Search icon CANCEL
Subscription
0
Cart icon
Your Cart (0 item)
Close icon
You have no products in your basket yet
Save more on your purchases now! discount-offer-chevron-icon
Savings automatically calculated. No voucher code required.
Arrow left icon
Explore Products
Best Sellers
New Releases
Books
Videos
Audiobooks
Learning Hub
Conferences
Free Learning
Arrow right icon
Arrow up icon
GO TO TOP
Infosec Strategies and Best Practices

You're reading from   Infosec Strategies and Best Practices Gain proficiency in information security using expert-level strategies and best practices

Arrow left icon
Product type Paperback
Published in May 2021
Publisher Packt
ISBN-13 9781800566354
Length 272 pages
Edition 1st Edition
Arrow right icon
Author (1):
Arrow left icon
Joseph MacMillan Joseph MacMillan
Author Profile Icon Joseph MacMillan
Joseph MacMillan
Arrow right icon
View More author details
Toc

Table of Contents (13) Chapters Close

Preface 1. Section 1: Information Security Risk Management and Governance
2. Chapter 1: InfoSec and Risk Management FREE CHAPTER 3. Chapter 2: Protecting the Security of Assets 4. Section 2: Closing the Gap: How to Protect the Organization
5. Chapter 3: Designing Secure Information Systems 6. Chapter 4: Designing and Protecting Network Security 7. Chapter 5: Controlling Access and Managing Identity 8. Section 3: Operationalizing Information Security
9. Chapter 6: Designing and Managing Security Testing Processes 10. Chapter 7: Owning Security Operations 11. Chapter 8: Improving the Security of Software 12. Other Books You May Enjoy

Access control models and concepts

When it comes to information security, the same idea applies from the physical security realm; restricting access to a location or asset is referred to as access control. When we say access, we could mean physically entering a space or digitally accessing a folder. We could mean reading a printed document in an office, but we can also consider the CRUD possibilities in a digital estate as well.

The classic (or retro?) access control is a lock and key. If somebody has the key, they're able to access what the lock is preventing access to. And if they have the key, they're allowed to access it, right? Is it that simple? Of course not. What we want is the ability to ensure that the people with the key are the people with permission, and try our best to ensure that even with the key, the wrong people aren't allowed to (or authorized to) access what they shouldn't.

Before diving into the models, I'd like to cover four key...

lock icon The rest of the chapter is locked
Register for a free Packt account to unlock a world of extra content!
A free Packt account unlocks extra newsletters, articles, discounted offers, and much more. Start advancing your knowledge today.
Unlock this book and the full library FREE for 7 days
Get unlimited access to 7000+ expert-authored eBooks and videos courses covering every tech area you can think of
Renews at $19.99/month. Cancel anytime