Week 7 - Access Control

Access control is how organizations decide who can see or use certain information, tools, or areas. It’s a key part of keeping data and systems safe. There are several models used to manage access, and each works a little differently depending on what a company needs.

The first type is Discretionary Access Control (DAC). This model gives control to the person who owns the information or file. That person decides who else can access it. DAC is easy to use and flexible, but it can be risky if users make mistakes or don’t manage access carefully.

Mandatory Access Control (MAC) is much stricter. In this model, only a system administrator can decide who gets access. Users can’t make changes on their own. MAC is often used in high-security places like government offices because it keeps control tight and consistent.

Role-Based Access Control (RBAC) is common in businesses. People are given access based on their job role. For example, a manager might have access to more tools than a regular employee. RBAC is easy to manage, especially in larger companies, but it can get messy if too many roles are created.

Attribute-Based Access Control (ABAC) uses different details, or “attributes,” like someone’s job, department, or even the time of day, to decide if they can access something. It’s very flexible and specific but can also be hard to set up and manage.

Lastly, Lattice-Based Access Control (LBAC) works by ranking access in levels. A person can only access things that match their level or are below it. This model is good for places that deal with sensitive or classified information.

Each of these models has its pros and cons. The best one depends on the kind of work your organization does and how much control you need over who gets access to what. Choosing the right model helps keep systems safe while making sure the right people can get the information they need.


Devasia, A. (2024, March 28). 5 types of Access Control Models & Methods explained. Safe and Sound Security. https://getsafeandsound.com/blog/access-control-models/

Comments

Post a Comment

Popular posts from this blog

Week 5 - Can the Cloud Keep Up

The Internet of Things (IoT) is exploding, connecting everything from smart home devices to industrial machines. This rapid growth creates huge amounts of data that need to be processed, stored, and managed efficiently. Many experts believe the cloud will play a key role in handling this flood of information. Cloud computing offers flexible resources and scalable infrastructure that can adjust to the growing number of IoT devices. However, there are challenges to overcome. For example, IoT devices often generate real-time data that needs quick processing, which can be difficult when relying on distant cloud servers. This has led to the rise of “edge computing,” where data is processed closer to the devices themselves to reduce delays. Security and privacy are also major concerns. As more devices connect to the cloud, protecting data from cyberattacks becomes critical. The cloud must evolve to offer stronger security measures to keep IoT data safe. In the future, a combination of clo...
Read more

Week 8 - Relational Database

A relational database is a system used to store and organize information in a structured way. Instead of keeping everything in one long file, it separates information into tables. These tables work a lot like spreadsheets, with columns that describe the type of data, such as a name or a date, and rows that contain the actual data. What makes relational databases special is that the tables can be connected, or related, to each other. For example, one table might hold customer information, while another stores their orders, and the database links those pieces together. This approach was first introduced in 1970 by E. F. Codd, a researcher at IBM. Before that, information was often kept in flat files, which made it hard to find specific details or make connections between different pieces of data. Codd’s idea completely changed how businesses manage large amounts of information. To interact with a relational database, people use a language called SQL, or Structured Query Language. It al...
Read more