Posts

Role-Based Access Control (RBAC)

Image
  DEFINITION OF ROLE-BASED ACCESS CONTROL (RBAC) Role-based access control (RBAC) restricts network access based on a person's role within an organization and has become one of the main methods for advanced access control. The roles in RBAC refer to the levels of access that employees have to the network. Employees are only allowed to access the information necessary to effectively perform their job duties. Access can be based on several factors, such as authority, responsibility, and job competency. In addition, access to computer resources can be limited to specific tasks such as the ability to view, create, or modify a file. As a result, lower-level employees usually do not have access to sensitive data if they do not need it to fulfill their responsibilities. This is especially helpful if you have many employees and use third-parties and contractors that make it difficult to closely monitor network access. Using RBAC will help in securing your company’s sensitive data and...
2 comments
Read more

Discretionary Access Control (DAC)

Image
What is Discretionary  access control (DAC) Discretionary access control (DAC) is a type of security access control that grants or restricts object access via an access policy determined by an object's owner group and/or subjects. DAC mechanism controls are defined by user identification with supplied credentials during authentication, such as username and password. DACs are discretionary because the subject (owner) can transfer authenticated objects or information access to other users. In other words, the owner determines object access privileges. Discretionary access control is commonly discussed in contrast to  mandatory access control  (MAC). Occasionally a system as a whole is said to have "discretionary" or "purely discretionary" access control as a way of saying that the system lacks mandatory access control. On the other hand, systems can be said to implement both MAC and DAC simultaneously, where DAC refers to one category of access controls that subje...
Post a Comment
Read more

Mandatory Access Control (MAC)

Image
What is Mandatory access control (MAC) Mandatory access control (MAC) is a model of access control where the working framework gives clients access dependent on information secrecy and client leeway levels. In this model, access is conceded on a need-to-know premise: clients need to demonstrate a requirement for data prior to obtaining entrance. Macintosh is viewed as the most secure of all entrance control models. Access rules are physically characterized by framework executives and carefully upheld by the working framework or security piece. Customary clients can't change security credits in any event, for the information they've made.   With MAC, the process of gaining access looks like this : ·          The administrator configures access policies and defines security attributes: confidentiality levels, clearances for accessing different projects and types of resources. ·          The admi...
Post a Comment
Read more

Access Control in Network Security

Image
What is Access Control ? Access control is where security engineering meets computer science.  In the most basic sense, access control in network security is about determining who gets access to what stuff (files, directories, etc).   The main function of access control is to control which active subject have access to which passive object using some specific access operation, where subjects are usually people or groups and objects are files or directories. According to this, objects can be resources that are to be protected from unauthorized access, use, or disclosure. And the subject being the user/s or some non-person entities such as applications & services that the access controls apply to. Therefore, access controls in a more technical way are the tools, policies, and mechanisms that enables us to grant or restrict access to any organization’s digital resource, including everything from restricting or granting access to specific files and databases to IT systems....
2 comments
Read more