Saturday, February 12, 2011

The 3 A's of security when buying a coffee

The three A's of security are  authorization, authentication and auditing.  While these A's apply to computer security they are also present in most transactions.  For example, lets look at what happens when Igor wants to buy a coffee:

When Igor goes to buy a coffee with his credit card, the cashier starts by asking Igor for a Picture ID, then the cashier swipes Igor's card (which dials the head office to make sure there is money), finally a receipt is
printed. After all that Igor gets his coffee. Let's look at the 3 A's in this transaction
  • Authentication - Prove the entity is the entity -  Ensure Igor is Igor by making sure the picture on his drivers license matches his face.
  • Authorization - Prove an entity is allowed to do something - Ensure Igor is allowed to place a 5$ charge on his credit card.
  • Auditing - Record what has occurred - Write down that a coffee was purchased.
Authentication, Authorization, and Auditing in the coffee shop

2 comments:

Jake said...

hah, this is a great example

albina N muro said...

The three A's of security are authorization, authentication and auditing. While these A's apply to computer security they are also present in most transactions. For example, lets look at what happens when Igor wants to buy a coffee. security doors