Systems-Specific Policy (SysSP)
SysSPs are codified as standards and procedures which are used when configuring or maintaining systems. Systems specific policies fall into 2 groups:-
•Access Control Lists (ACLs) is a list of access rights which is used to determine who may access an object which it controls.
•Configuration rules is a specific codes entered into security systems to guide exection
The Microsoft Windows and Novell Netware 5.x/6.x families translate ACLs into configurations which are used to control access. ACLs allow configuration to restrict access from anyone.
An access control list is the list of permissions which is attached to an object. The list specifies who or what is allowed to access object and what operations are allowed to be performed on object.
Access Control List (ACL)
- Include user access lists, matrices, and capability tables which govern rights and privileges
- Can control access to file storage systems, object brokers or other network communications devices
-ACLs enable administrations to restrict access in accordance to user, computer, time, duration, etc.
-Capability Table: similar method which specifies which subjects and objects users or groups can access
-Specifications are frequently complex matrices, instead of simple lists or tables
Rule policies are specific to operation of a system than ACLs. Several security systems require specific configuration scripts telling systems what actions to perform on each set of information which they process.
Configuration rules
-Specific configuration codes entered into security systems to guide execution of system when the information is passing through it
-Rule based policies are more specific to system operation than ACLs and can or cannot deal with users directly
-A number of security systems require specific configuration scripts telling systems what actions to perform on each set of information processed