16 July, 2016
Access control can be defined as a security technique utilized to restrict access to the physical and logical assets within an organization. The physical assets include the computer system or server room whereas the logical assets comprise networks, data, files etc. Having complete control over who can view, use or manipulate the resources in a computing environment, the companies can mitigate the likelihood of a potential security breach.
Types Of Access Control Systems
- Mandatory Access Control (MAC): This is the most stringent form of access control mechanism. In this, the access restrictions are monitored by the operating system according to the specifications provided by the system administrator. Each user or device on a network is assigned a classification label. When a user tries to view or edit any file on the server, the computer system verifies his credentials to determine if access should be granted.
- Discretionary Access Control (DAC): It allows each user to control access rights for their own file or program. Unlike Mandatory Access Control, the DAC is much more flexible when it comes to data security. It allows you to create customized access policies for each user. For instance, you can allow read and write access to one user as well as read-only access to another one for the same file.
- Role Based Access Control (RBAC): Also known as Non-Discretionary Access Control, it allows access depending upon the role of a user. Role is defined according to the job profile, responsibilities and authority of an employee within the organization. For instance, an accountant would be provided access to all the files that contain financial data.
- Rule Based Access Control (RB-RBAC): Under this type, access is allowed on the basis of a set of criteria defined by the system administrator. It is a good option if you need to stipulate access rights for a specific account during certain hours of the day. The rules set by the administrator are stored in Access Control Lists (ACLs).
Advantages Of Access Control
- It helps to increase data security and confidentiality in an organization
- It reduces administrative work needed to monitor unauthorized access to important files
- Access rights and protocols are easy to implement by the system administrator
- Access control systems decrease the possibility of security errors as the permissions are automatically monitored and regulated according to the specified criterion
We at Centex Technologies provide complete IT security & networking solutions to our clients. For consultation regarding implementation of access control in your organization, feel free to contact us at (855) 375 – 9654.