My recommendation would be a combination of multiple Access Control Models that overlap to provide maximum coverage and overall security. Here are my suggestions for access controls. Role Based Access Control or ARAB, this will work well with the Non- Discretionary Access Control model, which will be detailed in the next paragraph. ARAB is defined as setting permissions or granting access to a group of people with the same job roles or responsibilities . With many different locations along with many different users it is important to identify the different users and efferent workstations within this network.
Every effort should be dedicated towards preventing user to access information they should not have access to. Non-Discretionary Access Control is defined as controls that are monitored by a security administrator. While ARAB identifies those with permissions, it is a security administrator that should further identify the level of access to each Role that is created. The security administrator should also designate certain users or workstations access to the information available within the network.
Rule Based Access Control can also be linked to the first two models detailed in the paper (ARAB and Non-Discretionary), and is similar to ARAB.
Rule Based Access Control is a set of rules to determine which users have access to what data. Within each Role Based Access Control security can be further refined by applying Rules. These rules will be defined by the security administrator as part of the Non-Discretionary Access Control model. Constrained User Interface incorporates similar concepts of two other access control models that have been detailed, Role Base and Rule Base. Constrained User Interface is defined as a User’s ability to get into certain resources based on the User’s rights and privileges.
These rights and privileges are restricted and constrained on the asset they are attempting to access. While this requires many levels of protection it provides limitations on the request access to the resources available within the organization. Another example of a access control model that can be applied in this situation is known as the Clark and Wilson Integrity Model. This model provides improvements from the Bibb Integrity Model of access control. Developed by David Clark and David Wilson, the mode concentrates on what happens when a user tries to do things they are not permitted to do, which was one flaw of the Bibb Integrity Model .
The other flaw that was addressed was the model also reviews internal integrity threats . There are 3 key elements of the Clark and Wilson integrity model; the first it stops unauthorized users from making changes within the system. The second, it stops authorized users from making improper changes, and the third, it maintains consistency both internally and externally . Within the Clark and Wilson model a user’s access is controlled by remissions, specifically to execute programs with authorized users having access to programs that allow changes.
While some of these models are similar they work best when working with each other. By providing multiple models of access controls within the network it will provide a more robust coverage of access control. It would not be beneficial to utilize only one access control model as there can be flaws and vulnerabilities for a single access control mode. REFERENCES: Kim, D. , & Solomon, M. G. (2012). Fundamentals of Information Systems Security. Sturdy: Jones & Bartlett Learning.
Cite this Remote Access Control Policy Definition
Remote Access Control Policy Definition. (2018, Jun 29). Retrieved from https://graduateway.com/remote-access-control-policy-definition/