Access Controls

In: Computers and Technology

Submitted By bhunter2380
Words 291
Pages 2
Exercise 3: Access Controls

Scenarios:
1. Shovels and Shingles is a small construction company consisting of 12 computers that have Internet access.
For this scenario, I would implement Software controls. With software controls you can determine who has the appropriate permissions to access the 12 computers.

2. Top Ads is a small advertising company consisting of 12 computers that have Internet Access. All employees communicate using smart phones.
I would again implement Software controls. With software controls you can determine who has the appropriate permissions to access the 12 computers as well as the smartphones that will be used.

3. NetSecIT is a multinational IT services company consisting of 120,000 computers that have Internet access and 45,000 servers. All employees communicate smartphones and email. Many employees work from home and travel extensively.
Software controls for computers and smartphones, but I would also apply Logical/technical controls to provent human error for when employees work from home. Also Physical controls to protect the room the servers will be placed in.

4. Backordered Parts is a defense contractor that builds communications parts for the military. All employees communicate using smartphones and email.
I would apply Physical controls to protect the parts as well as Software controls for the smartphone and email use.

5. Confidential Services Inc. is a military-support branch consisting of 14,000,000 computers with Internet access and 250,000 servers. All employees must have security clearances, and they communicate mainly using BlackBerry devices and email.
For this scenario I implemented Administrative controls to assign security clearances to the appropriate employees. Logical/technical controls as well as Software for the BlackBerry and computer use. I would also apply Physical controls to…...

Similar Documents

Access Control

...In computer security, access control includes authentication, authorization and accountability. In access control models, the human users or software which execute actions are defined as subjects; while the resources or whatever which are intended to be protected from illegal access are designated objects. Authentication is the process of verifying the credential provider claiming who he or she is. Before a subject open an account in online retailers or financial service firms, there is an initial step knew as identity proofing. That is, the subject must provide enough information to assert who you are. Right now there are three kinds of identity proofing , from simple to complex but with security assurance ascending. They are showed as follow: 1. Classic knowledge-based authentication (KBA), such as simple questions of “what is your favorite fruit”, which is easy to guess and the same to fraud. 2. Dynamic KBA. Instead of raise up questions predefined by the subject, the system generates questions on the fly based on the information in a subject’s personal aggregated data file from public records. To initiate the dynamic KBA, basic identification factors, such as name, address and date of birth must be provided by the subject. 3. Out-of-band proofing, which verify identity through other means such as SMS or a phone call rather than web channel. The credential used to identify the subject includes: 1. Something the subject knows, such as Personal Information Number...

Words: 524 - Pages: 3

Access Control

...3 in a Series If you’d like to implement Network Access Control, no matter what architecture you select, you definitely want to start by building a small interoperability lab. In this white paper, we’ll give you some advice on what to think about before you get started, and outline what resources you’ll need to have in place in order to begin testing. Any NAC deployment must start by answering three critical questions: 1) What is my access control policy? 2) What are the access methods (such as LAN, wireless, or VPN) I want to protect? 3) How will this integrate with my existing infrastructure? Once you answer these questions, you can begin to gather test lab resources, such as servers (for policy definition points), laptops or desktops (for network access requestors), and switches, access points, and VPN servers (for policy enforcement points). Getting Started with Network Access Control What is my access control policy? NAC is a generic concept that deals with defining access controls based on user authentication, end-point security assessment, and network environmental information. That’s too big for most network managers to bite off in a single chunk, so many NAC deployments hone in on a subset of these goals and expand over time. You’d be wise to do the same---trying to do too much too early in the lifecycle of this emerging group of products will lead to undue frustration and unnecessary complexity. To start, you should define a simple network access control...

Words: 1611 - Pages: 7

Access Control Policy

...Associate Level Material Appendix F Access Control Policy Student Name: Christopher Waller University of Phoenix IT/244 Intro to IT Security Instructor’s Name: Romel Llarena Date: May 13, 2012 Access Control Policy Due in Week Seven: Outline the Access Control Policy. Describe how access control methodologies work to secure information systems 1 Authentication Describe how and why authentication credentials are used to identify and control access to files, screens, and systems. Include a discussion of the principles of authentication such as passwords, multifactor authentication, biometrics, and single-sign-on. Authentication credentials really help control access to sensitive data or systems by making it literally to get unauthorized access to them. Passwords and usernames are a good way to start because if you use those rights then these are hard to bypass, but multifactor authentication is a more efficient way for secure access. Triple authentication requires something you have, something you know, and something you are such as a keycard, password and a fingerprint. 2 Access control strategy 1 Discretionary access control Describe how and why discretionary access control will be used. Include an explanation of how the principle of least privilege applies to assure confidentiality. Explain who the information owner is that has the responsibility for the information and has the...

