Chapter 6. Access Control
IN THIS CHAPTER
Understanding the different access control models
Understanding the different access control types
Defining identification, authentication, authorization, and accountability
Reviewing databases and database security
Implementing remote access security and controls
Controlling access to a network and its associated resources is the cornerstone of network security. Access control is the key component of protecting organizations' information and minimizing the harm that can be caused by an attacker. In today's distributed computing environment, where large amounts of computing power and sensitive intellectual property reside on individuals' desks, access control is crucial to any organization. It is important that the confidentiality, integrity, and availability of the information be always properly preserved.
This chapter describes methods used to categorize access controls, the different types of controls, and means for providing for secure and verifiable local and remote login.
Control Models
Access control is designed to control who has access to information and mitigate access-related vulnerabilities that could be exploited by threats to a network. A threat is an event or activity that has the potential to cause harm to the network. In this case, the threat would have the potential to bypass or foil access control mechanisms and allow an attacker to gain unauthorized access to a network. This unauthorized access could include disclosing, altering, ...
Get Network Security Bible, 2nd Edition now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.