Multi Party Authorization

Multi Party Authorization

Multi-Party Authorization (MPA) is a process to protect a telecommunications network, data center or industrial control system from undesirable acts by a malicious insider or inexperienced technician acting alone. MPA requires that a second authorized user approve an action before it is allowed to take place. This pro-actively protects data or systems from an undesirable act.

Contents

Architecture

Existing methods to protect data and systems from the malicious insider include auditing, job rotation and separation of duties. Auditing is a reactive method meant to discover who did what after the fact. Job rotation and separation of duties are limiting techniques meant to minimize prolonged access to sensitive data or systems in order to limit undesirable acts. In contrast, MPA is a pro-active solution.

An advantage MPA has over other methods to protect from undesireable acts by a malicious insider or inexperienced operator is that MPA is pro-active and prevents data or systems from compromise by a single entity acting alone. MPA prevents the initial undesirable act rather than dealing with a breach or compromise after the fact.

Application

Multi-Party Authorization technology can secure the most vulnerable and sensitive activities and data sources from attack by a compromised insider acting alone. It is somewhat analogous to weapons systems that require two individuals to turn two different keys in order to enable the system. One person cannot do it alone. Another example is to consider access to a lock box in a bank. That access requires multiple parties, one the lock box owner and another a bank official. Both individuals act together to access the lock box, while neither could do so alone. MPA, in like manner, ensures that a second set of eyes reviews and approves of activity involving critical or sensitive data or systems before the action takes place.

Multi Party Authorization is suitable for a wide variety of applications. MPA can be implemented to protect any type of sensitive data in electronic form or any activity within a network infrastructure or computerized control system. An electronic health record is an example of a data record that could be protected by MPA. Multi-Party Authorization provides pro-active protection from undesirable acts by the inexperienced technician or malicious insider.

References

US Patent 7,519,826, issued: April 14, 2009 for "Near Real Time Multi-Party Task Authorization Access Control"

Additional reading

IT BusinessEdge, Nov 25, 2009 "Protecting From the Malicious Insider: Multi Party Authorization"


Wikimedia Foundation. 2010.

Игры ⚽ Нужно решить контрольную?

Look at other dictionaries:

  • Comparison of VoIP software — VoIP software is used to conduct telephone like voice conversations across Internet Protocol (IP) based networks. VoIP stands for Voice over IP . For residential markets, VoIP phone service is often cheaper than traditional public switched… …   Wikipedia

  • Commodity Futures Modernization Act of 2000 — The Commodity Futures Modernization Act of 2000 (CFMA) is United States federal legislation that officially ensured the deregulation of financial products known as over the counter derivatives. It was signed into law on December 21, 2000 by… …   Wikipedia

  • 2011 Libyan civil war — For more details on this topic, see Timeline of the 2011 Libyan civil war. 2011 Libyan civil war Part of the Arab Spring …   Wikipedia

  • Kuomintang — KMT redirects here. For other uses, see KMT (disambiguation). Kuomintang of China 中國國民黨 …   Wikipedia

  • Republic of China — This article is about the sovereign state on Taiwan since 1949. For the territories currently governed by the Republic of China, see Taiwan and List of islands of the Republic of China. Not to be confused with the People s Republic of China.… …   Wikipedia

  • Russian Civil War — Clockwise from top: Soldiers of the Don Army in 1919; a White infantry division in March 1920; soldiers of the 1st Cavalry Army; Leon Trotsky in 1918; hanging of workers in Yekaterinoslav by the Czecho …   Wikipedia

  • Terminal Services — Infobox Software name = Terminal Services developer = Microsoft operating system = Microsoft Windows, Mac OS X latest release version = 6.0.6001.18000 latest release date = February 4, 2008 use = Remote Desktop Access license = MS EULA website =… …   Wikipedia

  • Remote Desktop Services — Developer(s) Microsoft Stable release 7.0 (6.1.7600) / October 27, 2009 …   Wikipedia

  • November 2005 — is the eleventh month of that year. It began on a Tuesday and ended after 30 days on a Wednesday. Portal:Current events << November 2005 >> …   Wikipedia

  • Politics of Spain — takes place in a framework of a parliamentary representative democratic constitutional monarchy, whereby the Monarch is the Head of State and the President of the Government is the head of government in a multi party system. Executive power is… …   Wikipedia

Share the article and excerpts

Direct link
Do a right-click on the link above
and select “Copy Link”