access control systems

Are you aware of the potential security breaches, which can occur in your office when an intruder walks in and takes away a file containing confidential documents? What about your new employee copying documents from your computer network by copying the same through the PC allotted to him and connected to the network? It can result in disaster if that individual is a mole planted by your competitor. Would it not be great if you could configure the computer network of your office in such a way that only specific PCs in the network had access to vital files? You can achieve this goal and much more by setting up an access control system in place. In simple language, it is a security technique, which you can employ to regulate who or what can view or use resources in a computing environment. This system is broadly categorised into two classes

Extra information about access control system

Physical Limits access to rooms, buildings, as well as physical IT assets

Logical Limits access to data, system files, and computer networks

The four principal types of access controls are



Role based

Rule based

How they work

Role based In this system, access is granted to various resources of the computer network to specific groups of workers. For example, software engineers can only access data that is related to them, such as data pertaining to the development of new software. In the same method, accountants can only access account specific data. The system administrator can add or remove a person from specific groups.

Rule based This allows persons on the network to gain access to data based on a specific set of rules as set by the sysadmin. This method is used, for example, to allow a group of persons to access the network at specific hours of the day or even specific days of the week. As with the role based system, only the system administrator can assign or remove access permissions.

Discretionary Each resource objects on this system has an ACL (access control list) associated with it, which contains a list of users and groups. This system allows individual users to decide who can access their data. For example, a user might allow read' access to one person or read write' access to another. He might also allow full access to users belonging to a specific group.

Mandatory The system administrator controls and configures this group as to who can gain access to what data. Whenever a person tries to access any resource under this control, the operating system compares the access level of the user with the label assigned to the resource, and permits him access if his access level matches or is higher than label associated with that resource. This is the most secure access control system.

Biometric systems

This belongs to the physical category. Generally attached on doors, these systems check the fingerprint or the iris of an individual or both of them and compare that data with those stored in a database. If the biometric data matches, it allows the individual access to the building or room, depending where the system is installed. Ensure the security of your office by installing an access control system on place.