Identity-based security

Identity-based security is a patented network security approach,^[1] put forward by Cyberoam which includes security components that provides visibility and control over user activity in a particular network. It offers a more robust network security system which includes a user's human identity as a part of the firewall rule matching criteria.^[2]

The concept includes treating a user's identity as the 8th Layer (also known as the HUMAN layer) in the network protocol stack, thus attaching user identity to security while authenticating, authorizing and auditing the network. This takes organizations a step ahead of conventional security appliances which bind security to IP-addresses.^[3] Such an approach allows organisations to create security policies that align to users and groups rather than to IP addresses which ultimately gives them more precise control over who can access the network—and what they can access.^[4]

Identity-based security prevents systems against address spoofing attacks by combining the point of encryption, authentication, and access control into a single unit.^[5]

See also

• Unified threat management
• Network security
• Cyberoam
• Identity-Based Conditional Proxy Re-Encryption

References

1. ↑
2. ↑ Identity based security – Cyberoam
3. ↑ Layer 8 Technology – Cyberoam
4. ↑ Identity-Based Firewall Security – Cisco
5. ↑ Identity-Based Security – Aruba Networks

External links

• Unified Threat Management Appliances and Identity-Based Security: The Next Level in Network Security – IDC VENDOR SPOTLIGHT, Sept 2007
• Cyberoam – Official Website
• Cyberoam Layer 8 Technology
• Identity based Reporting