Читать книгу The Official (ISC)2 SSCP CBK Reference - Mike Wills - Страница 146

New Factor Type: Somewhere You Are

Оглавление

For some time now, access control systems have been able to check whether the IP address, origin URL, or information about the physical location of the subject is in fact within allowable limits. These constraint checks are usually expressed as attributes as part of an attribute-based access control system. Some systems can even use a soft token app to interrogate the location services within many smartphones, phablets, and laptops, and return that location information to the access control system to see whether the user-subject is where they are authorized, expected, or claim to actually be. Many mobile phone systems already provide this as part of their processing of calls to emergency service numbers, making GPS or other high-accuracy location information available to service dispatchers within seconds of a call being placed to their systems. Extending this to more mundane, nonemergency circumstances is worth considering if your organization needs to restrict access privileges or take other actions based on where you (and your soft token device) happen to be connecting or initiating an access attempt from.

The Official (ISC)2 SSCP CBK Reference

Подняться наверх