Access Control
Managing and restricting access to systems and data
Access Control encompasses the security techniques and policies used to regulate who or what can view or use resources in a computing environment.
Key Concepts
- Authentication - Verifying the identity of users, systems, or entities
- Authorization - Determining what authenticated entities are permitted to do
- Accounting - Tracking and logging access and activities
- Least Privilege - Granting minimum necessary access rights
- Separation of Duties - Dividing critical functions among different individuals
Access Control Models
- Discretionary Access Control (DAC) - Owner-controlled permissions
- Mandatory Access Control (MAC) - System-enforced security labels
- Role-Based Access Control (RBAC) - Permissions based on job functions
- Attribute-Based Access Control (ABAC) - Policy-based on multiple attributes
Implementation Areas
- Identity and Access Management (IAM)
- Single Sign-On (SSO) and Federation
- Multi-Factor Authentication (MFA)
- Privileged Access Management (PAM)
- Directory Services (Active Directory, LDAP)
