Access control - is the ability to permit or deny access to resources on a network or computer., Access control policy - defines the steps and measures that are taken to control access to objects., Access control system - includes policies, procedures, and technologies that are implemented to control access to objects., Authentication - is the process of validating identity. It includes the identification process, a user providing input to prove identity, and the system accepting that input as valid., Authorization - is granting or denying access to an object based on the level of permissions or the actions allowed with the object., Auditing - also referred to as accounting, is maintaining a record of the activity within the information system., Objects - are data, applications, systems, networks, and physical space., Subjects - are users, applications, or processes that need access to objects., Principle of least privilege - states that users or groups are given only the access they need to do their jobs and nothing more., Need to know - describes the restriction of data that is highly sensitive and is usually referenced in government and military context., Separation of duties - is the concept of having more than one person required to complete a task. This is a preventive principle primarily designed to reduce conflicts of interest. It also prevents insider attacks because no one person has end-to-end control and no one person is irreplaceable., Job rotation - is a technique where users are cross-trained in multiple job positions. Responsibilities are regularly rotated between personnel., Defense-in-depth - is an access control principle which implements multiple access control methods instead of relying on a single method. Multiple defenses make it harder to bypass security measures., Identification - is the act of claiming an identity, such as telling someone your name., Multi-Factor Authentication - is the process of using more than one way to verify identity. In the computer world, it is achieved by requiring two or more methods that only the user can provide., Mutual authentication - is when two communicating entities authenticate each other before exchanging data. It requires not only the server to authenticate the user, but the user to authenticate the server., Account creation - apply the appropriate access rights based on the job role as implemented in the access control system. Use the principle of least privilege and grant only the minimum privileges required to perform the duties of the position., Active accounts - apply the appropriate access rights based on the job role as implemented in the access control system. Use the principle of least privilege and grant only the minimum privileges required to perform the duties of the position., Creeping privileges - occur when a user's job position changes and the user is granted a new set of access privileges, but the user's current access privileges are not removed or modified, resulting in privilege escalation. As a result, the user accumulates privileges that are not necessary for the current work tasks., End-of-life procedures - should include not only deactivating or deleting unused accounts, but also destroying data that might remain on storage media. This will prevent sensitive data from being accessible to unauthorized users.,
0%
Access Control Models 6.1 Vocab
Share
by
Mrspendrak
Vocational / Technical
Computing
I-edit ang Content
Embed
Uban pa
Leaderboard
Show more
Show less
Kini nga leaderboard naka-pribado. Pag-klik sa
Share
aron himuon kini nga publiko.
Kini nga leaderboard gi-disable sa tag-iya sa resource.
Kini nga leaderboard gi-disable tungod ang imong mga kapilian lahi ra sa tag-iya sa resource.
I-revert ang mga Kapilian
Ang
Anagram
usa ka open-ended nga template. Dili kini makamugna ug mga marka sa leaderboard.
Kinahanglan mag log in
Visual style
Fonts
Subscription required
Mga Option
I-switch ang template
Ipakita tanan
Daghang mga format ang mugawas samtang gidula nimo ang activity.
Open results
Copy link
QR code
Mag-delete
I-restore ang gi-autosave:
?