Accesscontrol-W6
Assignment Requirements
Read the worksheet named “Multilayer User Access Control” and address the following:
Using what you have learned about building a multilayer access control system, identify what implementation method(s) can be used and how each method benefits multilayered access control.
Please complete the table attached in the document
Requirements:
1. Two peer replies (100-150 words each)
2. No plagarism
3. Apa FORMAT and add the references
4. Cite the reference properly
|
Multilayer User Access Control |
Implementing multiple layers in security is providing a defense-in-depth mechanism and therefore stronger protection for the network and users. Multiple layers provide multiple road blocks for a user and attacker. Having multiple controls in place before something can be accessed may be tiresome for a user; however, the goal is to have the same effect on an attacker. If an attacker is able to find a hole and access a company’s network, additional layers of security might stop the attacker from reaching other systems, applications, or sensitive data.
In this exercise, you will learn about creating layers within the network.
Complete the table:
Access Control Method
Implementation Method(s)
How It Benefits Multilayered
Access Control
User Access Control Profiles
Systems Access
Applications Access
File and Folder Access
Data Access
© 2014 by Jones & Bartlett Learning, LLC, an Ascend Learning Company. All rights reserved.
www.jblearning.com Page 1
1 day ago
Naga Venkata Durga Dilip Teja Atmuri
Week – 6 Discussion
COLLAPSE
Top of Form
Multilayer User
Access
Control
There are various implementation methods that work best in incorporating the multilayer access control in an organization. The implementation of different access control methods is as follows:
User Access Control
Profiles
The role based access control is an implementation method that would work for user access control profiles where it determines what accesses that are allowed and those denied. Role based method is significant in a manner that it offers more control of infrastructure and it targets a large group of people that handle similar tasks and it helps in preventing single user within a role from having more rights and privileges (Chapple et al., 2014) than others. The approach saves time by making all controls are attached to a given role. It is a benefit to multilayered access control implementation because it allows addition or removal access control in a role based on users’ job risk.
System Access
There is the need to design a system that meets the needs of the users but does not offer more access rights to systems that what is needed. The system access is implemented by installation of software that makes the system secure from unauthorized access by limiting chances of Trojan horses and malware that is installed (Chapple et al., 2014). The policies that are implemented for the software that is installed includes enforcement of additional policies automatically and the use of trusted publishers as a reference point on their codes whether to allow or deny access. The benefit of the method in multilayered access control system is the limit to access to the greater system.
Application Access
In an organization employee can have a limited or full access to applications that access data. The application is placed with direct controls that include limiting execution where once launched only specific users are allowed to access. There is the aspect of read-only for some of the users where the changes may be limited to the administrator alone (Chapple et al., 2014). The access security provides an additional security to multilayered access control system.
File and Folder Access
The implementation of this method is achieved by assigning controls to files and folders which is ranked as another layer of multilayered access control system. The limit on the read and write makes sure that information in files are not altered by unauthorized individuals. The privileges of access should be limited where the administrators should play the role of assigning privileges (Chapple et al., 2014). It plays an important role in protecting files in case other controls are penetrated.
Data Access
The Microsoft SQL Server is an example of implementation method that makes sure that data access is limited to a given person because alteration makes data unreliable and integrity is affected.
References
Chapple, M., Ballad, B., Ballad, T., & Banks, E. (2014). Access control, authentication, and public key infrastructure. Jones & Bartlett Learning.
3 days ago
Anvesh Sree Perumbuduri
week 6 Discussion
COLLAPSE
Top of Form
Stable, customizable resource control is available using a computer-based framework. The policy jargon can be understood by humans as well as computers. When laws are written in this language, they are translated into filters inside the different subsystems and components. To enter a network, a person must have a username and password to be approved by an access management scheme that gathers specific details about him. We use the user ID to retrieve a series of abstract policies. The policies that and found and restored are aligned with the user, and the classes to which the consumer belongs. From the obtained network rules, a series of rules are created and extended to multiple layers of the device (Rezakhani, Shirazi & Modiri, 2018).
Access control
Method
Implementation method(s)
How it benefits multilayered
Access control
User access control
Profiles
Regulation of access based on laws
By default, the administrator can specify a set of access rules for the device, but these may be overridden if a task is desired.
Systems access
Validation
The purpose of authentication is to recognize what features the consumer has installed and what certain features are being used to maintain safe access (Voitovych, Kupershtein, Lukichov & Mikityuk, 2018).
Applications access
Access management dependent on permissions
To verify that a user is authenticated, the access control device will perform the following operations: determine the username and password they have used, look up their credentials in a database, and check if they are valid or not, and log them in if they are, in.
File and folder
Access
Developing a plan for access management
The major duty of management is ensuring the structure and availability of consumer documents and information, while at the same time minimizing intrusion into personal privacy.
Data access
Regulation of electronic access
The use of servers and data rooms with expanded electronic controls if you are required to get an authentication credential to access to log into networks and workstations, it’s much more necessary to keep secure data secure.
References
Rezakhani, A., Shirazi, H., & Modiri, N. (2018). A novel multilayer AAA model for integrated applications. Neural Computing and Applications, 29(10), 887-901.
Voitovych, O., Kupershtein, L., Lukichov, V., & Mikityuk, I. (2018, October). Multilayer Access for Database Protection. In 2018 International Scientific-Practical Conference Problems of Infocommunications. Science and Technology (PIC S&T) (pp. 474-478). IEEE.
Bottom of Form
Bottom of Form