1.1 Recognize and be able to differentiate and explain the following access control models
o MAC (Mandatory Access Control)
· Access controls based on security labels (Sensitivity labels) associated with each data item
· Lattice = MAC model
· Uses levels of security to classify users and data is a characteristic of MAC
o DAC (Discretionary Access Control)
· Access controls that are created and administered by the data owner are considered.
· Each object has an owner, which has full control over the object
· Inherent flaw in DAC is that it relies only on the identity of the user or process, leaving room for a Trojan horse
o RBAC (Role Based Access Control)
· Access control decisions are based on responsibilities that an individual user or process has in an organization
· Relationship of user, role, operation: multiple users, multiple roles and multiple operations
http://del.icio.us/rss/tag/access+control
http://del.icio.us/rss/tag/rbac
Ready to actually get the RMF/ISSO job?
Go from reading about the Risk Management Framework to doing it — with the full video course, the books, and a community of GRC professionals taught by Bruce Brown (CISSP, CGRC).
Get the RMF ISSO Foundations course → Browse the RMF & GRC books Join the free GRC community
Leave a Reply