Access Control Fundamentals

In information security, access control is imperative to ensure confidentiality, integrity, and availability. Controlling who has access to a system and the breadth of access a user has is vital to ensure the security of systems and data on the systems. Read this article to understand the terms access control, access, subject, and resource. Note the challenges, the principles, the criteria, and the practices used in access control.

11. Access Control Technologies

11.3. SESAME

Introduction

SESAME (Secure European Systems for Applications in a Multi-vendor Environment) is an SSO technology that was developed to extend Kerberos functionality and improve upon its weakness.
SESAME uses a symmetric and asymmetric cryptographic technique to protect exchanges of data and to authenticate subjects to network resources.
SESAME uses digitally signed privileged Attribute Certificates (PAC) to authenticate subjects to objects. PAC contains the subject’s identity, access capabilities for the object, access time period, and lifetime of the PAC