Saturday, December 28, 2013

Home » » Access Control List

Access Control List

8:19 PM    No comments

An access control list (ACL) is an attachment to a file, directory, or other object that provides information about permissions associated with the object. If there is no access control list, anyone can interact with the object and do anything with it. If a list is present, however, access and activities are limited to people on the list and the abilities of individual users may be restricted at different levels.

The list can specify users, roles, or groups. Users are individual users who are registered in the system, such as an office network. Roles are titles that are assigned to people. For example, a user might have the role “System Administrator.” When an access control list restricts access to certain roles, only people in those roles will be able to manipulate the object. Groups are collections of users who are registered together, such as “Secretarial Pool.”

Access control lists can determine who is allowed to view, edit, delete, or move an object. This can be useful on a security level and it can also prevent mistakes. For example, system administrators can limit access to key system files so that people who are not experienced will not accidentally alter, delete, or move those files and cause a problem. Likewise, a file could be made read only except for one user to ensure that if other people on the network access the file, they cannot make changes to it.

Using an access control list for security is part of capability-based security, in which layers of security are provided through the use of tokens that are provided by users of the system. A token provides information about a user's authority and it is matched up with permissions that determine whether or not the user is authorized to perform a given option. This security method allows security at a highly flexible level as individual files and directories can have different permissions.

The access control list is only as good as the security of individual identities on a network. If people do not use passwords or use weak passwords, it is possible to hijack their identities and use them in the system. If a system is penetrated with a keystroke logger or similar malware, it can also become compromised and make it possible for an unauthorized person to enter the system. This is why security is organized in layers, so that a weakness in one area will not bring down the whole system.

Related Posts:

  • Different Types of Fiber-Optic SystemsFiber-optic systems are acclimated to address advice in the anatomy of pulses of light. The a lot of accepted uses for fiber-optics are in telecommunication fields, including cable television, agenda radio, and Internet commu… Read More
  • Fiber Optical Technology                   Fiber-optic technology refers to attenuate fibers that address ablaze through centralized refraction. The acreage of fiber-optics studies the applied applic… Read More
  • Fiber Optical NetworkA fiber-optic Network is a computer-to-computer or computer-to-Internet arrangement created application fiber-optic cables. These cables are fabricated of attenuate strands of bottle that address light. Computer advice is ada… Read More
  • Testing Fiber-Optic CablesThe best tips for testing fiber-optic cable cover alive the testing techniques and principles. Testing requires some specialized accessories and absolute ability of its operation. A acceptable ability of networks, their const… Read More
  • Fiber Optical Audio CablesA fiber-optic audio cable is a agenda cable that is acclimated to address advice amid altered audio devices, such as agenda able disc (DVD) players and complete systems. This blazon of cable is generally acclimated in affilia… Read More

0 comments:

Post a Comment