CSE 543 Lecture Notes - Lecture 3: Risk Management, Decapod Anatomy, Mandatory Access Control

289 views3 pages

Document Summary

Information assurance security lecture 3 notes: security requires auditability and accountability. auditability is the ability to verify an activity. accountability is to hold individual, answerable, responsible or liable for activities. security control must produce reliable and undisputable evidence. Independence between the person charged with security control and the persons subject to such security control. Restricting access to objects based on identity of subjects. Restrict access to objects based on sensitivity and formal authorization of subjects to access informations of such sensitivity. role based access control ( rbac ) Each role defines a specific set of operations that the individual in that role can perform. Individual needs to be authenticated choose a role that has been assigned. Individual should possess clearance, formal access and need to know before being authorized access to info. Individuals have only piece of information based on need to know. Assign labels to information in order to identify the level of protection.

Get access

Grade+20% off
$8 USD/m$10 USD/m
Billed $96 USD annually
Grade+
Homework Help
Study Guides
Textbook Solutions
Class Notes
Textbook Notes
Booster Class
40 Verified Answers
Class+
$8 USD/m
Billed $96 USD annually
Class+
Homework Help
Study Guides
Textbook Solutions
Class Notes
Textbook Notes
Booster Class
30 Verified Answers

Related Documents