Читать книгу The Official (ISC)2 SSCP CBK Reference - Mike Wills - Страница 175

Mandatory vs. Discretionary Access Control

Оглавление

The next major choice that needs to be made reflects whether the organization is delegating the fine-grained, file-by-file access control and security policy implementation details to individual users or local managers or is retaining (or enforcing) more global policy decisions with its access control implementation.

 Mandatory access control (MAC) denies individual users (subjects) the capability to determine the security characteristics of files, applications, folders, or other objects within their IT workspaces. Users cannot make arbitrary decisions, for example, to share a folder tree if that sharing privilege has not been previously granted to them. This implements the mandatory security policies as defined previously and results in highly secure systems.

 Discretionary access control (DAC) allows individual users to determine the security characteristics of objects, such as files, folders, or even entire systems, within their IT workspaces. This is perhaps the most common access control implementation methodology, as it comes built in to nearly every modern operating system available for servers and endpoint devices. Typically, these systems provide users with the ability to grant or deny the privileges to read, write (or create), modify, read and execute, list contents of a folder, share, extend, view other metadata associated with the object, and modify other such metadata.

The choices of centralized versus decentralized architectures, and whether to use mandatory, discretionary, or nondiscretionary access control as a global policy are important decisions that must be made before you can start implementing your IAM project. You've also got to make another set of decisions regarding the specific roles, tasks, or responsibilities that individual users or groups of users must fulfill, and correlate that with your organization's information classification guide. Combining those two sets of information informs your choice of access control models: Do your security needs dictate a role-based access control, for example, or can you safely operate with something simpler such as subject-based or object-based control? And with that decision in hand, you can then start putting AAA servers in place, configuring their services, and loading up their control information. Now, you can start provisioning user accounts.

The Official (ISC)2 SSCP CBK Reference

Подняться наверх