Access control is a key component of security. When properly designed, it lets in legitimate users and keeps unauthorized individuals out. Access control has moved far beyond simple usernames and passwords. Modern access-control systems can use physical attributes or biometrics for authentication. Many airports now use biometrics for authentication. Security administrator have more to worry about than just authentication. Many employees now have multiple accounts to keep up with. Luckily, there is a way to consolidate these accounts: single sign-on.
This chapter discusses access-control techniques and the ways to implement control within centralized and decentralized environments. It also discusses some of the threats to access control. Attackers can launch password-cracking attacks to try and gain unauthorized access. If they still cannot get into a system, they might attempt to launch denial-of-service (DoS) attacks to disrupt avail ability to legitimate users. That is why access control is also about detective and corrective measures. It's important to have systems to detect misuse or attacks. One such system is an intrusion-detection system (IDS). IDS systems are also discussed in this chapter.
The CISSP Cram Sheet
A Note from Series Editor Ed Tittel
About the Author
Acknowledgments
We Want to Hear from You!
Introduction
Self-Assessment
The CISSP Certification Exam
Physical Security
Security-Management Practices
Access-Control Systems and Methodology
System Architecture and Models
Telecommunications and Network Security
Applications and Systems-Development Security
Operations Security
Business Continuity Planning
Law, Investigations, and Ethics
Cryptography
Practice Exam 1
Answers to Practice Exam 1
Practice Exam 2
Answers to Practice Exam 2