Access Control Models 4.3 Flashcards

1
Q

Access Control

A

Access first starts with authorization. Before you are given rights, you must first be authorized to use them.

User receives rights based on your Access Control Mode. Each entity will need to determine the process of how to give, who to give, and what to give policies.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Mandatory Access Control (MAC)

A

This means the operating system determines the limits of how much access a person has to a particular object. Every object needs to be assigned a label to determine the level of secrecy. Labeling the object determines the level of rights/access users have to that object based on predefined rules. The administrator decides who gets access to what security level. Users can not change these.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Discretionary Access Control (DAC)

A

Used in most operating systems. If you created a spreadsheet, you as the owner get’s to determine who has access to it. You can modify it at any time. This is very flexible access control but very weak security.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Role Based Access Control (RBAC)

A

Access based on your role within an organization. Administrator provides access based on role of the user. Rights are gained implicitly instead of explicitly. If the admin provides access to the managers, and directors are put into the manager group, then the directors all have the same rights. You see this in Windows “Groups”.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Attribute-Based Access Control (ABAC)

A

Users have complex relationships to apps and data. Access may be based on many different criteria. ABAC can determine your access based off of things like IP address, time of day, desired action, relationship to data, etc.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

Rule-Based Access Control

A

A set of rules determines access. Rules are determined by admin. Rules are associated with objects, the system checks an ACL for the object. Used commonly in firewalls.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

File System Security

A

Most OS’s provide a level of security at the file system. The OS can assign a level of security to each file. Most OS’s will keep an ACL that is associated by a group/user rights and permissions. Can also be administered from the file owner. Encryption can be built-in.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

Database Security

A

Databases have their own access control. Data integrity is usually an option in databases. The best security for a database is a well written app.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly