Access Control Fundamentals

In information security, access control is imperative to ensure confidentiality, integrity, and availability. Controlling who has access to a system and the breadth of access a user has is vital to ensure the security of systems and data on the systems. Read this article to understand the terms access control, access, subject, and resource. Note the challenges, the principles, the criteria, and the practices used in access control.

1. Introduction

Access controls are security features that control how users and systems communicate and interact with other systems and resources.

Access is the flow of information between a subject and a resource.

subject is an active entity that requests access to a resource or the data within a resource. E.g.: user, program, process, etc.

resource is an entity that contains the information. E.g.: Computer, Database, File, Program, Printer, etc.

Access controls give the organization the ability to control, restrict, monitor, and protect resource availability, integrity, and confidentiality


Source: https://en.wikibooks.org/wiki/Fundamentals_of_Information_Systems_Security/Access_Control_Systems
Creative Commons License This work is licensed under a Creative Commons Attribution-ShareAlike 3.0 License.