Evaluating Access Control Methods

Anonymous
timer Asked: Feb 2nd, 2018
account_balance_wallet $25

Question Description

Assignment 3: Evaluating Access Control Methods


Imagine that you are the Information Systems Security Specialist for a medium-sized federal government contractor. The Chief Security Officer (CSO) is worried that the organization's current methods of access control are no longer sufficient. In order to evaluate the different methods of access control, the CSO requested that you research: mandatory access control (MAC), discretionary access control (DAC), and role-based access control (RBAC). Then, prepare a report addressing positive and negative aspects of each access control method. This information will be presented to the Board of Directors at their next meeting. Further, the CSO would like your help in determining the best access control method for the organization.

Write a three to five page paper in which you:

  1. Explain in your own words the elements of the following methods of access control:
    1. Mandatory access control (MAC)
    2. Discretionary access control (DAC)
    3. Role-based access control (RBAC)
  2. Compare and contrast the positive and negative aspects of employing a MAC, DAC, and RBAC.
  3. Suggest methods to mitigate the negative aspects for MAC, DAC, and RBAC.
  4. Evaluate the use of MAC, DAC, and RBAC methods in the organization and recommend the best method for the organization. Provide a rationale for your response.
  5. Speculate on the foreseen challenge(s) when the organization applies the method you chose. Suggest a strategy to address such challenge(s).
  6. Use at least three quality resources in this assignment. Note: Wikipedia and similar Websites do not qualify as quality resources.

Tutor Answer

Missfomen
School: UT Austin

Attached.

EVALUATIING ACCESS CONTROL METHODS

Evaluating Access Control Methods
Course
Name
Date

Instructor

1

EVALUATIING ACCESS CONTROL METHODS

2

Evaluating Access Control Methods
Introduction
Access control involves the mechanisms that function to control the principal entities’
nature of access to the system resources which files they are allowed to read, which programs
they may execute, as well as how they share the data with other entities in the system. In essence,
it entails regulating access to system resources after authorization of the user account and the
authentication of their respective identity as well as the approval of the access to the system. The
objective of access control is to preserve the integrity and confidentiality of the system
information and its availability. Access control ensure provides only useful permissions to
subjects. This paper examines the core elements related to the mandatory access control (MAC),
discretionary access control (DAC), and role-based access control (RBAC) as well as the
challenges and strategy to address the respective challenges.
Mandatory Access Control- MAC
This is the most strict and fundamental of all the access control mechanisms. MAC
essentially incorporates a hierarchical mechanism that regulates access to the resources in the
system. Under this access control, the enforced access to the system resources is controlled by
establishing control m...

flag Report DMCA
Review

Anonymous
awesome work thanks

Similar Questions
Related Tags

Brown University





1271 Tutors

California Institute of Technology




2131 Tutors

Carnegie Mellon University




982 Tutors

Columbia University





1256 Tutors

Dartmouth University





2113 Tutors

Emory University





2279 Tutors

Harvard University





599 Tutors

Massachusetts Institute of Technology



2319 Tutors

New York University





1645 Tutors

Notre Dam University





1911 Tutors

Oklahoma University





2122 Tutors

Pennsylvania State University





932 Tutors

Princeton University





1211 Tutors

Stanford University





983 Tutors

University of California





1282 Tutors

Oxford University





123 Tutors

Yale University





2325 Tutors