2020 | OriginalPaper | Chapter
9. Access Control and Authorization
Published in:
Guide to Computer Network Security
Abstract
Access control is a process to determine “Who does what to what,” based on a policy.
One of the system administrator’s biggest problems, which can turn into a nightmare if it is not well handled, is controlling access of who gets in and out of the system and who uses what resources, when, and in what amounts. Access control is restricting this access to a system or system resources based on something other than the identity of the user. Access control, consisting of four elements: subjects, objects, operations, and a reference monitor, is one of the major cornerstones of system security. It is essential to determine how access control protection can be provided to each of the system resources. To do this, you need good access control and access protection policies. Authorization, commonly known as access permissions, is a set of access rights and access privileges granted to a user to benefit from a particular system resource. It is a determination of whether a user has permission to access, read, modify, insert, or delete certain data, or to execute certain programs. This chapter focuses on a detailed examination and discussion of these two processes that ensure systems safety.