TAILIEUCHUNG - Bài giảng Bảo mật cơ sở dữ liệu: Security models - Trần Thị Kim Chi
Bài giảng "Bảo mật cơ sở dữ liệu: Security models" trình bày các nội dung: Access control, types of Access control, mandatory access control, rules based access control, authentication methods, operating system authentication,. . | Giảng Viên: Trần Thị Kim Chi SECURITY MODELS Operating System Security Fundamentals Tiếp theo bài 1 bắt đầu từ Slide 10 1 Agenda a. Access control b. Inference and covert channels c. Open/close policy d. Database Application Security Models Discretionary/mandatory access control 2 Access control Access control is a security technique that can be used to regulate who or what can view or use resources in a computing environment. Access control systems perform authorization identification, authentication, access approval, and accountability of entities through login credentials includingpasswords, personal identification numbers (PINs), biometric scans, and physical or electronic keys. 3 Types of Access control There are two main types of access control: Physical, logical. Physical access control limits access to campuses, buildings, rooms and physical IT assets. Logical access limits connections to computer networks, system files and data. 4 Types of Access control The four main categories of access control are: Mandatory access control Discretionary access control Role-based access control Rule-based access control 5 Mandatory access control (MAC) Mandatory access control (MAC) is a system-controlled policy restricting access to resource objects (such as data files, devices, systems, etc.) based on the level of authorization or clearance of the accessing entity, be it person, process, or device. 6 Discretionary access control (DAC) Discretionary access control (DAC) is a type of access control defined by the Trusted Computer System Evaluation Criteria "as a means of restricting access to objects based on the identity of subjects and/or groups to which they belong. The controls are discretionary in the sense that a subject with a certain access permission is capable of passing that permission (perhaps indirectly) on to any other subject (unless restrained by mandatory access control)". .
đang nạp các trang xem trước