What is Authentication?

Authentication is the act of establishing the same claim as users identify on a computer
system. As opposed to identification, authenticity is the process of verifying a person's
or thing's identification. Personal identification must be validated, the website's validity
must be validated with a digital certificate, the relic must be carbon dated, and the
product or document must not be counterfeit.
The process of determining the claimed user is known as authentication
. This is the first stage of the security procedure. Completing the authentication procedure in less than or equal

● The password

● Pin is a one-time use item

● An app for authentication

● Biometric identification

Before providing access, the system may need to validate numerous factors correctly.
This multi-factor authentication (MFA) requirement frequently allows for additional
protection beyond what passwords alone would give

What is Authorization?
Authorization is the capacity to assign privileges/privileges to a resource, and it pertains
to information security in general and k security, in particular, access control. In a more
formal sense, "authorization" refers to the process of creating an access policy. In
system security, authorization is the process of giving access to a specified resource or
function. This phrase is frequently used interchangeably with access control and client
permission.
Permission can allow someone to download specific files from a server or provide
particular users administrative access to a program.
Certification is always required for approval in a secure setting. Before the organization
administrator gives access to the requested resources, users must first confirm their
identification.
Types of Access Control
Access control is one of the easiest and most effective ways to meet your
security needs. Yet, not all techniques work the same way. In this section, I’ll go
through the 5 main types of access control you’ll run into.

1. Mandatory Access Control (MAC)

Above all others, MAC is the most strictly enforced control method. All
the access control settings and configurations are only accessible by the
administrator. You can’t change anything without their permission.

In other words, the designated system administrator defines MAC governance.

This includes the specific roles and permissions needed by each user. The OS or
organization’s security kernel layer is where MAC operates from. In effect, this
means assigned accesses are unalterable by end-users. To that end, users
can only access data their security labels entitle them to.

For instance, if you have 100 users in your business, you’ll have to configure 100
different roles and permissions in the system to use MAC. Above all others, it’s
one of the most robust access control techniques due to its simplicity.
Similarly, it’s also the most inflexible method as every change needs to occur at a
granular level.

MAC systems are often used in SMEs or specific silos within a larger business
that requires high-security levels. If you’re looking for a compromise in
functionality and usability then RBAC may be for you.

2. Role-Based Access Control (RBAC)

Role-based access control (RBAC) is becoming one of the most widely

adopted control methods. For some, RBAC allows you to group individuals
together and assign permissions for specific roles. If you decide to use RBAC,
you can also add roles into groups or directly to users.

RBAC makes assessing and managing permissions and roles easy. In

addition, it also provides you with better operational efficiency than MAC. Above
all, it makes it easier for businesses to meet regulatory compliance. For most,
RBAC is well known to reduce the operational overheads for managing a
business. It utilizes the principle of least privileges and reduces administration
costs. In vv vvvvvvv, once you set it up, you can scale any groups without
altering any permissions.

If you’re looking for access control that allows you to restrict or allow access on
object-level irrespective of roles, DAC could be the right fit

3. Discretionary AccessVv vv, ,,

m(DAC)

Discretionary access control (DAC) is another type of security access control

technique. It allows you to grant or restrict object access, where object in this
context means data entity.

Policies define an object owner, and many owners can exist within the business.
Unlike RBAC, for instance, which uses group-level permissions, DAC uses
object-level permissions. DACs are discretionary because the object owners can
transfer, change, or extend each object. In essence, this gives you the power to
quickly scale a business.

DAC provides granular access control that suits businesses having dynamic
security needs. Firstly, DAC allows you to change or transfer ownership of an
object from one user to another. Secondly, the object access in DAC uses
an access control list (ACL) authorization. This is built on user identification
and/or group membership. To this end, DAC offers several advantages:

● minimal administrative obligations.

● great customization.
● simple role management.
● reduced costs.
That said, DAC is also prone to inherent vulnerabilities such as trojan horse and
involves of ACL maintenance.

Intrusion Detection System (IDS)

A system called an intrusion detection system (IDS) observes network traffic for
malicious transactions and sends immediate alerts when it is observed. It is
software that checks a network or system for malicious activities or policy
violations. Each illegal activity or violation is often recorded either centrally using
a SIEM system or notified to an administration. IDS monitors a network or system
for malicious activity and protects a computer network from unauthorized access
from users, including perhaps insiders. The intrusion detector learning task is to
build a predictive model (i.e. a classifier) capable of distinguishing between ‘bad
connections’ (intrusion/attacks) and ‘good (normal) connections’.

How does an IDS work?