Words: 526 - Pages: 3

Access Control

...Running head: Dormitory Access Control Case Study: Dormitory Access Control Elizabeth Koch CIS 210 Dr Lopez Abstract As a member of the Information Security team at a small college, you have been made the project manager to install an access control system (ACS) in a dormitory. The ACS will automatically unlock the dormitory doors via an electronic proximity reader and integrate with an existing security camera system.  The cameras are designed to face and rotate to record a person as they use their identification card to unlock the door.  Create a 3-4 page project plan for this project in which you: Project Scope Statement The Information Security team at Small University has been given the project to install an access control system (ACS) from Dynamics Security in a dormitory. The ACS will automatically unlock the doors via an electronic proximity reader and integrate with an existing security camera system. The existing cameras are designed to face and rotate to record a person as they use their identification card to unlock the doors. For this reason, the system will be designed in a way that the user will have three chances to unlock the door, if the user fails to unlock the door on the third attempt, then the alarm will go off. The ACS will also be designed to allow the security administrator to make changed for the ACS operations. These changes will be the camera positions, setting the alarm time, and setting the time the dormitory doors will lock...

Words: 755 - Pages: 4

Access Control Models

...Fundamentals of Information System Security November 18, 2012 Controlling access to resources is one of the most important protection goals for Web-based services in practice. In general, access control requires identification of subjects that intend to use resources. Today, there are several identification mechanisms for subjects, providing different security levels. However, some of them are only suitable to be used in specific environments. In this paper we consider access control to Web-based services that also depends on the strength of identification mechanisms as a context-dependent parameter. Furthermore, we show how to model this context-dependent access control by using role-based concepts. One can argue that anti-virus software is a content-based access control system - as it allows access only to files that do not contain viruses. Resource attributes may also be viewed as part of its content - though usually they are not regarded as part of it. For example, each file in an operating system of the Windows™ family has a "Read Only" attribute. “Write” access to such a file is denied regardless of what the permissions for this file are, if the flag is On. If the attribute is considered to be part of the file, then this would in theory be a content-dependent access control system, but it's not considered as such. Content Dependent Access Control involves a lot of overhead resulting from the need to scan the resource when access is to be determined (in......

Words: 281 - Pages: 2

Access Control

...ACCESS CONTROL SYSTEM BY name SYSTEM ANALYSIS AND DESIGN – CIS210 Professor Ntinglet-Davis, Ed. D. Case Study 1 30 October, 2012 The purpose of this paper is to discuss installing an access control system (ACS) in a dormitory. The ACS will automatically unlock the dormitory doors via an electronic proximity reader and integrate with an existing security camera system.  The cameras are designed to face and rotate to record a person as they use their identification card to unlock the door. Project Title: Install Access Control System in Hall of TC CARRINGTON dormitory Project Justification: To increase the security and integrity of dormitory access at Southern Maryland Community College, one dormitory has been set up as a test site for the newly access control system (ACS). According to Germain (2011), an “access control system allows you to monitor when people enter and exit access control systems help to keep unauthorized people out, while providing flawless access to those who are authorized to be there” (para. 1). Project Scope: Install entry access system to dormitory using current security system. Project Deliverables: Scope Statement: The purpose of this project is to install an ACS in the Hall of TC CARRINGTON dormitory on the campus of Southern Maryland Community College located at 1010 Anywhere Ln, Waldorf MD, 20000. The ACS will automatically unlock the dormitory doors via an electronic proximity reader. The electronic proximity...

Words: 523 - Pages: 3

Access Control

... terms of the Soviet Model of economic development. Founders of Socialism Founders of socialism were early socialist thinkers who included Karl Marx, Clara Zetkin, And the co-leaders of the Russian Revolution, V.I. Lenin and Leon Trotsky. All these Pioneers identified the most downtrodden as the engine of change. Karl Heinrich Marx (5 May 1818 – 14 March 1883) was a Prussian-German philosopher And revolutionary socialist. His ideas played a significant role in the establishment of The social sciences and the development of the socialist movement. Marx’s work in Economics laid the basis for our understanding of labor and its relation to capital, and Has influenced much of subsequent economic thought. Marx’s theories about society, economics and politics-collectively known as Marxism- Hold that human societies progress through class struggle: a conflict between an ownership Class that controls production and a proletariat that provides the labour for production. He call capitalism the “dictator of the bourgeoisie”. Believing it to be run by the wealthy classes for their own benefit and he predicted that like previous socioeconomic systems, capitalism produced internal tensions which would lead to its self-destruction And replacement by a new system: Socialism. Vladimir IIlyich Lenin (22 April 1870 – 21 January 1924) was a Russian communist revolutionary politician and political theorist. He served as the leader of the Russian SFSR from 1917...

