Trust Architectures

Video Activity
Join over 3 million cybersecurity professionals advancing their career
Sign up with
or

Already have an account? Sign In »

Time
7 hours 35 minutes
Difficulty
Intermediate
CEU/CPE
12
Video Transcription
00:02
Hello, everyone. Welcome to the S S. C. P. Example. I'm your instructor, Peter Sip alone.
00:08
This is the fourth
00:10
and last lesson off the main one.
00:13
So far in the main one, we've seen
00:16
access control, fundamental concepts,
00:19
types of access control,
00:21
security models,
00:23
authentication mechanisms.
00:26
And now,
00:27
for the last couple objectives, we will take a look at trust, architectures, trust direction and the identity management life cycle.
00:36
Let's get started.
00:40
These are the four trust architectures and how they relate to each other.
00:44
We'll start with the Internet.
00:47
The Internet is a personal, localized network belonging to organizations.
00:53
Onley members of a particular organization can access the Internet.
00:58
Um,
00:59
that organization.
01:02
The extra net
01:03
is a computer network that allows controlled access from outside
01:07
for specific business or educational purposes.
01:11
So if two Internet with networks want to share data or have a vial of go back and forth, they create an extra net, and then each Internet can put the shared things in the extra net
01:26
and the end. Then, at that point, the other intranet
01:30
can access those files.
01:33
Third type of the architecture is the D M Z.
01:36
This architecture since between the Internet and the Internet.
01:42
It's like considered a neutral, neutral zone. It prevents outside users from getting direct access to a server that has company data.
01:53
And, of course, the last time of the architecture is the Internet, which were very, very familiar with
01:59
the Internet is a global system of interconnected computer networks that used, you know, the TCP i P suite to link devices all around.
02:10
So
02:12
what is trust?
02:13
Trust is the belief in the security of a connection between domains or networks.
02:20
Trusted Pat is a series of trust relationships that authentication requests must follow between domains.
02:28
There are really three kinds of trust. There's one way trust,
02:31
two way trust
02:32
and trust. Transitive ity.
02:37
One way trust is very simple.
02:38
Domain has access to domain be,
02:44
but Domain B does not have access to demean
02:49
two way trust me trust and go in any direction. So with doing a has access to do me, B and D maybe has access to domain
03:01
trust. Transitive ity determines whether a trust could be extended outside the two domains between which the trust was formed.
03:09
So
03:10
would trust transitive ity.
03:13
If domain A has access to domain be
03:16
and domain be has access to domain. See,
03:22
therefore domain A has access to do means see
03:25
for domain beat without the access being direct
03:31
the identity management life cycle There five areas that make up this life cycle and this life cycle exists to manage users and people who are a part of an organization.
03:46
Five parts of the identity management lifecycle Our authorization
03:51
proofing, provisioning, maintenance and entitlement
03:55
authorization, as we looked at in a previous video, determines what a user can access after they've been authenticated.
04:05
Proofing
04:06
is more or less. The authentication purpose it involved verifies the person's identity before that person is issued. Any accounts or credentials,
04:17
provisioning is the automation of all procedures and tools.
04:24
Maintenance to the life cycle is comprised of user management, password management and roll group management
04:32
in total minutes. Similar authorization where it's a set of rules for managing access to a resource and for what purpose?
04:42
In today's brief lecture,
04:44
we discussed trust, architecture, the different kinds of networks and the trust associated with them.
04:49
Trust direction, how authentication requests
04:54
have to go back and forth through certain different ways. We saw that there was one way trust to wait, Trust and trust, transitive ity
05:02
and the identity management lifecycle How users are managed in an organization.
05:10
Kristen,
05:12
a software channel that is used for communication between two processes
05:15
that cannot be circumvented, is a one way trust.
05:19
Be two way trust.
05:21
See trusted computing based
05:25
de Trusted path.
05:30
If you said D trusted path, you are correct.
05:35
Hope you guys learned a lot. Thanks for watching and congratulations on finishing the first domain.
Up Next