It 244 Access Control Policy Appendix F

Topics: Access control, Authentication, Virtual private network Pages: 4 (838 words) Published: July 7, 2012
Associate Level Material
Appendix F

Access Control Policy

Student Name: Patricia Manter

University of Phoenix

IT/244 Intro to IT Security

Instructor’s Name: Kevin Swinson

Date: June 24, 2012

Access Control Policy

Due in Week Seven: Outline the Access Control Policy. Describe how access control methodologies work to secure information systems

1 Authentication

Describe how and why authentication credentials are used to identify and control access to files, screens, and systems. Include a discussion of the principles of authentication such as passwords, multifactor authentication, biometrics, and single-sign-on.

Authentication is a crucial step in setting up and maintaining access control of the computer system. Security relies on the prevention and detection of unauthorized activity on the system. Authentication credentials will control access to the data and shared resources of the computer system and network.

Principles of Authentication

• Multifactor Authentication – This method of authorization requires the user to provide more than one factor to log in. This is more secure than single factor authorizations, such as only requiring a password. For example, with multifactor authentication a user would need to provide another means of authentication in addition to a password.

• Biometrics – Considered the most secure way to authenticate users, biometrics utilizes the biological factors of a user. Examples include retinal eye scan and fingerprints.

• Single-sign-on – Also referred to as SSO, the ability for a user to only be authenticated once to be provided authorization. Once authorized, they may access multiple services.

2 Access control strategy

1 Discretionary access control

Describe how and why discretionary access control will be used. Include an explanation of how the principle of least privilege applies to assure...

References: Cite all your references by adding the pertinent information to this section by following this example., Access Control, retrieved June 24, 2012 from
Techotopia, Mandatory, Discretionary, Role and Rule Based Access Control, retrieved June 23, 2012 from
Tech-Faq, Routing and Remote Access Service, retrieved June 23, 2012 from
Continue Reading

Please join StudyMode to read the full document

You May Also Find These Documents Helpful

  • Essay about Access Control Policy
  • Access Control Policy Essay
  • It 244 Appendix F Essay
  • Access Control Policy Essay
  • remote access control policy Essay
  • lab 8 Access Controls Essay
  • Access Control Policy Essay
  • It 244 Appendix F Essay

Become a StudyMode Member

Sign Up - It's Free