Uses public key cryptography for the distribution of secret keys.

Uses a ticket for authorization which is called a Privilege Attribute Certificate.

Is vulnerable to password guessing.

Thin Clients: Dump terminals authenticating to a server.

Access Control Models: Is a framework that dictates how subjects access objects.

DAC(Discretionary Access Control): Enables the owner of the resource to specify what subjects can access specific resources. Access is restricted based on the authorization granted to the users. The most common implementation of DAC is through ACL’s

MAC (Mandatory Access Control): Users are given a security clearance and data is classified. The classification is stored in the security labels of the resources. When the system makes a decision about fulfilling a request to access an object, it is based on the clearance of the subject and the classification of the object. The model is used in environments where information classification and confidentiality is of utmost importance.

Sensitivity labels: When MAC is used every subject and object must have a sensitivity label. It contains classification and different categories. The classification indicates the sensitivity level and the categories indicate which objects take on the classification.

RBAC (Role-based access control): Also called nondiscretionary access control. Uses a centrally administrated set of controls to determine how subjects and objects interact. Allows access to resources based on the role the user holds within the company.

RBAC models can use:

• Role-based access: Determined by the role the user has within the company.


• Task-based access: Determined by the task assigned to this user.


• Lattice-based access: Determined by the sensitivity level assigned to the role.

Techniques and technologies available to support different access control models.

Role-Based Access Control: Based on the tasks and responsibilities that individuals need to accomplish to fulfil the obligations of their positions in the company.

RBAC can be used with:

• DAC: administrators can develop roles and owners can decide if these roles can have access to their resources.


• MAC: roles can be developed and sensitivity labels assigned to those roles indicating its security level.

Three types of restricted interfaces:

• Menus and shells: Users are only given the options of the commands they can execute.


• Database views: Are mechanisms used for restricting user access to data that is contained in databases.


• Physically constrained interfaces: Can be implemented by only providing certain keys on a keypad or touch buttons on a screen.

Access Control Matrix: Is a table of subjects and objects indicating what actions individual subjects can take upon individual objects.

Is usually an attribute of DAC models and the access rights can be assigned directly to the subjects (capabilities) or to the objects (ACLs).

Capability Tables: Specifies the access rights a certain subject possesses pertaining to specific objects. The subject is bound to the capability table. Is used in Kerberos.

Access Control Lists: They are lists of subjects that are authorized to access a specific object and they define what level of authorization is granted. Authorization can be specified to an individual, role or group.

Content-Dependent Access Control: Access to objects is determined by the content within the object.

Centralized: One entity (department or individual) is responsible for granting all users access to resources. Provides a consistent and uniform method of controlling users’ access rights. Examples of centralised access control technologies:

• Radius (Remote Authentication Dial-in User Service): Is an authentication protocol that authenticates and authorizes users usually dial-up users.


• TACACS (Terminal Access Controller Access Control System): Is a client/server protocol that provides the same type of functionality as Radius.

• TACACS: Combines authentication and authorization.


• XTACACS: Separates authentication, authorization and accounting processes.


• TACACS+: Separates authentication, authorization and accounting processes, with extended two-factor user authentication.

Security Domain: Can be described as a realm of trust. All subjects and objects share common security policies, procedures and rules and they are managed by the same management system. Each security domain is different because different policies and management govern it. Can be implemented in hierarchical structures and relationships. Are used within operating systems and applications to ensure that rogue activities do not accidentally damage important system files or processes. Protection of security level is done through segmenting memory spaces and addresses. A security domain can also be described as the resources available to a user.

Hybrid: Is a combination of the centralized and decentralized access control administration methods.

Administrative Controls

Policy and Procedures: Is a high level plan stating management’s intent pertaining to how security should be practiced within an organization, what actions are acceptable and what level of risk the company is willing to accept. Senior management will decide if DAC, MAC or RBAC access methodology should be used and if it should be administered via centralization or decentralization.

Personal Controls: Indicate how employees are expected to interact with security mechanisms and noncompliance issues pertaining to these expectations.

• Separation of duties: Not one individual can carry out a critical task alone that could prove to be detrimental to the company.


• Collision: More than one person would need to commit fraud and this effort would need to happen in a concerted effort.


• Rotation of duties: People need to know how to fulfil the obligations of more than one position.


• Supervisory Structure: Each employee has a superior to report to and that superior in return is responsible for that employee’s actions.


• Security Awareness Training: People are usually the weakest link and cause the most security breaches and compromises.


• Testing: All security controls and mechanisms need to be tested on a periodic basis to ensure they properly support the security policy, goals and objectives set for them.

Physical Controls

• Network Segregation: Can be carried out through physical and logical means.


• Perimeter Security: Mechanisms that provide physical access control by providing protection for individuals, facilities and the components within facilities.


• Computer Control: Physical controls installed and configured.


• Work Area Separation: Controls that are used to support access control and the overall security policy of the company.


• Data Backups: Ensure access to information in case of an emergency or a disruption of the network or a system.


• Cabling: All cables need to be routed throughout the facility in a manner that is not in people’s way or that could be exposed to any danger of being cut, burnt, crimped or eavesdropped upon.

Logical Controls:

• System Access: A technical control that can enforce access control objectives.


• Network Architecture: Can be constructed and enforced through several logical controls to provide segregation and protection of an environment. Can be segregated physically and logically.


• Network Access: Access to different network segments should be granular in nature. Routers and switches can be used to ensure that only certain types of traffic get through to each segment.


• Encryption and protocols: Works as technical controls to protect information as it passes throughout a network and resides on computers.


• Control Zone: Is a specific area that surrounds and protects network devices that emit electrical signals.


• Auditing: Technical controls that track activity within a network, on a network device or on a specific computer.

About the author