This preview shows pages 1–3. Sign up to view the full content.
This preview has intentionally blurred sections. Sign up to view the full version.View Full Document
Unformatted text preview: TECH 7350 Managing Information Security The Graduate School of Management at the University of Dallas TECH 7350 MANAGING INFORMATION MANAGING INFORMATION SECURITY SECURITY Sandra Blanke, Ph.D., CISSP The Graduate School of Management at the University of Dallas Unit 3 Chapter 4 Unit 3 Chapter 4 Access Control Models and Layers Access Control Models and Layers Part 4 of 5 Part 4 of 5 2 Access Control Models Access Control Models dictate how subjects access objects Access Control Models are Built into the core of the Different Operating Systems / applications Discretionary Access Control (DAC) Non-discretionary (role based) (RBAC) Mandatory Access Control (MAC) 3 Discretionary Access Controls Owner specifies which subjects can access which resources Windows and Macintosh use DAC Access Control List (ACL) TECH 7350 Managing Information Security The Graduate School of Management at the University of Dallas 4 Role Based Access Control RBAC = Non-discretionary access control Centrally administered set of Controls Owners assign privileges to roles System Administrator create the roles/functions within the systems Security Administrator provides the privileges to user ID and groups 5 Mandatory Access Control...
View Full Document
This note was uploaded on 02/20/2011 for the course TECH 7350 taught by Professor Lee during the Spring '11 term at University of Arkansas for Medical Sciences.
- Spring '11