Access Control is an IT Security feature which controls how an user access a resource or a system. This is also applicable with physical Access Control, whereby control is performed by Security Officer and/or access devices such badges, biometrics, etc. To greatly simplify a long list of definitions and scenarios, once the authentication establishes, or recognizes your identity, access control comes in force allowing access to the resources whose your identity is associated. The bank cash point provides a good example of authentication via the keypad and your debit card (two factors authentication) and allow access to your money only.

In term of specific computer security, we provide assistance in these main categories of Access Control:

Mandatory Access Control (MAC)

Discretionary Access Control (DAC)

Role Base Access Control  (RBAC)

Identity Based Access Control

Rules Access Control (Via Attributes Access Control).

 

MAC (Mandatory Access Control) is the use of labels to determine the level of access required to use a resource and the potential permission level granted to each user.The example below shows a group of users whose the organizational policies assign a classification label of "Secret". A user has a classification label of "Top Secret". The MAC compares the two labels. Access to the file or data is granted only if the user's classification is the same or higher.

Deal characteristic

The deal is based upon server or resource hardening, it then can be deployed on servers with same applications and O.S. Typical efforts estimation is between three and six months, according the number of applications, data classification and tuning.

Clients with annual revenue is higher than $10 million. Typical deal cost is between $50,000 and $300,000;

Client benefits

When properly implemented, it enables a system to adequately defend itself and offers critical support for application security by protecting against the tampering with, and bypassing of, secured applications.