FINAL Project IS3230

1658 Words Jan 8th, 2015 7 Pages
Project IS3230
Access Control Proposal
Name: Rafiq Sabaoui

Access control:

type of access control by which the operating system constrains the ability of a subject or initiator to access or generally perform some sort of operation on an object or target. In practice, a subject is usually a process or thread; objects are constructs such as files, directories, TCP/UDP ports, shared memory segments, IO devices etc. Subjects and objects each have a set of security attributes. Whenever a subject attempts to access an object, an authorization rule enforced by the operating system kernel examines these security attributes and decides whether the access can take place. Any operation by any subject on any object will be tested against the set of
…show more content…
Furthermore, too great a degree of granularity in classification levels can quickly become too complex and expensive.
There are several dimensions by which data can be valued, including financial or business, regulatory, legal and privacy. A useful exercise to help determine the value of data, and to which risks it is vulnerable, is to create a data flow diagram. The diagram shows how data flows through your organization and beyond so you can see how it is created, amended, stored, accessed and used. Don't, however, just classify data based on the application that creates it, such as CRM or Accounts. This type of distinction may avoid many of the complexities of data classification, but it is too blunt an approach to achieve suitable levels of security and access.
One consequence of data classification is the need for a tiered storage architecture, which will provide different levels of security within each type of storage, such as primary, backup, disaster recovery and archive -- increasingly confidential and valuable data protected by increasingly robust security. The tiered architecture also reduces costs, with access to current data kept quick and efficient, and archived or compliance data moved to cheaper offline

More about FINAL Project IS3230