In the computer industry, access control refers to managing the ability for people to access computers and computer resources. Access control should enhance security without hindering someone from performing his or her job in the organization. There are three different types of access control models: mandatory access control, discretionary access control and non-discretionary access control. Discretionary access control is based on a user's access needs. A system administrator provides access to an object based on a user's need and the user then has the discretion as to whether to pass on this access to other user's or not. Mandatory access control is more restrictive and is normally used in military systems. With mandatory access, all objects and users in the system are assigned a label. A user can only access an object based on the permissions of the label assigned to him/her. Non-discretionary access control is based on roles. Privileges are granted based on a user's role.
Read Entire Paper
E-Mail Link
Your IP address will be sent with this e-mail
