Cissp access control systems

Access Control Systems and methodology


User makes a claim as to his or her identity.

User proves his or her identity using one or more mechanisms.

System makes decisions about what resources the user is allowed to access and the manner in which they may be manipulated.

System keeps an accurate audit trail of the users activity.

Entities that may be assigned permissions.

Types of resources that subjects may access.

Relationships between subjects and the objects they may access.

Contains access control entities (ACEs) that correspond to access permissions.

Access control list (ACL)

Controls designed to prevent unwanted activity from occurring.

Type of controls that provide a means of discovering unwanted activities that have occurred.

Controls that are mechanisms for bringing a system back to its original state prior to the unwanted activity.

Control type used to discourage individuals from attempting to perform undesired activities.

Control type implemented to make up for deficiencies in other controls.

Four phases of access control.

Identification, authentication, authorization, accounting

Three important access control concepts.

Subjects, objects, access permissions

Five types of access controls.

Preventative, detective, corrective, deterrent, compensatory

Three categories of access control.

Administrative, logical/technical, physical.

Controls constituting policies, procedures, disaster recovery plans, awareness training, security reviews and audits, background checks, reviews of vacation history, separation of duties, and job rotation.

Control type that restricts access to systems and the protection of information.

Logical/technical controls

Type of controls used to protect access to the physical facilities housing information systems.

States that the subjects of an access control system should have the minimum set of access permissions necessary to complete their assigned job functions.

Principle of least privilege

The ability to perform critical system functions should be divided among different individuals to minimize the risk of collusion.

Users should only have access to information that they have a need to know to perform their assigned responsibilities.

Users gain different access permissions as they move from position to position in an organization but old permissions are not revoked.

Authorization of the subjects access to an object depends on labels which indicate a subjects clearance and the classification or sensitivity of the related object

Mandatory access control (MAC)

Access control type where the subject has authority to specify what objects can be accessible.

Discretionary access control (DAC)

Access control type where the Administrator determines which subjects can have access to certain objects based on an organizations security policy.

Non-discretionary access control (NDAC) also known as role based access control (RBAC)

Access control type where the administrator specifies upper and lower bounds of the authority for each subject and uses those boundaries to determine access permissions.

Lattice based access control (LBAC)

Four types of access control systems.

MAC, DAC, NDAC (RBAC), LBAC

A central authentication and/or authorization point for an enterprise.

Centralized access control system

A series of diverse access control systems at different points throughout the enterprise.

Decentralized access control systems

Technology that enables centralized authentication.

Software used on a network to establish a users identity.

Three components of kerberos

Key distribution center (KDC), Authentication service (AS), Ticket granting service (TGS)

A public key based alternative to kerberos

Three authentication factors.

Something you know, something you have, something you are

Using at least two authentication factors.

Two-factor authentication

The most commonly implemented authentication technique.

Four different kinds of tokens

Static password, synchronous dynamic...



Share this article





Related Posts



Latest Posts
Access Control Security Systems
Access Control…
Better Security With Access Control Doors…
Honeywell Access Control System PDF
Honeywell Access…
Honeywell’s OmniProx™ family is a complete…
Access Control System Architecture
Access Control…
ADepartment of Computer Languages and…
Definition of stability in control system
Definition of…
Pros : Keeps cars on the road that would…
How to control your nervous system?
How to control…
Stress is an epidemic. It is one of the…
Search
Featured posts
  • Texas Systems and Controls
  • Systems and Control Engineering
  • Paxton Access Control Systems
  • What is Access Control Systems?
  • Security Access Control Systems
  • Access Control Systems UK
  • Parking Access Control Systems
  • Biometric door Access Control Systems
  • Card readers Access Control Systems
Copyright © 2019 l www.oliver-control.com. All rights reserved.