Page 62 - DCAP516_COMPUTER_SECURITY
P. 62
Computer Security
Notes 5.9 Summary
Access control mechanisms provide controls for users accessing resources.
Access control authentication devices evolved to include id and password, digital
certificates, security tokens, smart cards and biometrics. Access control authorization
meanwhile evolved into role based access control.
In ring based access control, n layers of privilege (rings) exists where ring 0 is most
privileged and ring n is least privileged. Special gates between rings are provided to
allow an outer ring to access an inner ring’s resources.
5.10 Keywords
Access Control: It is the process by which users are identified and granted certain privileges to
information, systems, or resources.
Access Control Device: It properly identifies people, and verifies their identity through an
authentication process so they can be held accountable for their actions.
Authentication: It is a process by which you verify that someone is who they claim they are.
Authorization: It is finding out if the person, once identified, is permitted to have the resource.
5.11 Review Questions
1. What are the basic authentication means by which an individual may authenticate his
identity?
2. What do you mean by access control? Why is it required?
3. Discuss the various access control objective.
4. Explain in detail about the access control list giving examples.
5. Describe the various abbreviations used in ACL.
6. Explain the process of creation and maintenance of ACL
7. Describe the concept of ring based access control and propagated access control lists.
Answers: Self Assessment
1. Confidentiality 2. Integrity
3. Authentication 4. Identity Management Software
5. Access Control 6. Administration
7. True 8. False
9. True 10. False
11. True 12. False
56 LOVELY PROFESSIONAL UNIVERSITY
