Access Control

Trust and identity management is also supported by access control.

KEY POINT

Access control is the ability to enforce a policy that states which entities (such as users, servers, and applications) can access which network resources.

NOTE Access control also indirectly helps ensure confidentiality and integrity of sensitive data by limiting access to the data. In contrast, authorization mechanisms limit the access of an entity to resources based on subject identity.

Network access control mechanisms are classified in the following ways:

■ Authentication mechanisms, which establish the subject's identity.

■ Authorization mechanisms, which define what a subject can do in a network and thus limit access to a network. The granularity of access, such as read-only or write, may also be defined.

■ Accounting mechanisms, such as an audit trail, which provides evidence and accounting of the subject's actions, and real-time monitoring, which provides security services such as intrusion detection.

Authentication, authorization, and accounting (AAA) are network security services that provide a framework through which access control to a network is defined.

Was this article helpful?

0 0
Project Management Made Easy

Project Management Made Easy

What you need to know about… Project Management Made Easy! Project management consists of more than just a large building project and can encompass small projects as well. No matter what the size of your project, you need to have some sort of project management. How you manage your project has everything to do with its outcome.

Get My Free Ebook


Post a comment