ACCESS CONTROL Flashcards
1
Q
Known as an identity based access control model
A
Discretionary access control
2
Q
A central authority determines which files a user can access
A
Non discretionary access control
3
Q
Best describes a rule based access control model
A
Uses global rules to apply to all users equally
4
Q
Access control model on a firewall
A
Rule based
5
Q
What type of access controls rely on the use of labels
A
Mandatory
6
Q
Characteristic of mandatory access control
A
Prohibitive
7
Q
Role based access control
A
Groups users into roles based on organisations hierarchy.
Any question mentioning hierarchy is always going to be role based ACL
8
Q
Rule based access control
A
Uses global rules applied to all users equally
9
Q
Bell La Padula
A
Simple security property- not allowed to read up (obvious). “No read up” * Security property-not allowed to write to lower level “ no write down” Strong star (*)- can not read or write to an object of higher/lower sensitivity
DOESNT DEAL WITH COVERT CHANNELS
10
Q
BIBA
A
No read down
No write up
- always is write
