Access Control from an OS Security Perspective; Confidentiality; Discretionary Access Control; Firewall; Integrity; Mandatory Access Control; Role Based Access Control Show
DefinitionAccess control is a security function that protects shared resources against unauthorized accesses. The distinction between authorized and unauthorized accesses is made according to an access control policy. TheoryAccess control is employed to enforce security requirements such as confidentiality and integrity of data resources (e.g., files, database tables) to prevent unauthorized use of resources (e.g., programs, processor time, expensive devices), or to prevent denial of serviceto legitimate users. Practical examples of security violations that can be prevented by enforcing access control policies are: a journalist reading a politician’s medical record (confidentiality), a criminal performing fake bank account bookings (integrity), a student printing... This is a preview of subscription content, access via your institution. Buying optionsChapter EUR 29.95 Price includes VAT (Australia)
eBookEUR 748.99Price includes VAT (Australia)
Hardcover BookEUR 799.99Price excludes VAT (Australia)
Learn about institutional subscriptions Access Control. Fig. 1 Access Control. Fig. 2 Access Control. Fig. 3 Saltzer JH, Schroeder MD (September 1975) The protection of information in computer systems. Proceedings of the IEEE 9(63):1278–1308 CrossRef Google Scholar Clark DD, Wilson DR (1987) A comparison of commercial and military computer security policies. In Proceedings of the IEEE Symposium on Security and Privacy, pp 184–194 Google Scholar Brewer D, Nash M (1989) The Chinese wall security policy. In Proceedings of the IEEE Symposium on Security and Privacy, pp 206–214 Google Scholar Landwehr CE (September 1981) Formal models for computer security. ACM Comput Surv 13(3):247–278 CrossRef Google Scholar Lampson BW (January 1974) Protection. ACM Operating Syst Rev 8(1):18–24 CrossRef Google Scholar Harrison MH, Ruzzo WL, Ullman JD (1976) Protection in operating systems. Commun ACM 19(8):461–471 CrossRef MATH MathSciNet Google Scholar Griffiths PP, Wade BW (September 1976) An authorization mechanism for a relational database system. ACM Trans Database Syst 1(3):242–255 CrossRef Google Scholar Fagin R (September 1978) On an authorization mechanism. ACM Trans Database Syst 3(3):310–319 CrossRef Google Scholar Lampson BW, Abadi M, Burrows M, Wobber E (November 1992) Authentication in distributed systems: theory and practice. ACM Trans Comput Syst 10(4):265–310 CrossRef Google Scholar Dennis JB, Van Horn EC (March 1966) Programming semantics for multiprogrammed computations. Commun ACM 9(3): 143–155 CrossRef MATH Google Scholar Fabry RS (1974) Capability-based addressing. Commum ACM 17(7):403–412 CrossRef Google Scholar Linden TA (December 1976) Operating system structures to support security and reliable software. ACM Comput Surv 8(4):409–445 CrossRef Google Scholar Levy HM (1984) Capability-based computer systems. Digital Press, Maynard Google Scholar Ellison CM, Frantz B, Lampson B, Rivest R, Thomas BM, Ylönen T (September 1999) SPKI certificate theory. RFC 2693 Google Scholar Sandhu RS, Coyne EJ, Feinstein HL, Youman CE (February 1996) Role-based access control models. IEEE Comput 29(2): 38–47 CrossRef Google Scholar Sandhu RS (November 1993) Lattice-based access control models. IEEE Comput 26(11):9–19 CrossRef Google Scholar Bell DE, LaPadula LJ (May 1973) Secure computer systems: a mathematical model. Mitre Technical Report 2547, Volume II Google Scholar Biba KJ (1977) Integrity considerations for secure computer systems. Mitre Technical Report 3153 Google Scholar Denning DE (1976) A lattice model of secure information flow. Commun ACM 19(5):236–243 CrossRef MATH MathSciNet Google Scholar Download references Author informationAuthors and Affiliations
Authors
Editor informationEditors and Affiliations
Rights and permissionsReprints and Permissions Copyright information© 2011 Springer Science+Business Media, LLC About this entryCite this entryBrose, G. (2011). Access Control. In: van Tilborg, H.C.A., Jajodia, S. (eds) Encyclopedia of Cryptography and Security. Springer, Boston, MA. https://doi.org/10.1007/978-1-4419-5906-5_179 In which type of access control system would access to data be determined by a subject clearance?Mandatory Access Control (MAC) is system-enforced access control based on a subject's clearance and an object's labels.
What are the 4 types of access control?Access Control: Models and Methods. This response leads to more frustration as the user needs to get on with their task and all they need is access to one folder. ... . Mandatory Access Control (MAC). Role-Based Access Control (RBAC). Discretionary Access Control (DAC). Rule-Based Access Control (RBAC or RB-RBAC). What are the 3 types of access control?Three main types of access control systems are: Discretionary Access Control (DAC), Role Based Access Control (RBAC), and Mandatory Access Control (MAC). DAC is a type of access control system that assigns access rights based on rules specified by users.
What is access control mechanism in information security?Access control identifies users by verifying various login credentials, which can include usernames and passwords, PINs, biometric scans, and security tokens. Many access control systems also include multifactor authentication (MFA), a method that requires multiple authentication methods to verify a user's identity.
|