There are three principal components of any access control scenario:
Any time you have to decide whether to allow or deny access by a subject to a resource, you have entered the access control problem domain.
A well-defined access control system consists of three elements:
Organizations typically use procedures and tools together to enforce policies. For example, most companies have strict policies to determine who has access to personnel records. These records contain sensitive and confidential information that could be used to inflict serious harm on individual employees and the company as a whole if those records were compromised. The policy may state that only employees within the human resources department, with a specific need for the information contained within a given record, may have access to it.
To enforce this policy, the company has procedures that state that a record can be given only to employees with the proper credentials (the authentication process) who fill out a form stating their specific need for the information contained in the record they request. When the request is approved, the employees may be given a username and password to access the employee records’ Intranet site (the authorization process). The Intranet site, along with the username and password, is the tool required to grant access to personnel records.
The subject in an access-control scenario is a person or another application requesting access to a resource such as the network, a file system, or a printer.
There are three types of subjects when it comes to access control for a specific resource:
Every individual who initially approaches an access control system is unknown until he or she attempts to authenticate. For example, someone might be asked to provide a username and password. If the user does not provide the correct password, the system still does not know who the user is and he or she retains unknown status. On the other hand, if the user’s password is correct, the system now knows with certainty who the user is and must check to see if the user is authorized to access the requested resource. Someone allowed to access the resource moves to the “authorized” state. Otherwise, the user is still known, but now moves to the “unauthorized” state.
This process is known as AAA (or “triple A”) security and involves three components:
Users are not the only subjects in access control systems. Technological resources may also serve as subjects. For example:
Technology subjects may use password authentication or may rely on other forms of identification and authorization. For example, a network may be authenticated by its IP address.
There are three main categories of objects to be protected by access controls:
Information is the most common asset in terms of IT access controls. You put passwords on databases and applications to ensure that only authorized users can access the information they contain. Technology objects are just as important because a malicious user can easily compromise the integrity of data by attacking the technology that stores and uses it. If an unauthorized user gains access to a file server, that user can easily steal, delete, or change the data stored on the file server.
Consider an automated teller machine (ATM) in a mall. That system deals with highly sensitive data, but in order to fulfill its purpose, it must be in an open, easily accessed area. In this type of situation, information and technology-based access controls become doubly important.
Physical security is the process of ensuring that no one without the proper credentials can access physical resources, including hardware and physical locations. If all of the servers require a password to log on, why bother restricting who can enter the server room? The answer is simple—if a malicious user’s goal is to bring down a server, he or she doesn’t need to log in. All the person needs to do is unplug it, steal it, or destroy it.
Most server and network systems have “backdoors” that are available to anyone with physical access to the machine. These backdoors allow system administrators to take control of a server that has been corrupted. For example, an individual who is able to gain physical access to a network router can almost always take control of that device, even without knowledge of the correct password. Some locations, such as a server room, are controlled-access locations for the reasons just described. Others must have uncontrolled access in order to be useful.
3.135.190.232