Access Control Fundamentals

In information security, access control is imperative to ensure confidentiality, integrity, and availability. Controlling who has access to a system and the breadth of access a user has is vital to ensure the security of systems and data on the systems. Read this article to understand the terms access control, access, subject, and resource. Note the challenges, the principles, the criteria, and the practices used in access control.

11. Access Control Technologies

11.1. Single Sign-On

Introduction

SSO is a technology that allows a user to enter credentials one time and be able to access all resources in primary and secondary network domains

Advantages

Reduces the amount of time users spend authenticating to resources.
Enable the administrator to streamline user accounts and better control access rights
Improves security by reducing the probability that users will write down their passwords
Reduces the administrators time in managing the access permissions

Limitations

Every platform application and resource needs to accept the same type of credentials, in the same format, and interpret their meaning in the same way.

Disadvantages

Once an individual is in, he is in, thus giving a bigger scope to an attacker