Lecture 03 - Access Controls Flashcards
Physical Access Control
Limits access to physical assets like buildings.
Logical Access Control
Limits access to computers and sensitive data.
Principle of Least Privilege
Granting minimum access necessary.
Protection State
Defines permissions and security goals.
Access Matrix
Represents subjects, objects, and operations.
Enforcement Mechanism
refers to a system or method for ensuring compliance or adherence to rules, regulations, or policies.
Reference Monitor
Checks authorization based on access control policy
Policy Store
Database for protection, labeling, and transition states
RuBAC
Uses global rule lists for access parameters
Implicit deny
Access is denied unless explicitly allowed
Granular policies
Detailed and specific access control rules
Identity management structures
Organizational frameworks for managing user roles
Hierarchical security levels
Levels used to assign access permissions
Super admin role
Entails unrestricted access and control over system resources and configurations.
Implicit access
Access granted without explicit permission