Create an account
The process by which resources or services are granted or denied on a computer system or network
Four standard access control models used to enforce access control
Identification, authentication, authorization, access
A user accessing a computer system would present credentials or identification, such as a username
Checking the user's credentials to be sure that they are authentic and not fabricated
Access Control Models
Provides a predefined framework for hardware and software developers who need to implement access control in their devices or applications
Mandatory Access Control (MAC) Model
The end user cannot implement, modify, or transfer any controls. Most restrictive model because all controls are fixed
Discretionary Access Control (DAC) model
A subject has total control over any objects that he or she owns. Least Restrictive
DAC has two significant weaknesses
1. It relies on the end-user subject to set the proper level of security 2. A subject's permissions will be "inherited" by any programs that the subject executes
User Account Control (UAC)
Operating systems prompt the user for permission whenever software is installed
Three primary security restrictions implemented by UAC
1. Run with limited privileges by default 2. Applications run in standard user accounts 3. Standard users perform common tasks
Role Based Access Control (RBAC) model
an based on a user's job junction within the organization. Sometimes called Non-Discretionary Access Control. Considered a more "real world" approach than the other models. Assigns permissions to particular roles in the organization, and then assigns users to that role. Objects are set to be a certain type, to which subjects with that particular role have access
Rule Based Access Control (RBAC) model
can dynamically assign roles to subjects based on a set of rules defined by a custodian. Also called automated provisioning.
Separation of duties
Requires that if the fraudulent application of a process could potentially result in a breach of security
Instead of one person having sole responsibility for a function, individuals are periodically moved from one job responsibility to another
Each user should be given only the minimal amount of privileges necessary to perform his or her job function
Methods to implement access control are divided into two broad categories
Physical access control and logical access control
Access control list (ACL)
A set of permissions that is attached to an object that specifies which subjects are allowed to access the object, and what operations they can perform on it
Access control entry (ACE)
Each entry in the ACL table in the Microsoft Windows, Linux, and Mac OS X operating systems
A Microsoft Windows feature that provides centralized management and configuration of computers and remote users using the Microsoft directory services known as Active Directory (AD)
Brute force attack
Simply trying to guess a password through combining a random combination of characters
Make password attacks easier by creating a large pre-generated data set of hashes from nearly every possible password combination
Physical Access Control
primarily protects computer equipment and is designed to prevent unauthorized users from gaining physical access to equipment in order to use, steal, or vandalize it
4.45 centimeters (1.75 inches) tall, can be stacked with up to 50 other servers in a closely confined area
Combination locks that use buttons that must be pushed in the proper sequence to open the door
Use multiple infrared beams that are aimed across a doorway and positioned so that as a person walks through the doorway
A security device that monitors and controls two interlocking doors to a small room (a vestibule) that separates a nonsecured area from a secured area
Closed circuit television (CCTV)
Using video cameras to transmit a signal to a specific and limited set of receivers
Please allow access to your computer’s microphone to use Voice Recording.
Having trouble? Click here for help.
We can’t access your microphone!
Click the icon above to update your browser permissions and try again
Reload the page to try again!Reload
Press Cmd-0 to reset your zoom
Press Ctrl-0 to reset your zoom
It looks like your browser might be zoomed in or out. Your browser needs to be zoomed to a normal size to record audio.
Please upgrade Flash or install Chrome
to use Voice Recording.
For more help, see our troubleshooting page.
Your microphone is muted
For help fixing this issue, see this FAQ.
Star this term
You can study starred terms together