Access Control Fundamentals
In information security, access control is imperative to ensure confidentiality, integrity, and availability. Controlling who has access to a system and the breadth of access a user has is vital to ensure the security of systems and data on the systems. Read this article to understand the terms access control, access, subject, and resource. Note the challenges, the principles, the criteria, and the practices used in access control.
11. Access Control Technologies
11.4. Security Domain
Introduction
- A domain is a set of resources that are available to a subject.
- A security domain refers to the set the resources working under the same security policy and managed by the same group.
- Domains can be separated by logical boundaries, such as
- Firewalls with ACL’s
- Directory services making access decisions
- Objects that have their own ACL’s indicating which individual or group can access them.
- Domains can be architected in a hierarchical manner that dictates the relationship between the different domains and the ways in which subjects within the different domains can communicate.
- Subjects can access resources in domains of equal or lower trust levels.