MATAPELAJARAN: DATA & NETWORK SECURITY MARKAH:

TOPIK: 4.0 Access Control and

/40
KOD: BCN2033
User Authentication

PENILAIAN: Assignment BIL: 2 MASA: 2 weeks

Learning Objectives:

Through this assignment, student will:

1. Explore variety of access control method and policy and authentication mechanism.
2. Suggest how to implement the access control method and policy with authentication mechanism
for security purposes.
3. Create creativity on how to define method and policy suitable for an organization rather than just
directly look security issues based on product and technology.
4. Learn other security elements that are access control and authentication mechanism.

Instructions:

1. This work should do in group. Each group should have 5 members only.
2. This Assignment carries out 10% from your assessment mark.
3. It is advice to complete the assignment using any resources available such as book and Internet.
4. This assignment will be based on Chapter 1-4 in your text book as a point reference and handout
from your lecturer.
5. Deadline for report : 13/04/11 before 5.00 pm (at your lecturer’s room)

Assessments:

Your group will be assessed as follows:

1. Thorough discussion of each task below regarding two basic principles which are access control
and authentication.
2. Implementation of access control and authentication to the organization.
Tasks:

1. Choose one among these environments as a case study :

a. Ministry of Defense
b. Royal Malaysian Army Headquarter
c. Royal Malaysian Police Headquarter
d. Embassy Headquarter
e. School
f. University
g. Central Bank of Malaysia
h. National Registration Department
i. Royal Customs and Excise Department
j. National Security Division
k. Banking
l. Prime Minister Office
m. Others: please specify to your lecturer
2. Define selected access control method with justification to be implemented in the organization. Any
material from Internet (academic paper, journal, academic writing, and academic note) can be used
beside our textbook.
3. Create access control policies for the organization using the method identified above for accessing
data, system, network and physical system. Basically, can be divided into hardware and software
control.
4. Explanation of how to implement the policy is more important than the theoretical of its.
5. Assumption of any data, system, network and physical system in the organization must be made to
support the usage of access control policies.
6. Several access control methods can be combined to give better policies.
7. Any recommendation of method and policy must be clearly understandable and appropriately reflect
the organization structure.
8. Authentication mechanism must also be identified to ensure authenticity of legitimate user. Discuss
the possible authentication mechanism towards the organization and how is it possible to authenticate
user and differentiate legitimate with illegal access.

9. The assignment must be submitted in a format as follows:

a. Font : Century Gothic
b. Size : 10
c. Line Spacing : 1.5 lines
 MATAPELAJARAN: DATA & NETWORK SECURITY MARKAH:

TOPIK: 4.0 Access Control and

/40
KOD: BCN2033
User Authentication

PENILAIAN: Assignment BIL: 2 MASA: 2 weeks

10. The table of content for this assignment is as follows:

a. Introduction (1-2 pages)
b. Content (10-15 pages)
c. Conclusion (1-2 pages)
d. References (min 5)
e. Appendix