Access Controls Provide A Mechanism

2068 Words9 Pages
Introduction
Access Controls provide a mechanism, which allows an administrator to ensure that appropriate techniques are in place to control how users interact with an IT system. It provides an avenue where restrictions can be developed, specifying what a user can do, the resources they can access, and the functions they can execute on a system. It is aligned with the three main security principles; confidentiality, integrity and availability. This alignment ensures that data and resources within an IT system will remain confidential as required, the structure will remain intact and these objects will remain available, so as not to diminish the functionality of the system. Access controls that are incorporated into a security plan are
…show more content…
One of the difficulties in managing this access arises from the need to provide a variety of user’s access, each requiring a different type of access to the system. For the sake of security, the need to manage this access should be defined by one or more of the following frameworks; Role Based Access Control (RBAC), Discretionary Access Controls (DAC), Mandatory Access Control (MAC), and Mandatory Access Control (MAC).

Statement of Purpose
The current state of the organization’s access control management system is consistent with that of the DAC model. A recent move to outsource certain business practices and continued organizational growth has created an environment where increases in employee hiring’s and employee turnover are inevitable. An analysis of various methods of access control has been requested, so that we can better understand how specific access control attacks are perpetrated and their origin. Information will be collected and then analyzed in order to substantiate any recommended changes to the current access control configurations. RBAC, DAC, and MAC will be compared and contrasted, in order to gain insight, as to how each plays a role in reducing the risk to a system, along with identifying the strengths and weaknesses of each. These results, along with a detailed recommendation will be presented to executive management, in order to generate the necessary support for altering the current program
Get Access