Information System Security Assignment


Please prepare a response (200- to 300-words) to the following on this question:

How is access to your company’s information resources controlled and is the principle of “Protection Domains” implemented? Discuss, but do not give away the ‘keys to the kingdom’. If you are not currently working in a situation where access controls are used, or you wish not to discuss your company’s methods (which is fine, and we all understand), pick an access control and discuss in light of its use in a protection domain (with examples of its use.)


Background infomration (Assignment Must be based off this information):

The following is based on the information in Chapter 4, “Access Control”, of our e-text, Computer Security Principles and Practice.  In summary:


In discretionary control, users are allowed to access resources at the discretion of the information owner. Each user is given a specific set of rights to the system.


In mandatory access control, the information owner assigns attributes (labels) to users and systems (subjects), and to resources (objects). Based on these attributes, each user can access only those resources to which he or she is linked.


In role-based access control, users are assigned to groups based on common needs. Each group is given a specific set of access rights. If a user’s needs change, he or she is simply moved to a different group.


In any case, each user is given access only to the resources he or she needs. Thus, the principal of least privilege is applied.


Need a Professional Writer to Work on this Paper and Give you Original Paper? CLICK HERE TO GET THIS PAPER WRITTEN

Leave a Reply

Your email address will not be published. Required fields are marked *

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong>

Order Now