Section 20 Access Control Flashcards
Methods used to secure data and information by verifying a user has permissions to read, write, delete, or otherwise modify it.
Access Control
The access control policy is determined by the owner.
Discrecretionary Access Control (DAC)
An access control policy where the computer systems determines the access control for an object.
Mandatory Access Controls (MAC)
Label based access control that defines whether access should be granted or denied to objects by comparing the object label and the subject label.
Rule Based Access Control
Utilizes complex mathematics to create sets of objects and subject to define how they interact.
Lattice Based Access Control (LBAC)
An access model that is controlled by the system (like MAC) but utilizes a set of permissions instead of a single data label to define the permission level.
Role Based Access Control (RBAC)
An access model that is dynamic and context aware using IF-THEN statements.
Attribute Based Access Control (ABAC)
Requires more than one person to conduct a sensitive task or operation.
Separation of Duties
Occurs when users are cycled through various jobs to learn the overall operations better, reduce their boredom, enhance their skill level, and most importantly, increase our security.
Job Rotation
Permissions assigned to a given user.
User Rights
Collection of users based on common attributes (generally work roles).
Groups
Program in Linux that is used to change the permissions or rights of a file or folder using a shorthand number system.
Chmod
4
R (READ)
2
W (WRITE)
1
X (EXECUTE)