Scribd
Upload
79 views

Access Control

Access control regulates who or what can view or use resources. It has two types: physical control limits access to physical areas and assets, while logical control limits access to computer networks, files, and data. There are several types of access control models, including discretionary access control (DAC), mandatory access control (MAC), role-based access control, and attribute-based access control. DAC is a common model where owners set access policies for their data and systems, determining who can access it. For example, UNIX file permissions allow owners to set read, write, and execute permissions for users and groups.

Uploaded by

Syed Luqman
Copyright
© © All Rights Reserved
Available Formats
Download as PPTX, PDF, TXT or read online on Scribd
79 views

Access Control

Access control regulates who or what can view or use resources. It has two types: physical control limits access to physical areas and assets, while logical control limits access to computer networks, files, and data. There are several types of access control models, including discretionary access control (DAC), mandatory access control (MAC), role-based access control, and attribute-based access control. DAC is a common model where owners set access policies for their data and systems, determining who can access it. For example, UNIX file permissions allow owners to set read, write, and execute permissions for users and groups.

Uploaded by

Syed Luqman
Copyright
© © All Rights Reserved
Available Formats
Download as PPTX, PDF, TXT or read online on Scribd
You are on page 1/ 11

Access Control

Access control is a security


technique that regulates
who or what can view or
use resources in a
computing environment. It
is a fundamental concept in
security that minimizes risk
 to the business or
organization.
 There are two types of access control:
physical and logical.
 Physical access control limits access to campuses,
buildings, rooms and physical IT assets.
 Logical access control limits connections to
computer networks, system files and data.
Types of access control
 Mandatory access control (MAC). 
 Discretionary access control (DAC).
 Role-based access control (RBAC)
 Rule-based access control
 Attribute-based access control (ABAC).
Discretionary Access Control (DAC)
This is an access control method in which owners or
administrators of the protected system, data or
resource set the policies defining who or
what is authorized
to access the
resource.
 InDAC, each system object (file or data object)
has an owner, and each initial object owner is the
subject that causes its creation. Thus, an object's
access policy is determined by its owner.

A typical example of DAC is Unix file mode,


which defines the read, write and execute
permissions in each of the three bits for each user,
group and others.
DAC VS MAC
DAC:
 A type of control in which the owner of the
resource restrict the access to resource based on
identity of users.
 Access is determined by owner.
 It is not secure than MAC.
 It is more flexibles.
MAC
 A type of control in which the owner of the
resource restrict the access to resource based on
the clearance of the subjects.
 Access is determines by the system.
 It is more secure.
 It is less flexible.
DAC attributes include:

 User may transfer object ownership to another user(s).


 User may determine the access type of other users.
 After several attempts, authorization failures restrict
user access.
 Unauthorized users are blind to object characteristics,
such as file size, file name and directory path.
 Object access is determined during access control list
(ACL) authorization and based on user identification
and/or group membership.
DAC is easy to implement and intuitive but has
certain disadvantages, including:

 Inherentvulnerabilities (Trojan horse)


 ACL maintenance or capability
 Grant and revoke permissions maintenance
 Limited negative authorization power
THANK YOU…..

You might also like