Access Control Fundamentals

In information security, access control is imperative to ensure confidentiality, integrity, and availability. Controlling who has access to a system and the breadth of access a user has is vital to ensure the security of systems and data on the systems. Read this article to understand the terms access control, access, subject, and resource. Note the challenges, the principles, the criteria, and the practices used in access control.

2. Access Control Challenges

Various types of users need different levels of access - Internal users, contractors, outsiders, partners, etc.
Resources have different classification levels- Confidential, internal use only, private, public, etc.
Diverse identity data must be kept on different types of users - Credentials, personal data, contact information, work-related data, digital certificates, cognitive passwords, etc.
The corporate environment is continually changing- Business environment needs, resource access needs, employee roles, actual employees, etc.