Computer security and control pdf

0
3

A computer security model is a scheme for specifying and enforcing security policies. A security model may be founded upon computer security and control pdf formal model of access rights, a model of computation, a model of distributed computing, or no particular theoretical grounding at all. A computer security model is implemented through a computer security policy. For a more complete list of available articles on specific security models, see Category:Computer security models.


Gold Edition, Wiley Publishing, Inc. This page was last edited on 16 November 2017, at 09:25.

By using this site, you agree to the Terms of Use and Privacy Policy. In computer security, general access control includes identification, authorization, authentication, access approval, and audit. A more narrow definition of access control would cover only access approval, whereby the system makes a decision to grant or reject an access request from an already authenticated subject, based on what the subject is authorized to access. Authentication and access control are often combined into a single operation, so that access is approved based on successful authentication, or based on an anonymous access token.

Authentication methods and tokens include passwords, biometric scans, physical keys, electronic keys and devices, hidden paths, social barriers, and monitoring by humans and automated systems. Different ACL systems have a variety of different conventions regarding who or what is responsible for editing the list and how it is edited. Authorization involves the act of defining access-rights for subjects.

An authorization policy specifies the operations that subjects are allowed to execute within a system. If the file is a program, the subject can cause the program to be run. In Unix-style systems, the “execute” permission doubles as a “traverse directory” permission when granted for a directory. A process assumes that there was an initial validation of the identity, commonly called identity proofing.