Free Trial

Safari Books Online is a digital library providing on-demand subscription access to thousands of learning resources.

  • Create BookmarkCreate Bookmark
  • Create Note or TagCreate Note or Tag
  • PrintPrint
Share this Page URL
Help

Chapter 6: Educating and Protecting the User > Information Access Controls

Information Access Controls

Access control defines the methods used to ensure that users of your network can access only what they’re authorized to access. The process of access control should be spelled out in the organization’s security policies and standards. Several models exist to accomplish this. Regardless of the model you use, a few concepts carry over:

Implicit Denies These are where you specifically lock certain users out. In Unix and Linux, for example, you can choose who can use the at service by configuring either an at.allow or an at.deny file. If you configure the at.allow file, then only those users specifically named can use the service and all others cannot. Conversely, if you configure the at.deny file, then only the users named in that file cannot use the service (you are implicitly denying them) and all others can.


  

You are currently reading a PREVIEW of this book.

                                                                                                                    

Get instant access to over $1 million worth of books and videos.

  

Start a Free Trial


  
  • Safari Books Online
  • Create BookmarkCreate Bookmark
  • Create Note or TagCreate Note or Tag
  • PrintPrint