Shulou(Shulou.com)06/02 Report--

This article mainly introduces that the access control in the computer network is divided into several levels, which has a certain reference value. Interested friends can refer to it. I hope you will gain a lot after reading this article. Let the editor take you to know it.

Access control is divided into physical access control and logical access control; physical access control, such as meeting the requirements of users, devices, doors, locks and security environment specified in the standard, while logical access control is implemented at the levels of data, application, system, network and permissions.

Operating environment of this article: windows7 system, DELL G3 computer

What is the score of access control?

Access control can be divided into two levels: physical access control and logical access control. Physical access control meets the requirements of users, devices, doors, locks and security environment, while logical access control is implemented at the levels of data, application, system, network and permissions.

Access control technology, which prevents unauthorized access to any resources, so that the computer system can be used within a legal scope. Refers to the user identity and the definition group to which it belongs to restrict the user's access to certain information items, or to restrict the use of certain control functions, such as UniNAC network admission control system is based on this technology.

Access control is usually used by system administrators to control user access to network resources such as servers, directories, files, and so on.

The concept and elements of access Control

Access control (Access Control) refers to the means by which the system restricts the user's ability to use data resources according to the identity of the user and the predefined policy group to which he belongs. It is commonly used by system administrators to control user access to network resources such as servers, directories, files, and so on. Access control is an important basis for system confidentiality, integrity, availability and legal usability, and one of the key strategies for network security and resource protection. it is also the different authorized access of the subject to the object itself or its resources according to certain control policies or permissions.

The main purpose of access control is to restrict the access of the subject to the object, so as to ensure the effective use and management of data resources within the legal scope. In order to achieve the above purpose, access control needs to complete two tasks: to identify and confirm the user who accesses the system, and to determine what type of access the user can have to a certain system resource.

Access control includes three elements: subject, object and control policy.

(1) main body S (Subject). It refers to making a specific request for access to resources. Is the initiator of an action, but not necessarily the executor of the action, may be a user, can also be a user-initiated processes, services and devices, and so on.

(2) object O (Object). Refers to the entity that accesses the resource. All the information, resources and objects that can be manipulated can be objects. The object can be a collection of information, documents, records, etc., it can also be the hardware facilities on the network, the terminal in infinite communication, and even include another object.

(3) Control strategy A (Attribution). It is a collection of relevant access rules from the subject to the object, that is, the set of attributes. The access policy embodies a kind of authorization behavior, and it is also the default of the object to some operations of the subject.

The function and principle of access Control

The main functions of access control include: ensuring legitimate users to access authorized network resources, preventing illegal subjects from entering protected network resources, or preventing legitimate users from unauthorized access to protected network resources. First of all, access control needs to verify the legitimacy of the user's identity, and at the same time use control policies for selection and management. When the user identity and access rights are verified, the ultra vires operation also needs to be monitored. Therefore, the content of access control includes authentication, control policy implementation and security audit.

(1) Authentication. It includes the identification of the subject to the object and the inspection and confirmation of the object to the subject.

(2) Control strategy. By reasonably setting the set of control rules, users can ensure the legitimate use of information resources within the authorized scope. Not only to ensure the reasonable use of authorized users, but also to prevent illegal users from infringing into the system, so that important information resources are leaked. At the same time, legitimate users can not exceed their authority to exercise functions and access scope.

(3) Security audit. The system can automatically check and verify the relevant activities or behaviors under the computer network environment systematically and independently according to the access rights of users, and make corresponding evaluation and audit.

Thank you for reading this article carefully. I hope the article "access Control in computer Network is divided into several levels" shared by the editor will be helpful to everyone. At the same time, I also hope that you will support and pay attention to the industry information channel. More related knowledge is waiting for you to learn!

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.