Access Controls
Access controls addresses admission of a user into a trusted area of organization. It comprises of a combination of policies & technologies. The ways to control access are as follows
•Mandatory access controls (MAC) – give offers limited control over access to information resources. Lattice based access control: variation of MAC; user’s assigned matrix of authorizations for the areas of access.
•Nondiscretionary controls - managed by a central authority in organization; is based on individual’s role or a specified set of assigned tasks.
•Discretionary access controls (DAC) - implemented at discretion/option of data user.