Assignment on evaluating access control methods
Course:- Computer Network Security
Length: 1337 Words
Reference No.:- EM13770000

Assignment Help
Expertsmind Rated 4.9 / 5 based on 47215 reviews.
Review Site
Assignment Help >> Computer Network Security

Assignment On Evaluating Access Control Methods

Imagine you are an Information Systems Security Specialist for a medium-sized federal government contractor. The Chief Security Officer (CSO) is worried that the organization's current methods of access control are no longer sufficient. In order to evaluate the different methods of access control, the CSO requested that you research: mandatory access control (MAC), discretionary access control (DAC), and role-based access control (RBAC). Then, prepare a report addressing positive and negative aspects of each access control method. This information will be presented to the Board of Directors at their next meeting. Further, the CSO would like your help in determining the best access control method for the organization.

Write a three to five (3-5) page paper in which you:

Explain in your own words the elements of the following methods of access control:

Mandatory access control (MAC)

Discretionary access control (DAC)

Role-based access control (RBAC)

Compare and contrast the positive and negative aspects of employing a MAC, DAC, and RBAC.

Suggest methods to mitigate the negative aspects for MAC, DAC, and RBAC.

Evaluate the use of MAC, DAC, and RBAC methods in the organization and recommend the best method for the organization. Provide a rationale for your response.

Speculate on the foreseen challenge(s) when the organization applies the method you chose. Suggest a strategy to address such challenge(s).

Use at least three (3) quality resources in this assignment. Note: Wikipedia and similar Websites do not qualify as quality resources.

Put your comment

Ask Question & Get Answers from Experts
Browse some more (Computer Network Security) Materials
Select a recent vulnerability from that Database and analyse it from the what problems they can cause (malicious activities an attacker may use them for, including attack type
computer security incident, Trojan Defence, anti-forensics technique, chain of custody, FAT file system, SQLOracleHacks.txt, SQLOracleAttacks.txt, SQLInjection.html
Consider your organization's security architecture. How much do you know about it? How much do other workers know? How easy is it to learn more?
What is a buffer overflow attack, and what can be done to prevent them? Consider this question in terms of both the application and the hardware architecture/system itself.
A dissatisfied employee that is planning to leave an organization decides to delete a file from the server. He then copied an Excel Spreadsheet into another file, modifies t
A 1,024-bit message is used to generate a 24-bit hash. On the average, how many other messages could be expected to generate the same hash value? What is the probability tha
If an attacker breaks into a corporate database, modifies some information and deletes critical files, against what security goal or goals is this attack aimed?
Single Sign On (SSO), Single Sign On (SSO), netstat -an, arp -a, ipconfig /displaydns, MS Config. Means, MS Config. Means, network reconnaissance