Week Eight Lecture - Security+ Guide to Network Security...

Info iconThis preview shows pages 1–10. Sign up to view the full content.

View Full Document Right Arrow Icon
Security+ Guide to Network Security Fundamentals, Third Edition Chapter 7 Access Control Fundamentals
Background image of page 1

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
Security+ Guide to Network Security Fundamentals, Third Edition Objectives Define access control and list the four access control models Describe logical access control methods Explain the different types of physical access control 2
Background image of page 2
Security+ Guide to Network Security Fundamentals, Third Edition What Is Access Control? Access control – The process by which resources or services are granted or denied on a computer system or network There are four standard access control models as well as specific practices used to enforce access control 3
Background image of page 3

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
Security+ Guide to Network Security Fundamentals, Third Edition Access Control Terminology Identification – A user accessing a computer system would present credentials or identification, such as a username Authentication – Checking the user’s credentials to be sure that they are authentic and not fabricated Authorization – Granting permission to take the action Access (A computer user is granted access) – To only certain services or applications in order to perform their duties 4
Background image of page 4
Security+ Guide to Network Security Fundamentals, Third Edition 5 Access Control Terminology (continued)
Background image of page 5

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
Security+ Guide to Network Security Fundamentals, Third Edition Access Control Terminology (continued) Computer access control can be accomplished by one of three entities: hardware, software, or a policy Access control can take different forms depending on the resources that are being protected Other terminology is used to describe how computer systems impose access control: Object Subject Operation 6
Background image of page 6
Security+ Guide to Network Security Fundamentals, Third Edition Access Control Models Access control model – Provides a predefined framework for hardware and software developers who need to implement access control in their devices or applications Once an access control model is applied – Custodians can configure security based on the requirements set by the owner • So that end users can perform their job functions 7
Background image of page 7

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
Security+ Guide to Network Security Fundamentals, Third Edition Access Control Models (continued) Mandatory Access Control (MAC) model – The end user cannot implement, modify, or transfer any controls – The owner and custodian are responsible for managing access controls This is the most restrictive model because all controls are fixed In the original MAC model, all objects and subjects were assigned a numeric access level – The access level of the subject had to be higher than that of the object in order for access to be granted 8
Background image of page 8
Security+ Guide to Network Security Fundamentals, Third Edition Access Control Models (continued) Discretionary Access Control (DAC) model – The least restrictive – A subject has total control over any objects that he or she owns • Along with the programs that are associated with those
Background image of page 9

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
Image of page 10
This is the end of the preview. Sign up to access the rest of the document.

Page1 / 34

Week Eight Lecture - Security+ Guide to Network Security...

This preview shows document pages 1 - 10. Sign up to view the full document.

View Full Document Right Arrow Icon
Ask a homework question - tutors are online