[postlink]http://vandana-techcare.blogspot.com/2008/08/general-security-concepts.html[/postlink]Access Control
So what exactly is Access Control?
It is being able to get to what you need and then being able to control what you need
Mandatory Access Control is also known as multilevel security and is non-discretionary.
Resources are assigned “Security Labels” and, if labels don’t match, access is denied.
Discretionary Access Control (DAC)
Rule Based Access Control (RBAC)
Rule Based Access Control is a form of access control that looks at every request and performs a “match” on the
: There is also a Role Based Access Control (RBAC), so don’t get these access control methods
confused
So what exactly is Access Control?
It is being able to get to what you need and then being able to control what you need
Make sure you know the differences between authentication, controlling access, authorization and accountability
Mandatory Access Control is also known as multilevel security and is non-discretionary.
Resources are assigned “Security Labels” and, if labels don’t match, access is denied.
Discretionary Access Control (DAC)
Discretionary Access Control is what to use if you want to restrict users’ access to an object of some kind, like a
Rule Based Access Control (RBAC)
Rule Based Access Control is a form of access control that looks at every request and performs a “match” on the
resource request based on a set of conditions. The user is granted access, depending on the result of the match.
Access Control Lists are the most common form of RBAC.
: There is also a Role Based Access Control (RBAC), so don’t get these access control methods
confused
0 comments:
Post a Comment