Access Control Model
Access Control Models:
Access Controls ensures that only authenticated and authorized entities can access resources.
Role Based Access Controls:
It uses roles to manage rights and permissions for users.This is useful for users within a specific department who perform the same job functions. An administrator creates the roles and then assigns the specific rights and permissions to the roles instead of users.
Rule Based Access Controls:
Rule Based Access Controls uses rules. Rules can be static and dynamic. Static rules are implemented on routers or on firewalls. Examples of dynamic rules are IPS then modify rules to block the traffic from an attacker.
Discretionary Access Controls:
Every object has an owner, and the owner establishes access for the objects.
Mandatory Access Controls:
It uses labels sometimes referred to as security labels to determine access. Administrators assign labels to users and files/folders. When the label matches then the system grants access to that files/folders. When the label doesn't match, the access model blocks the access.
Attribute Based Access Controls:
It evaluates attributes and grants access based on the value of these attributes. Attributes can be any attributes and grant access when the system detects a match.
Comments
Post a Comment