Access Control Concepts
Introduction to Access Control
Introduction to Access ControlOver the last several decades, network connectivity has evolved into a necessary component of nearly every business activity. Users rely on the network for:
■
■
It is a rare user who accesses only the data and applications stored on an isolated computer system. Instead, a user connects to a network, which allows his or her
Resources stored and delivered over a network are valuable; they might include medical records, payroll information, customers’ financial records, corporate strategy, and military operation plans. And because the resources are valuable, some people may attempt to hijack them for their own purposes.
To protect resources from misuse (whether malicious or not), you must enforce access controls. Many users associate the words access control with a username and password, submitted to gain access to a particular piece of data or application. However, an access control is any mechanism for dictating which users and devices can access particular resources.
You can control users’ access to resources in three ways:
■Data access control (enforced on particular data storage devices)
■Application access control (enforced on particular services)
■Network access control (enforced at the network edge, where users connect)
Access control is most effective at protecting resources when the three types work together. But because the network is the means of distributing all data and applications to users, network access control is particularly important as a comprehensive solution. Network access control provides the following functions:
■Blocks access from unauthorized users at each network entry