List and explain the three types of access control policies
What will be an ideal response?
Three types of access control policies include: (1) role-based; (2) discretionary; and
(3) mandatory. Role-based access control (RBAC) systems grant access based on the roles that
individual users have in the organization. Oftentimes, under this type of system, access rights are
based on the person’s position, job assignments, or responsibilities in the organization.
Generally, RBAC systems are easy to administer because they are not based on the personal
characteristics of the user, where system administrators (in the case of computer- based access
control) can simply grant permissions in bulk, based on the position a person holds.
Discretionary access control (DAC) systems, which are common in many businesses, grant
access to information by the owner of that information. Under these models, the owner of the
information or the system administrator decides or delegates who is going to have access to it,
adding or removing individuals from the access control list as needed. Mandatory access control
(MAC) systems are nondiscretionary strategies that are considered more secure than
discretionary models. Mandatory access systems have fixed rules or attributes that allow access
to information or information systems.
You might also like to view...
No two specimens of writing prepared by one person are ever identical in every detail
Indicate whether the statement is true or false.
Alimony is a section of a final divorce decree that can never be modified.
Answer the following statement true (T) or false (F)
The analysis of body movement is called:
a. Movement techniques b. Behavioral analysis c. Kinesics analysis d. Motion analysis
What ways can an author display statistical results without redundant information using compressed displays?
What will be an ideal response?