What Are the 3 Types of Access Control?
Types of Access Control Systems
Security is a key component in modern life and, in business. Therefore, it’s critical to protect organisations and their associates. For example, access to customer data is not something that should be freely available. Furthermore, it’s important to restrict access to this type of data. But how do you ensure that only those who need access to it are granted this availability? The answer lies within the concept of access control. This is a method of authentication and authorisation that allows only those individuals with the correct privileges to access a data source.
The 3 types of access control are:
- Discretionary Access Control (DAC)
- Role Based Access Control (RBAC)
- Mandatory Access Control (MAC)
What is Access Control?
For access control to be successful, it needs to combine authentication and authorisation. Therfore, using only one of these security layers is not enough. For example, authentication, can only be used to prove who someone is. However, it will not indicate their access privileges. Therefore, the key to accessing data securely will be authorisation. It is this element which confirms whether an individual should be granted access. It’s a security technique which is typically administered through these three forms of access control:
Discretionary Access Control (DAC):
This form of access control allows access to an object based on the policies put in place by the object’s owner. Thus, the processes behind these access controls rely on user credentials such as username and password values. A common example of DAC is the Unix file mode; this concept allows users to define the read, write and execute permissions for the object they are accessing. This ties in with the discretionary aspect of DAC as users can transfer object ownership and detail the access available to other users.
Role Based Access Control (RBAC):
It’s important, in security, to restrict system access and RBAC is a perfect mechanism to achieve this. Thus, role based access is used to ensure that access to objects is based on a user’s specific job role. Not only does this protect sensitive data, but it guarantees that employees only have access to data objects related to their job. An example of RBAC would be a company database where a member of the sales team would only have access to the sales options, rather than, for example, the accounting functions.
Mandatory Access Control (MAC):
Some data objects are more sensitive than others. Furthermore, highly sensitive data is best protected by MAC. Thereofre, it’s a category of access control which uses a security label to define an object’s sensitivity. This limits access to the object based upon its sensitivity and requires a user to have the equivalent level of sensitivity privilege to access it. An example of MAC is within the armed forces where object owners are unable to set access privileges to top secret materials, this access can only be set by central authorities.
Access Control Systems
Access controls are complex security protocols. Furthermore, they are crucial for respecting data privacy and protecting data objects from unauthorised access. The most common form of access control employed in modern business today is RBAC. This should come as no surprise due to the amount of variance between departments. Nonetheless, both DAC and MAC remain necessary depending on the work environment and the level of data sensitivity.
Please click below to read further articles
Please click below to share this article