Categories of Access Control
The two categories of access controls are
System access controls: Controls in this category protect the entire system and provide a first line of defense for the data contained on the system.
Data access controls: Controls in this category are specifically implemented to protect the data contained on the system.
System access controls
System access controls are the hard and crunchy outside of a system, providing the first line of defense in information security. They protect systems and information by restricting access to the system.
Although system access controls can provide complete authentication, authorization, and accountability (AAA), they’re renowned for authentication.
You can base authentication on any of three factors:
Something you know, such as a password or a personal identification number (PIN): This concept is based on the assumption that only the owner of the account knows the secret password or PIN needed to access the account. Username and password combinations are the simplest, least expensive, and therefore most common authentication mechanism implemented today. Of course, passwords are often shared, stolen, guessed, or otherwise ...