Earlier, we talked about access control on routers (see Chapter 11, Security Systems and Protocols) and the use of access control lists (ACLs). However, the access control we talk about in the context of logical security, while different in structure and procedure, has the same overall objective—preventing unauthorized access to the software and data assets of a system.
Access control is a method of logical security that identifies what resources an individual user may access, modify, create, or remove. Using access controls, a system administrator can allow or restrict access to certain system assets and resources on an individual or group basis. Each authenticated and authorized user or group is assigned a security identifier (SID), which is the identity of a system record that details the access permissions and rights of a user or group; that is, their...
