Access Control, Authentication, and Public Key Infrastructure
Lesson 8
Access Control for Information Systems
© 2015 Jones and Bartlett Learning, LLC, an Ascend Learning Company
www.jblearning.com
All rights reserved.
Page ‹#›
Access Control, Authentication, and PKI
© 2015 Jones and Bartlett Learning, LLC, an Ascend Learning Company
www.jblearning.com
All rights reserved.
1
Learning Objective
Implement appropriate access controls for information systems within information technology (IT) infrastructures.
Page ‹#›
Access Control, Authentication, and PKI
© 2015 Jones and Bartlett Learning, LLC, an Ascend Learning Company
www.jblearning.com
All rights reserved.
2
Key Concepts
The three states of data
File system access control lists
User account type privilege management
Access control best practices
Organization-wide layered infrastructure access control
Page ‹#›
Access Control, Authentication, and PKI
© 2015 Jones and Bartlett Learning, LLC, an Ascend Learning Company
www.jblearning.com
All rights reserved.
3
DISCOVER: CONCEPTS
Page ‹#›
Access Control, Authentication, and PKI
© 2015 Jones and Bartlett Learning, LLC, an Ascend Learning Company
www.jblearning.com
All rights reserved.
The Three States of Data
Page ‹#›
Access Control, Authentication, and PKI
© 2015 Jones and Bartlett Learning, LLC, an Ascend Learning Company
www.jblearning.com
All rights reserved.
Data at Rest (DAR)
Stored on some device
Archived records
Data in Motion (DIM)
Sending an e-mail
Retrieving a Web page
Data in Process
Creating a new document
Processing a payment
DIM
Page ‹#›
Access Control, Authentication, and PKI
© 2015 Jones and Bartlett Learning, LLC, an Ascend Learning Company
www.jblearning.com
All rights reserved.
Use encryption to protect stored data:
Elements in databases
Files on network and shared drives
Files on portable or movable drives, Universal serial bus (USB), and flash drives
Files and shared drives accessible from the Internet
Personal computers (PCs), laptop hard drives, and full disk encryption
Protecting DAR
Page ‹#›
Access Control, Authentication, and PKI
© 2015 Jones and Bartlett Learning, LLC, an Ascend Learning Company
www.jblearning.com
All rights reserved.
Difficult to protect since it is being operated on by the central processing unit (CPU)
Protecting DIP
Page ‹#›
Access Control, Authentication, and PKI
© 2015 Jones and Bartlett Learning, LLC, an Ascend Learning Company
www.jblearning.com
All rights reserved.
File System Access Controls
File system access controls will include logging of user activities on the:
Files
Applications
Systems
Access Controls at Different Levels in a System
Page ‹#›
Access Control, Authentication, and PKI
© 2015 Jones and Bartlett Learning, LLC, an Ascend Learning Company
www.jblearning.com
All rights reserved.
Trust-Based Peer to Peer (P2P)
Workgroup
Role-Based Access
Group-Based Files Access
Types of File System Access ...Read less