The concept of privilege refers to levels of access authority over resources and actions within your network. The level at which privileges may be managed is often referred to as the granularity of access control . Several levels of granular access control are possible:
Single Sign-OnFor a long time, it was thought that for each server on the network to remain secure, users should maintain a different user account and password for each server. The premise being that if a user's account was compromised, it would only allow access to one server and therefore would reduce the impact of the compromise. This concept worked well when networks were small and servers were few. But what happens when users have to access 10, 20, or even 100 different servers? Maintaining a separate username and password for each server becomes unmanageable. This is mostly because users now write down their passwords because they can't remember so many different ones, and the whole purpose of multiple user accounts and passwords becomes a security risk. Thus single sign-on (SSO) came into being. Users sign on or log on to a network once and can access any desired network resource, regardless of the operating system managing it. SSO is designed to make the life of both users and administrators easier. Network administrators benefit by being able to have a single set of users to track and grant privilege to. In addition, help desk calls are reduced because account lockouts and password resets won't occur as frequently.
Centralized Versus DecentralizedSecurity management is based on one of two models: centralized or decentralized. Both the group-based and role-based methods of access control require a centralized database of accounts and roles or groups to which these are assigned. This database may be maintained on a single, central server that must then be contacted by servers providing resources when an account's proper ACL must be verified for access to a resource. Centralized privilege management is more secure because all privilege assignments and changes made to existing accounts are done through one department or group. The drawback to the centralized model of privilege management is the ability to scale. As the company and network grow, it becomes more and more difficult to keep up with the tasks of assigning and managing network resource access and privileges. Decentralized security management is less secure but more scalable. Responsibilities are delegated, and employees at different locations are made responsible for managing privileges within their administrative areas. Decentralized management is less secure because more people are involved in the process, and a greater possibility for errors exists. Most companies use a hybrid network-management approach. Management may decide to centralize the creation of user accounts while decentralizing resource access and privilege assignment to the owners of the servers and data. Managing Access ControlAccess control may be managed in several ways, depending on whether access rights must be strictly enforced for all accounts or they may reflect changes in the network environment. Some of the more common access control configurations include the following:
Monitoring Access UseAfter you have established the proper access control scheme, it is important to monitor changes in access rights. Auditing user privileges is generally a two-step process that involves turning auditing on within the operating system and then specifying the resources to be audited . After enabling auditing, you also need to monitor the logs that are generated. Auditing should include both privilege and usage. Auditing of access use and rights changes should be implemented to prevent unauthorized or unintentional access or escalation of privileges, which might allow a guest or restricted user account access to sensitive or protected resources. Figure 11.1 provides an example of an auditing policy configured to log privilege use and account management. Figure 11.1. An example of a Windows audit policy configured for the monitoring of privilege use and account management.
|