Words: 733 - Pages: 3

Access Control

...Cover Page Scope The scope of this project is to create an access control system for entry into a dormitory. This will include analysis and design, which involves the creation of various design documents. Following this, the system will be developed. In this stage, any development requirements will be completed. This may involve the development of a database system or modification of a commercial off the shelf system. During the integration phase, the physical installation of the system will occur. This is followed by testing. Once testing has been completed, the major project scope ends and the project enters into a maintenance phase. Major Tasks There will be five major tasks in this project, including: 1. Analysis and Design a. Design Documentation i. With this task, documentation is written up to describe the work that needs to be completed. This documentation is reviewed by all stake holders to ensure that the requirements are have been accurately conveyed and understood. b. Design Models i. With this task, flow charts and/or use case are created to describe the functionality. These documents are of particular importance to members of the project team, as they provide a model for the actual system 2. Development a. Database i. Depending on the results of the analysis and design task, either a custom or a commercial off the shelf system will be used. This system will require development or customizations to meet specific needs. b...

Words: 479 - Pages: 2

Access Control Simulation

...Ground Level Upon entry the door was locked and a key card was required for this single point of entry. There were security cameras outside of the building. There was a dumpster outside that was not secured, which could allow anyone access to sensitive information. Locking the dumpster or placing it in a secured location would mitigate this risk. The receptionist did not ask me to verify my identity. The receptionist should be required to verify the identity of everyone entering building to prevent a person from entering the building that isn’t authorized. There was a security room with security personnel viewing the monitors. Office 1-1 had a post it note taped to computer monitor with names that could be passwords. Increased password security should be implemented to reduce the risk of someone hacking into a system. Both office 1-1 and 1-2 had fingerprint scanners, which increases access control. In office 1-2 there was an unattended paper shredder, which should be secured due to sensitive information. In the hallway there was a security camera and a utility box but the wire cabinet was not locked. As such, anyone can access the hardware inside. A lock should be installed to prevent unauthorized access to the hardware. Also in the hallway there was an Ethernet jack which allowed access to the internet. Controls should be put in place to require security access to logon to the network. Floor 2 Cubicle 2-1 had a pre-approved offsite equipment request...

Words: 720 - Pages: 3

Access Control

...1. Shovels and Shingles is a small construction company consisting of 12 computers that have internet access. DAC works best in this situation because it is a small company with few computers. Computer use would be limited because all work completed is done manually. 2. Top Ads is a small advertising company consisting of 12 computers that have internet access. All employees communicate using smartphones. MAC would work best for this company because of the type of work completed and how employees communicate. All work is completed online and the owner can distribute permissions easily. 3. NetSecIT is a multinational IT services company consisting of 120,000 computers that have internet access and 45,000 servers. All employees communicate using smartphones and e-mail. Nondiscretionary Access Control works best for this company because of the amount of computers, employees, servers and type of work. The security admin is the only person that can handle this large of company. 4. Backordered Parts is a defense contractor that builds communications parts for the military. All employees communicate using smartphones and e-mail. Rule-Based Access is needed for this company because there are many employees with a variety of items sold. The system admin can decide different access levels to each department and user. 5. Confidential Services Inc. is a military-support branch consisting of 14 million computers with internet access and 250K servers. All employees must have......

Words: 311 - Pages: 2

Access Control

...Access controls can be applied in various forms, levels of restriction, and at different places within a computing system. A combination of access controls can provide a system with layered defense-in-depth protection. Instructions: For the scenarios that follow, identify the data that would need to be protected. Recommend how you would implement one or more of the access controls (listed after the scenarios) for the given scenario and justify your recommendation. Scenarios: 1. Shovels and Shingles is a small construction company consisting of 12 computers that have Internet access. 2. Top Ads is a small advertising company consisting of 12 computers that have Internet access. All employees communicate using smartphones. 3. NetSecIT is a multinational IT services company consisting of 120,000 computers that have Internet access and 45,000 servers. All employees communicate using smartphones and e-mail. Many employees work from home and travel extensively. 4. Backordered Parts is a defense contractor that builds communications parts for the military. All employees communicate using smartphones and e-mail. 5. Confidential Services Inc. is a military-support branch consisting of 14,000,000 computers with Internet access and 250,000 servers. All employees must have security clearances, and they communicate mainly using BlackBerry devices and e-mail. Access Controls * Administrative controls: Policies approved by management and passed down to......

