The access control policy is a security technique that system administrators in both organizational and governmental agencies can use to determine who (i.e. individuals) or what (i.e. systems) can be given access to resources in a computing environment.
Here, 2020 Vision looks into the two key types of access control, as well as the three main categories that form the fundamentals of the regulations.
The main types of access control
Physical access control
Limiting the right of use to rooms, buildings, entire campuses and physical IT assets are all examples of physical access control.
Logical access control
Logical access control is when the right of use to connections to data, system files and computer networks are restricted.
The main categories of access control
Mandatory access control
Also referred to as MAC, mandatory access control is a security strategy whereby owners of an ability individual resource can grant or deny access to resource objects within a file system.
MAC is usually found in both government and military facilities, with each and every file system object given a classification label. A system administrator defines the criteria and this is enforced by either a security kernel or an operating system.
End users are therefore unable to alter any of the restrictions. Instead, they will be prompted by the operating system or security kernel to show their necessary credentials before being granted access to a specific resource.
Discretionary access control
Otherwise known as DAC, discretionary access control sees object access being granted or restricted by a policy that is set by the owner group or the subjects of the object in question.
The reason that DACs are discretionary is that the subject’s owner is able to transfer the access of authenticated objects or information to other users. In short, the owner has the means to determine any privileges. Role-based access control
Recognised as RBAC, role-based access control sees access to a computer or network resource regulated based on the roles of individual users within an enterprise.
The roles of each user are distinguished by an individual’s authority, job competency and responsibility within the enterprise that sets up a RBAC policy.
Whereas the majority of access control policies are set out on a rigid and object-by-object basis, RBAC allows roles to be changed, created or even discontinued whenever the needs of an enterprise alters. As a result, the privileges of each user will not need to be updated.
Examples of access control policies in action
The following are examples of when you may encounter an access control system:
- Inputting a password to a computer.
- Entering a personal identification number to gain entry to a service.
- Completing a biometric scan.
- Using the correct physical or electronic key in order to be admitted into a room or building.
Concerned about the security of your business and its facilities? Check out the various access control and visitor management systems available here at 2020 Vision today.