Access Control and Policies - Assignment Example

Access Controls and Policies Access Controls and Policies Access control involves the mediation of whether certain data and resources can be attained by persons. The request to attain this data and resources requires that information about an individual be disclosed. There are regulations that permit the attainment of data and resources through software, and security policies. Corporations try to protect their clients through these policies, hence; existence of policies on a large scale network (Benantar, 2005).

This paper will review advantages and disadvantages of the access control models present. It will examine how policies in corporations maintain their business activities without running too many risks. Advantages and disadvantages of the access controls One advantage of the Access Control Lists (ACLs) is the protection it offers users of a system. The Mandatory Access Control (MAC), for example, is a policy that is mandatory in every system present. It requires that users are offered access based on mandated guidelines.

The Role Based Access Control (RBAC) controls access depending on the role played by system users (Kuhn, 2003). The advantage brought on by such access controls helps determine who is to access data, regulate what they might, or might not do. The ACLs provide an exceptional method of accessing data and resources. Disadvantages brought on by the use of ACLs are immense. One of them includes the difficulty involved in maintaining the ACLs in an environment where there is a large number of users.

They are also error-prone and do not offer assurance on the protection of confidential information. This is once there is a need to change, or delete ACLs on individual files. These challenges make it particularly hard for system users to trust ACLs entirely (Bertino & Ghinita, 2011).Topic 1 The organization of information resources would be in such a manner that there is one system to access. The use of the RBAC is crucial in the arrangement of such information. It is an exceptional tool to use since it will recognize internal and external users of that system.

People, therefore, can carry out their responsibilities without too much struggle. They would be assigned unique codes that grant them access to the system (Gofman, 2008).Topic 2 Discretionary policies in any system create the possibility of what one can access, and how they can use that information. If there is any threat of damage of data, there are software systems created to raise an alarm. The Biba Integrity Model is a security system that ensures problems associated with damaging of information are dealt with accordingly.

The protection of information is crucial to any system and its users, and this model can help in getting individuals the information they need (Gowadia, 2007).Topic 3 To ensure that information in a system is accurate, there is the use of models such as the Bell-Lapadula Model. This model is used in many areas in the world today, such as the military. Its main use is to regulate the flow of information to would-be users of information and data (Kelley & Campagna, 2009). This security model should be made known worldwide to ensure the prevention of tampering with information in systems.

ReferencesBenantar, M. (2005). Access control systems: Security, identity, management and trust models. Oxford: Oxford University Press.Bertino, E., & Ghinita, G. (2011). Access control for databases: Concepts and systems. Oxford: Hart Publishing.Gofman, M. I. (2008). Efficient policy analysis for administrative role based access control. New York: PULP.Gowadia, V. (2007). Policy models for compliance checking and XML access control. Cambridge: Cambridge University Press.Kelley, J., & Campagna, R. (2009). Network access control for dummies.

New York: Free Press.Kuhn, R. D. (2003). Role-based access control. New York: Cambridge University Press.