3 Types of Access Control Management Systems

Access control systems help to determine physical or logical (computers, data systems, etc.) access to restricted areas for legitimate users. Some systems grant complete access once a user has been authenticated but many systems use a more sophisticated mechanism. Some access control systems mirror structures of given organizations while others are based on various sensitivity levels. The systems enhance the integrity of data by restricting the rights of modifying information to people with proper authorization.
Special ID card printers can be used to print smart cards that organizations use in their access control systems irrespective of the type of system used. The use of smart card technology provides a cost effective method for different types of access control applications. Here are the types of access control systems where this technology can be used.

Mandatory Access Control (MAC)

MAC systems usually label both information resources and users. A central authority makes decisions and individual owners cannot change the access rights. In military security, for example, individual data owners cannot change the classification of objects or choose people with 'Top clearance.'
Mandatory access control systems are used when security policies demand that:
  • Object owners must not make protection decisions.
  • The systems must enforce security policies irrespective of the intentions or wishes of individual object owners.
Access rights are usually determined by a set of interfaces and labeling mechanism that may use smart cards. Users who operate at a given process will not be allowed to read or modify files at a different process. File modification restrictions help in maintaining system security in automated environments. These access controls are mandatory in the sense that system administrators cannot change them at their own discretion.

Discretionary Access Control (DAC)

Information resources and users do not have explicit security-level labels and system administrators assign permission to the users. Although the system administrators have the freedom to grant users access, they usually rely on policies that help them determine the type of access to give the users.
Access control lists are often used to implement DAC systems. The lists are composed of tables that show which subjects have access to what objects. Subjects may be specific users or groups of users.

Role-based Access Control

RBAC is a type of non-discretionary access control where users are granted access rights based on their roles within an organization. For example, a doctor will have a different access right from a nurse in a medical institution.
Role names are used to group access rights. This system helps to develop and enforce security policies that are specific to a given enterprise. Organizations can buy ID card printers and software to produce smart cards that match their requirements.
Advanced access control systems include ID badge production facilities that use static text, company logo and dynamic database fields.
Image by IDenticardImages and licensed through Creative Commons.
Steve Stoltz is a sales representative at CardPrinter.com, an online retailer of ID card cameras and visitor management software.

No comments:

Post a Comment