Access Control Flashcards
Access control
a fundamental security mechanism that determines who is allowed to access and use resources within a computing environment. It involves policies and procedures that manage permissions and ensure that only authorized users can access specific data, applications, and systems
Least privilege
is a security concept that dictates that users, applications, and systems should be granted the minimum levels of access—or permissions—necessary to perform their required tasks or functions. By limiting access rights, organizations can reduce the potential attack surface
MAC Mandatory Access Control
is a security model that restricts the ability of a user to access or manipulate resources based on a set of predetermined security policies established by a central authority. Unlike Discretionary Access Control (DAC), where resource owners can make decisions about access, MAC enforces access controls based on system-enforced policies that users cannot change.
DAC Discretionary Access Control
is a type of access control mechanism where the owner of a resource (such as a file, folder, or system) has the discretion to determine who can access or manipulate that resource. In DAC, access rights are assigned based on the identity of the user or group and can be modified by the resource owner.
RBAC Role-based Access Control
is an access control mechanism that assigns permissions to users based on their roles within an organization. In RBAC, access rights are grouped by role, and users are assigned to these roles, allowing them to access resources and perform actions associated with those roles. This model simplifies management of permissions and enhances security by ensuring that individuals have access only to the information and resources necessary for their job functions.
Rule-based Access Control
is an access control mechanism that uses a set of rules to determine whether a user can access specific resources or perform certain actions. Unlike Role-Based Access Control (RBAC), which assigns permissions based on roles, Rule-Based Access Control focuses on conditions or rules that dictate access based on various attributes, such as user status, time of access, or specific characteristics of the resource being accessed.
ABAC Attribute-based access control
is an access control paradigm that makes access decisions based on attributes of the user, the resource, and the environment. Unlike Role-Based Access Control (RBAC), which assigns permissions based on user roles, ABAC uses a more dynamic and fine-grained approach by evaluating multiple attributes to determine access rights.
Time-of-day restrictions
a specific access control mechanism that limits user access to resources based on the time of day. This method is often implemented as part of broader access control policies, and it can be used in various contexts, such as organizational security, data protection, and facility access.
