About An Essay On Evaluating Access Control Methods (Essay Sample)

Evaluating Access Control Methods
Name
Institutional Affiliation
Evaluating Access Control Methods
Introduction
In order for an organization to achieve the desired security goals and objectives, the procedures of accessing the system and its resources should be strategically organized in such a way that does not encourage security threats. Access control refers to the process of ensuring that the level of user manipulation and utilization of system has been secured under the use of such aspects as account credentials and passwords that differentiate between users (Ferraiolo & Kuhn, 2009). Strategic approach to system control is important in an organization in order to ensure that organizational security needs have been effectively addressed long before malicious activities could be encountered.
Mandatory access control (MAC)
MAC is considered as the most secure access control over the rest. This type of access control is able to ensure strict measures for accessing most of the resources. The system administrator is responsible for the definition of the control measures that are usually implemented within an organization’s system or on the various resource objects (Chou, 2004). The access control of the resource being protected cannot be changed by the user. Security labels are utilized in the MAC for all the resource object as they contain two major types of information including a category and classification. Category includes the department or level within the firm that the specific object is available. The accounts are also created under the use of similar properties as those set to the resource objects. The user will therefore be allowed to access a resource only when the system accepts the credential used. In such a case the category and the classification must have matched. MAC could however be classified further into multilateral and multilevel security.
However, the major issues associated with the application of MAC is that it requires a very intensive and integrated planning before it can be effectively implemented into an organization’s operations. This approach will also call for an intensive management due to the continued need to keep with the changing trends within the organizations (Ferraiolo & Kuhn, 2009). Some of the issues that bring rise to the need to have an intensive management include the need to modify labels and objects in accounts in order to accommodate new records as well as changes in organizational structures calling for changes in categorization and classification.
Discretionary access control (DAC)
This type of control allows most of the user to control their own resources and usually the most common in operating systems utilizing desktop operations. Unlike in the case of MAC where the administrator is responsible for setting up security controls, DAC allows the user to set up security access controls to the resources that they own (Ryan, 2013). Sometime however, depending on the type of system, network administrator or the system could dictate the most applicable permissions and procedures that should be allowed in order to access the resources. Data Access control list holds the properties used in accessing of objects within the system against a list of users is contained. Their level of operations are listed within the list thus determining who should access what.
The major advantage associated with this type of access control is the level of flexibility in accessing the resources (Ubale et al, 2014). However, DAC may be considered as inconsistent due to variation of policies from one individual to the other. Under the consideration of the ease to accessing data by different individuals, there is a huge probability that unauthorized individual may access highly sensitive organization information on weak security systems. This issues could however be mitigated through the use of strong identity credential and passwords. Allow the authorized personnel should therefore be allows to access a resource.
Role-based access control (RBAC)
This type of access control is based upon the specific roles within which different individuals have been allocated. It is also referred to as the non-discretionary control (Ryan, 2013). Other...