Words: 304 - Pages: 2

Access Control Mechanism

...Access control through two-Factor Authentication Access Maintaining data security has become more of a challenge, it is tough to anticipate attacks and prevent all the loopholes in software’s providing security. Verizon in their 2013 Data Breach Investigation Report stated that “Almost 80 percent of the attacks could have been prevented by using something other than single-factor username-password.” Two –factor authentication (2FA) when applied is one the best ways to secure your accounts online. It is basically a system that implements multiple factors for a verification process. This authentication stems from the principle of “Something the user knows” this could be a username, phone number, password or a personal question and “Something the user has” this would include a one-time passcode, key generator or a smart card. The verification process is similar to the process you would experience at an airport ticket counter. Your ticket when presented at the security acts as your identification and your photo id like the state-id or a passport through your photo would verify that it is you. Two-way authentication is a method of overcoming the problems associated with the single authentication process, when used efficiently it provides the following benefits. * Improved security: Since this authentication process is a 2 fold approach it ensures that even if a user’s password is compromised the hacker will be denied access until they provide the correct second...

Words: 799 - Pages: 4

Access Control System

...Case Study #1: "Access Control System" Abstract As the project manager to install an access control system (ACS) in the dormitory of the college, my team will develop a project scope statement that cover all the necessary tasks to completed, along with a timeline to complete all tasks, which the work for each task will be written out. Also, a Gantt chart will be created, that will illustrate the project tasks. Lastly, we will create a system diagram to illustrate all the equipment and connections that are required for this project. Access Control System Project Scope: Install an access control system (ACS) into this small college dormitory. The ACS will automatically unlock the dormitory doors using an electronic proximity reader that has been integrated into the existing security camera system. Conduct a review of the current setup for the camera system installed. Determine the cost/benefit to add facial recognition software to be incorporated with the current security camera system. Locate electronic proximity readers and system software that will adhere to the schools security standards and that will operate with the security camera system installed. Load and configure operating software for the ACS/ Gather all students’ information and personnel authorized building access information into the server, to include current pictures. One system is up, configure the parameters for the system will need to be set, such as...

Words: 990 - Pages: 4

Mandatory Access Control

...In computer security, Discretionary Access Control (DAC) is a type of access control in which a user has complete control over all the programs it owns and executes, and also determines the permissions other users have those those files and programs. Because DAC requires permissions to be assigned to those who need access, DAC is commonly called described as a "need-to-know" access model. In computer security, discretionary access control (DAC) is a type of access control defined by the Trusted Computer System Evaluation Criteria[1] "as a means of restricting access to objects based on the identity of subjects and/or groups to which they belong. The controls are discretionary in the sense that a subject with a certain access permission is capable of passing that permission (perhaps indirectly) on to any other subject (unless restrained by mandatory access control)". Discretionary access control is commonly discussed in contrast to mandatory access control (MAC, sometimes termed non-discretionary access control). Occasionally a system as a whole is said to have "discretionary" or "purely discretionary" access control as a way of saying that the system lacks mandatory access control. On the other hand, systems can be said to implement both MAC and DAC simultaneously, where DAC refers to one category of access controls that subjects can transfer among each other, and MAC refers to a second category of access controls that imposes constraints upon the first. In computer...

Words: 969 - Pages: 4

Network Access Control

...Network Access Control (NAC) is a computer networking solution that uses a set of protocols to define and implement a policy that describes how to secure access to network nodes by devices when they initially attempt to access the network.[citation needed] NAC might integrate the automatic remediation process (fixing non-compliant nodes before allowing access) into the network systems, allowing the network infrastructure such as routers, switches and firewalls to work together with back office servers and end user computing equipment to ensure the information system is operating securely before interoperability is allowed. A basic form of NAC is the 802.1X standard. Network Access Control aims to do exactly what the name implies—control access to a network with policies, including pre-admission endpoint security policy checks and post-admission controls over where users and devices can go on a network and what they can do. In plain English[edit] When a computer connects to a computer network, it is not permitted to access anything unless it complies with a business defined policy; including anti-virus protection level, system update level and configuration. While the computer is being checked by a pre-installed software agent, it can only access resources that can remediate (resolve or update) any issues. Once the policy is met, the computer is able to access network resources and the Internet, within the policies defined within the NAC system. NAC is mainly used......

Words: 298 - Pages: 2