It 244 Access Control Policy Appendix F

Only available on StudyMode
  • Download(s) : 303
  • Published : July 7, 2012
Open Document
Text Preview
Associate Level Material
Appendix F

Access Control Policy

Student Name: Patricia Manter

University of Phoenix

IT/244 Intro to IT Security

Instructor’s Name: Kevin Swinson

Date: June 24, 2012

Access Control Policy

Due in Week Seven: Outline the Access Control Policy. Describe how access control methodologies work to secure information systems

1 Authentication

Describe how and why authentication credentials are used to identify and control access to files, screens, and systems. Include a discussion of the principles of authentication such as passwords, multifactor authentication, biometrics, and single-sign-on.

Authentication is a crucial step in setting up and maintaining access control of the computer system. Security relies on the prevention and detection of unauthorized activity on the system. Authentication credentials will control access to the data and shared resources of the computer system and network.

Principles of Authentication

• Multifactor Authentication – This method of authorization requires the user to provide more than one factor to log in. This is more secure than single factor authorizations, such as only requiring a password. For example, with multifactor authentication a user would need to provide another means of authentication in addition to a password.

• Biometrics – Considered the most secure way to authenticate users, biometrics utilizes the biological factors of a user. Examples include retinal eye scan and fingerprints.

• Single-sign-on – Also referred to as SSO, the ability for a user to only be authenticated once to be provided authorization. Once authorized, they may access multiple services.

2 Access control strategy

1 Discretionary access control

Describe how and why discretionary access control will be used. Include an explanation of how the principle of least privilege applies to assure...
tracking img