More

    An Insight Into Access Control Models

    To decide on user access, there are currently several access control models to choose from in information security. Outlined below are the four most popular models of access control.

    1: Discretionary Access Control (DAC)

    Discretionary control of access enables a file or system owner to control, grant, or limit the rights of others. Consider when you create a spreadsheet on Google Drive for Google Sheets, for example. As the file owner, you can opt to provide access to particular individuals for either viewing, reading, or altering the text. One can also set it so that the document can be viewed or opened by the public, or someone with a link can access it.

    DACs, commonly used for operating systems, depend on access control lists (ACLs). These lists usually specify individuals (or groups of people) along with their access authorization levels. Discretionary access controls are less restrictive and much more flexible compared to the next type of access control that we’re going to talk about. However, they are also the least protected mechanism because access control is left up to the file or system owner. Of the different access control models that we will discuss here, DACs are the least restrictive and are commonly used.

    2: Mandatory Access Control (MAC)

    Mandatory access control is non-discretionary, unlike DAC, and is based on the decisions of a central authority, such as a security administrator. The file owners and users themselves have little or no influence about who is able to access their files.

    MAC relies on labels (such as confidential, classified, top-secret, etc.) and clearances in order to connect those facilities or access levels with users. Documents receive labels that specify the levels of clearance you need to access, change, or reveal them.

    An administrator can set certain access levels for individuals and groups of users, which the users themselves cannot modify. This access control model is the most rigorous.

    3: Role-Based Access Control (RBAC)

    As you can probably infer from the term, user-role based access permissions are offered by role-based access control. The ‘role is the function performed by an employee. Users can have one or more roles, and one or more permissions may be delegated as a result. Doing this helps users with those roles to access the data they need to do their jobs without giving them access to the information they do not need. RBAC is a broader form of access control.

    4: Attribute-Based Access Control (ABAC)

    The next type of access control model is attribute based access control (ABAC). This is a reference to the spectrum of logical access control, from simple access control lists to more competent role-based access, and finally to a highly flexible access provision approach based on attribute assessment.

    ABAC enables one to relate the types of data that can be used under specific conditions to individuals or entities. To build more flexible granular policies, it advocates the use of Boolean logic.

    Attributes can be relevant features or specifications that are applied to either subjects (subject attributes) or objects (object attributes). Such examples of attributes are the levels of management, employee IDs, organizational functions.

    The latest data protection solutions enable organizations to use a hybrid RBAC-ABAC approach to monitor and manage access efficiently. Apart from ensuring comprehensive data security, these solutions enable enterprises to adhere to mandatory data privacy guidelines.

    Recent Articles

    Identity and Access Management: Some Challenges

    In today's digital age, there are more apps that are cloud-based, more resources, more devices, and more users. 94 percent of Chief...

    Insider Threats: Some Ways Of Detection and Prevention

    The leading cause of data breaches worldwide is insider attacks, and it is also among the most expensive. As per a recent...

    Strategies To Deal With Identity Management Oversights

    In today's digital age, the foundations of companies' cybersecurity are focused on 'identity.' In fact, the new digital perimeter is identity. Businesses...

    Tips To Prevent Business Risks in SAP Transactions With Access Control

    Since SAP's controls that are harnessed by fraudsters have certain crucial vulnerabilities, SAP transactions could be a fertile ground for data theft...

    Tips To Enable Easy Access To ERP Applications

    In this digital era, enabling mobile access to ERP data is one of the main priorities for many enterprises. And it has...

    Related Stories

    Leave A Reply

    Please enter your comment!
    Please enter your name here

    Stay on op - Ge the daily news in your inbox