data breach as much as possible. The Computer Security Incidence Response Team (CSIRT) can as well coordinate response effort through a number of ways including the identification of target attacks. Determining the threat severity through Geo IP services, intelligence and reputation feed and Virus Total. Verifying the infection if any and finally containing the threat (Tondel et al., 2014)


Globally, organizations encounter various risks associated with different threats, regardless of the nature or state of threat, it is up to the administrators of the organization to responsibly limit and contain the risks from respective threats. With the objective of improving IT security through vulnerability management, the Navy Federal Union or any other organizations should determine their scope. Identify the asset owners, manage expectations, work with single authoritative source and finally formulate policies, business, systems and customers are better protected when there is well integrated vulnerability management process


Kim, H., & Feamster, N. (2013). Improving network management with software defined networking. IEEE Communications Magazine, 51(2), 114-119.

Tondel, I. A., Line, M. B., & Jaatun, M. G. (2014). Information security incident management: Current practice as reported in the literature. Computers & Security, 45, 42-57.

Wang, D., He, D., Wang, P., & Chu, C. H. (2015). Anonymous two-factor authentication in distributed systems: certain goals are beyond attainment. IEEE Transactions on Dependable and Secure Computing, 12(4), 428-442.

How to place an order?

Take a few steps to place an order on our site:

  • Fill out the form and state the deadline.
  • Calculate the price of your order and pay for it with your credit card.
  • When the order is placed, we select a suitable writer to complete it based on your requirements.
  • Stay in contact with the writer and discuss vital details of research.
  • Download a preview of the research paper. Satisfied with the outcome? Press “Approve.”

Feel secure when using our service

It's important for every customer to feel safe. Thus, at The Homework Writings, we take care of your security.

Financial security You can safely pay for your order using secure payment systems.
Personal security Any personal information about our customers is private. No other person can get access to it.
Academic security To deliver no-plagiarism samples, we use a specially-designed software to check every finished paper.
Web security This website is protected from illegal breaks. We constantly update our privacy management.

Get assistance with placing your order. Clarify any questions about our services. Contact our support team. They are available 24\7.

Still thinking about where to hire experienced authors and how to boost your grades? Place your order on our website and get help with any paper you need. We’ll meet your expectations.

Order now Get a quote