Assignment : Designing Technical Safeguards

Good Essays

Assignment 1: Designing FERPA Technical Safeguards

Darryl W. Anderson

CIS 349

January 15, 2017

In the past, academic and administrative computer systems were isolated, either for security reasons or as a result of limited interconnectivity with other computers. Today, nearly any information that an administrator, teacher, student or parent might is available through a network connection. Course lectures are presented are viewed and students submit their assignments via the internet school class shell. Student and parents can view their grades online, administrative paperwork and other information can be shared through a variety of systems. The internet is an awesome and convenient way to communicate, but it introduces …show more content…

This process simplifies access controls by maintaining access control at a single location. One issue with this control method is that the central access control unit is a single point of failure. If the centralized access control unit fails, no access can be granted to objects. Additionally, the central access control can hinder performance if the system is unable to keep up with all access requests. Remote Authentication Dial-In User Service (RADIUS) offers a centralized access control for remote users. Users are authenticated off of the user list on the RADIUS server. You have the ability to configure the server to hang up and then call the valid user back at a predefined telephone number. Another example of centralized access control for remote users is Challenge Handshake Authentication Protocol (CHAP). CHAP presents a challenge when a user requests access. Access is only granted if the user responds to the challenge correctly. CHAP uses encryption during the process which enhances overall security. Decentralized access control defers the process of access control administration closer to the system in question. This approach places a heavier requirement on administration than centralized access control because a system may need to be secured at multiple locations. It is usually more stable without a single point of failure or single point of access exists.

Get Access