Explain the concept of discretionary access privileges
In centralized systems, a system administrator usually determines who is granted access to specific resources and maintains the access control list. In distributed systems, however, resources may be controlled (owned) by end users. Resource owners in this setting may be granted discretionary access privileges, which allow them to grant access privileges to other users. For example, the controller, who is the owner of the general ledger, may grant read-only privileges to a manager in the budgeting department. The accounts payable manager, however, may be granted both read and write permissions to the ledger. Any attempt by the budgeting manager to add, delete, or change the general ledger will be denied. The use of discretionary access control needs to be closely supervised to prevent security breaches because of its liberal use.
You might also like to view...
Recommendations by analysts who monitor corporate performance
A) have a material impact on the business and all of its stakeholders. B) are generally disregarded by the majority of investors. C) are illegal under the Sarbanes-Oxley Act. D) are the only drivers of public opinion about a firm. E) typically have little impact on a company's viability.
The Racketeer Influenced and Corrupt Organizations Act (RICO) applies only to organized crimes
Indicate whether the statement is true or false
If a value represents the 95th percentile, this means that:
a. 95% of all values are below this value b. 95% of all values are above this value c. 95% of the time you will observe this value d. there is a 5% chance that this value is incorrect e. there is a 95% chance that this value is correct
What are Gersick’s (1991) three barriers to change? Explain why each one contributes to resisting change.
What will be an ideal response?