● An IDS (Intrusion Detection System) monitors the traffic on a computer

network to detect any suspicious activity.
● It analyzes the data flowing through the network to look for patterns and signs
of abnormal behavior.
● The IDS compares the network activity to a set of predefined rules and
patterns to identify any activity that might indicate an attack or intrusion.
● If the IDS detects something that matches one of these rules or patterns, it
sends an alert to the system administrator.
● The system administrator can then investigate the alert and take action to
prevent any damage or further intrusion.

What is SQL Injection (SQLi) and How to Prevent It

SQL Injection (SQLi) is a type of an injection attack that makes it possible to
execute malicious SQL statements. These statements control a database
server behind a web application. Attackers can use SQL Injection
vulnerabilities to bypass application security measures. They can go around
authentication and authorization of a web page or web application and
retrieve the content of the entire SQL database. They can also use SQL
Injection to add, modify, and delete records in the database.
An SQL Injection vulnerability may affect any website or web application that
uses an SQL database such as MySQL, Oracle, SQL Server, or others.
Criminals may use it to gain unauthorized access to your sensitive data:
customer information, personal data, trade secrets, intellectual property, and
more. SQL Injection attacks are one of the oldest, most prevalent, and most
dangerous web application vulnerabilities. The OWASP organization (Open
Web Application Security Project) lists injections in their OWASP Top 10 2017
document as the number one threat to web application security.

How and Why Is an SQL Injection Attack Performed

To make an SQL Injection attack, an attacker must first find vulnerable user
inputs within the web page or web application. A web page or web
application that has an SQL Injection vulnerability uses such user input
directly in an SQL query. The attacker can create input content. Such content
is often called a malicious payload and is the key part of the attack. After the
attacker sends this content, malicious SQL commands are executed in the
database.

SQL is a query language that was designed to manage data stored in

relational databases. You can use it to access, modify, and delete data. Many
web applications and websites store all the data in SQL databases. In some
cases, you can also use SQL commands to run operating system commands.
Therefore, a successful SQL Injection attack can have very serious
consequences.

● Attackers can use SQL Injections to find the credentials of other users
in the database. They can then impersonate these users. The
impersonated user may be a database administrator with all database
privileges.
● SQL lets you select and output data from the database. An SQL
Injection vulnerability could allow the attacker to gain complete access
to all data in a database server.
● SQL also lets you alter data in a database and add new data. For
example, in a financial application, an attacker could use SQL Injection
to alter balances, void transactions, or transfer money to their account.
 ● You can use SQL to delete records from a database, even drop tables.
Even if the administrator makes database backups, deletion of data
could affect application availability until the database is restored. Also,
backups may not cover the most recent data.
● In some database servers, you can access the operating system using
the database server. This may be intentional or accidental. In such
case, an attacker could use an SQL Injection as the initial vector and
then attack the internal network behind a firewall.

There are several types of SQL Injection attacks: in-band SQLi (using
database errors or UNION commands), blind SQLi, and out-of-band SQLi.
You can read more about them in the following articles: Types of SQL
Injection (SQLi), Blind SQL Injection: What is it.

To follow step-by-step how an SQL Injection attack is performed and what

serious consequences it may have, see: Exploiting SQL Injection: a Hands-on
Example

Simple SQL Injection Example

The first example is very simple. It shows, how an attacker can use an SQL
Injection vulnerability to go around application security and authenticate as
the administrator.

The following script is pseudocode executed on a web server. It is a simple

example of authenticating with a username and a password. The example
database has a table named users with the following
columns: username and password.

# Define POST variables

uname = request.POST['username']
passwd = request.POST['password']

# SQL query vulnerable to SQLi

sql = “SELECT id FROM users WHERE username=’” + uname + “’ AND password=’” + passwd +
“’”
# Execute the SQL statement
database.execute(sql)

These input fields are vulnerable to SQL Injection. An attacker could use SQL
commands in the input in a way that would alter the SQL statement executed
by the database server. For example, they could use a trick involving a single
quote and set the passwd field to:

password' OR 1=1

As a result, the database server runs the following SQL query:

SELECT id FROM users WHERE username='username' AND password='password' OR 1=1'

Because of the OR 1=1 statement, the WHERE clause returns the first id from
the users table no matter what the username and password are. The first
user id in a database is very often the administrator. In this way, the attacker
not only bypasses authentication but also gains administrator privileges. They
can also comment out the rest of the SQL statement to control the execution
of the SQL query further:

-- MySQL, MSSQL, Oracle, PostgreSQL, SQLite

' OR '1'='1' --
' OR '1'='1' /*
-- MySQL
' OR '1'='1' #
-- Access (using null characters)
' OR '1'='1' %00
' OR '1'='1' %16