CISSP Introduction Module

CISSP Module 01

CISSP Module 02

CISSP Module 03

CISSP Module 04

CISSP Module 05

CISSP Module 06

CISSP Module 07

CISSP Module 08

CISSP Module 09

Part 09 – Access Control Methods

Invite Friends
Facebook Twitter Google+ LinkedIn Email
Description
Virtual Practice Lab
Practice Test
Resources
Part 09 – Access Control Methods

In previous sections we covered the various types of access control models. In this one, we discuss the main types of access control methods.

The first method discussed, and one which has been touched on in previous sections, is rule-based access control. This consists of technologies to control what a subject can do on an object. It uses specific rules and logic derived from those rules to determine what actions can be taken by users. Examples of this in action are the various levels of firewalls.

We next discuss constrained user interfaces and the concepts around them. The goal is to keep users out of the interior (secure) portion of the system. This is enforced by frontend interfaces. An example is the console of an ATM that prevents customers from accessing maintenance mode.

The next access control method we look at is content dependent access controls. This method determines access based on the type of data being considered. Email filters set to look for security triggers such as SSN, etc. are an example.

Finally, we discuss context dependent access control. This method focuses on not what, but how access is requested. Accounting department employees may access all accounting-related files, but restrictions regarding from where (remotely) and when (after 7pm) might be enforced.

Watch the Course Intro Video
Learn on the go.
The app designed for the modern cyber security professional.
Get it on Google PlayGet it on the App Store
Practice Labs and Exam Vouchers

Congratulations! You're taking the first step to getting certified. Get some hands on experience with available practice labs OR save some money, support Cybrary, and purchase discounted exam vouchers. Ready to earn your next industry certification? Join cyber security's largest community and start learning today.

JOIN CYBRARY

Upcoming Industry Events

Our Revolution

We believe Cyber Security training should be free, for everyone, FOREVER. Everyone, everywhere, deserves the OPPORTUNITY to learn, begin and grow a career in this fascinating field. Therefore, Cybrary is a free community where people, companies and training come together to give everyone the ability to collaborate in an open source way that is revolutionizing the cyber security educational experience.

Cybrary On The Go

Get the Cybrary app for Android for online and offline viewing of our lessons.

Get it on Google Play
 

Support Cybrary

Donate Here to Get This Month's Donor Badge

 

Cybrary|0P3N

Are You Scared of Fileless Ransomware?
Views: 1280 / July 22, 2017
Analiz: Petya Ransomware!
Views: 1612 / July 21, 2017
Cookies and Sessions
Views: 1432 / July 21, 2017
UNM4SK3D: Ethereum, CIA, and IoT
Views: 1188 / July 21, 2017
Skip to toolbar
Cybrary works best if you switch to our Android-friendly app
Continue

We recommend always using caution when following any link

Are you sure you want to continue?

Continue
Cancel