Types of Access Control
- Attribute-based Access Control (ABAC): In this model, access is granted or declined by evaluating a set of rules, policies, and relationships using the attributes of users, systems and environmental conditions.
- Discretionary Access Control (DAC): In DAC, the owner of data determines who can access specific resources.
- History-Based Access Control (HBAC): Access is granted or declined by evaluating the history of activities of the inquiring party that includes behavior, the time between requests and content of requests.
- Identity-Based Access Control (IBAC): By using this model network administrators can more effectively manage activity and access based on individual requirements.
- Mandatory Access Control (MAC): A control model in which access rights are regulated by a central authority based on multiple levels of security. Security Enhanced Linux is implemented using MAC on the Linux operating system.
- Organization-Based Access control (OrBAC): This model allows the policy designer to define a security policy independently of the implementation.
- Role-Based Access Control (RBAC): RBAC allows access based on the job title. RBAC eliminates discretion on a large scale when providing access to objects. For example, there should not be permissions for human resources specialist to create network accounts.
- Rule-Based Access Control (RAC): RAC method is largely context based. Example of this would be only allowing students to use the labs during a certain time of day.
Different access control models are used depending on the compliance requirements and the security levels of information technology that is to be protected. Basically access control is of 2 types:
- Physical Access Control: Physical access control restricts entry to campuses, buildings, rooms and physical IT assets.
- Logical Access Control: Logical access control limits connections to computer networks, system files and data.
Access Control in Computer Network
Access control is a security strategy that controls who or what can view or utilize resources in a computer system. It is a fundamental security concept that reduces risk to the company or organization. In this article, we are going to discuss every point about access control.