Please enable JavaScript.
Coggle requires JavaScript to display documents.
ACCESS CONTROLS - Coggle Diagram
ACCESS CONTROLS
effects of violations
loss of customer confidence
bad publicity
new legislation and regulations
more oversight
financial penalties
loss of opportunity
Threats
disclosure of private info
corruption of data
damage to equipment
danger to facilities
failure of systems
4 PARTS
Authentication
Authorization
Identification
Accountability
Formal models
Discretionary Access Control
Mandatory Access Control
Nondiscretionary Access Control
Rule Based Access Controll
2 TYPES
Logical Controls
computer system/network
Physical Controls
buildings, protected areas
Authorization Policy
authorization - the process of deciding who has access to which computer / network resources
a method in which access resources are decided by the user's authority level
Identification Methods
identification - providing credentials to claim to be a specific person or entity
usernames, smart id, biometrics
centralized / decentralized
centralized applied using AAA
authentication, authorization, accounting
decentralized in the hands of the people, managers who are closest to users
authentication process
validate / prove identity
7 types
performance
behavior
characteristics
location
ownership
relationship
knowledge