Access Control Models Flashcards

1
Q

Discretionary Access Control (DAC)

A

Access policy determined by owner.

Used by Windows.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Mandatory Access Control (MAC)

A

Computer determines access by using security labels. Every subject (user) and file/folder/device or network connection (objects) is assigned a data label. Every data label creates a trust level for all subjects and objects.

Used in high security systems such as in the military. You essentially must have a “need to know” for access. MAC is implemented via Rule-based and Lattice-based access control methods.

Exists in FreeBSD OS and SELinux OS.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Rule Based Access Control

This is not RBAC

A

Label-based access control. Access is granted or denied to objects by comparing the object label and the subject label.

Just know that this is apart of Mandatory Access Control for exam.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Lattice Based Access Control

A

Utilizes complex mathematics to create sets of objects and subjects to define how they interact.

Just know that this is apart of Mandatory Access Control for exam.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Role-Based Access Control (RBAC)

A

Access controlled by system like MAC but utilizes a set of permissions instead of data labels.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

Attribute-Based Access Control (ABAC)

A

Access is dynamic and context-aware using IF-THEN statements. Uses tags.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly