Access control is the process by which permissions are granted for given resources. Access control can be physical (e.g., locked doors accessed using various control methods) or logical (e.g., electronic keys or credentials). There are several access control models, to include:
- Role-based access control: Access is granted based on individual roles.
- Mandatory access control: Access is granted by comparing data sensitivity levels with user sensitivity access permissions.
- Attribute-based access control: Access is granted based on assigned attributes.
- Discretionary access control: Access is granted based on the identity and/or group membership of the user.
The access control model used is determined based on the needs of the organization. To determine the best model, a risk assessment should be performed to determine what threats might be applicable. This information is then used to assess which model can best protect against the threats.
- Security Information in Production and Operations: A Study on Audit Trails in Database Systems
- State of the Art Authentication, Access Control, and Secure Integration in Smart Grid
- Broken Access Control
- An Introduction to Role-Based Access Control
- Guide to Attribute-Based Access Control
- Database Security & Access Control Models: A Brief Overview
- Access Control as a Service for the Cloud
- Trust-Based Access Control Model from Sociological Approach in Dynamic Online Social Network Environment
- Dynamic Access Control Model for Security Client Services in Smart Grid
- Assessment of Access Control Systems
- A Survey of Access Control Models
- OWASP Top 10 for .NET Developers Part 3: Broken Authentication and Session Management
Check Your Knowledge
Licenses and Attributions
Chapter Twelve: Western Europe and Byzantium circa 1000-1500 CE from World History: Cultures, States, and Societies to 1500 by Berger et al. is available under a Creative Commons Attribution-ShareAlike 4.0 International license. UMGC has modified this work and it is available under the original license.