Access Control and Authorization
One of the system administrator’s biggest problems, which can soon turn into a nightmare if it is not well handled, is controlling access of who gets in and what is taken out of the system and who uses what resources, when, and in what amounts. Access control is restricting this access to a system or system resources based on something other than the identity of the user. For example, we can allow or deny access to a system’s resources based on the name or address of the machine requesting a document.
- 1.Panko, Raymond. R. Corporate Computer and Network Security. Upper Saddle River, NJ: Prentice-Hall, 2004.Google Scholar
- 2.Gollman, Dieter. Computer Security. New York: John Wiley & Sons, 2000.Google Scholar
- 3.An Introduction to Role-based Access Control. NIST/ITL Bulletin, December, 1995. http://csrc.nist.gov/rbac/NIST-ITL-RBAC-bulletin.html.
- 4.Differentiating Between Access Control Terms. http://secinf.net/uplarticle/2/Access_Control_WP.pdf.
- 5.Byers, Simon, Juliana Freire, and Cláudio Silva. Efficient Acquisition of Web Data through Restricted Query Interfaces. AT&T Labs-Research, http://www10.org/cdrom/posters/p1051/.
- 6.Bannan, Karen. Watching You, Watching Me PCs are turning informant. Whose side are they on? PC Magazine: July 1, 2002, http://www.pcmag.com/article2/0,4149,342208,00.asp.
- 7.Iris scan. http://ctl.ncsc.dni.us/biomet%20web/BMIris.html.
- 8.NASA World Wide Web Best Practices 2000–2001 Draft Version 2.0. http://nasa-wbp.larc.nasa.gov/devel/4.0/4_4.html.
- 9.Pipkin, Donald. Information Security: Protecting the Global Enterprise. Upper Saddle River, NJ: Prentice-Hall, 2000.Google Scholar
- 10.Kahan, Jose. A Distributed Authorization Model for WWW. May, 1995. http://www.isoc.org/HMP/PAPER/107/html/paper.html, 5/6/2003.
- 11.NASA World Wide Web Best Practices 2000–2001 Draft Version 2.0. 8/20/2000. http://nasa-wbp.larc.nasa.gov/devel/4.0/4_4.html, 5/6/2003.