Access control assumes an imperative role specifically in the domain of information security. Accordingly, it involves the discriminatory prohibition of contact or entrance to a resource or place. Based on the limitations set, the activity of accessing may actually relate to utilizing, consuming, or entering. In this respect, authorization is required in order to enable access to a particular resource. Due to the variable nature of information security, different forms of access control exist. The first of these mechanisms comprises Discretionary Access Control (DAC) (Thion & Coulondre, 2006). The DAC mainly constitutes a policy decided upon by the proprietor of a device or object. The proprietor usually determines the person authorized or permitted to gain access to the respective object (Thion & Coulondre, 2006). In addition to this, the owner determines the rights that the individual or party possess concerning access to the object. The second mechanism involves the Mandatory Access Control (MAC) (Thion & Coulondre, 2006). The MAC enables access to an object or resource as long as there are regulations that clearly give the user or party the right to gain permission to the resource. DAC can be ideal in situations involving the ownership of digital resources. Since the owner determines permission and restriction, this form of access control provides him or her with the capability to decide on this. Hence, in a situation involving the ownership of data and files, the owner can use the DAC to restrict unauthorized parties from accessing such resources. Despite its ease of implementation, the DAC may be unsuitable in scenarios whereby malicious programs such as Trojan horses are evident (Thion & Coulondre, 2006). Consequently, MAC is ideal in situations involving the protection of considerably sensitive information such as military and government data (Thion & Coulondre, 2006). However, this variant of access control may prove deleterious in a scenario whereby the implementer lacks the capability to cushion the management overheads that arise from the cost of planning, applying, and updating the system consistently.
Thion, R., & Coulondre, S. (2006). Integration of access control in information systems: From role engineering to implementation. Informatica, 30(1), 87-95.
Top-quality papers guaranteed
100% original papers
We sell only unique pieces of writing completed according to your demands.
We use security encryption to keep your personal data protected.
We can give your money back if something goes wrong with your order.
Enjoy the free features we offer to everyone
Get a free title page formatted according to the specifics of your particular style.
Request us to use APA, MLA, Harvard, Chicago, or any other style for your essay.
Don’t pay extra for a list of references that perfectly fits your academic needs.
24/7 support assistance
Ask us a question anytime you need to—we don’t charge extra for supporting you!
Calculate how much your essay costs
What we are popular for
- English 101
- Business Studies