As this chapter opened, I immediately noticed that there was one key concept that I need to comprehend in order to understand the remainder of the chapter. First off, Access Controls are features of security that will determine how users and systems are going to interact with one another. Access means how a subject and an object will share info. A subject is the part that is requesting access, whereas the object is what is actually being accessed. The book also puts it this way; subjects are active and objects are passive. The three main principles of security that were discussed in chapter two are expanded on a bit. A little more about them relating to chapter three:
Availability - resources must be able to be accessed in a secure and timely manner.
Integrity - prevent resources from being changed in a malicious manner or accidentally.
Confidentiality - info cannot be disclosed to individuals or other systems that are not authorized to view or change it.
I felt the need to reiterate these three principles of security because of their importance.
No comments:
Post a Comment