We use cookies to give you the best experience possible. By continuing we’ll assume you’re on board with our cookie policy

Unit 3 Information Systems Assignment 1 Paper

Words: 694, Paragraphs: 10, Pages: 3

Paper type: Assignment, Subject: Internal Control System

Richman Investments has decided to spread out their concern. We have been given their new growing projections of 10. 000 employees in 20 states. with 5. 000 located within the U. S. Richman has besides established eight subdivision offices located throughout the U. S. and has designated Phoenix. AZ being the chief central office. With this scenario. I intend to plan a distant entree control policy for all systems. applications and informations entree within Richman Investments.

With so many different manners of Access Control to take from it is my appraisal that by taking merely one theoretical account would non be appropriate for Richman Investments. My recommendation would be a combination of multiple Access Control Models that overlap to supply maximal coverage and overall security. Here are my suggestions for entree controls.

Role Based Access Control or RBAC. this will work good with the Non-Discretionary Access Control theoretical account. which will be detailed in the following paragraph. RBAC is defined as puting permissions or allowing entree to a group of people with the same occupation functions or duties. With many different locations along with many different users it is of import to place the different users and different workstations within this web.

Remote Access Definition

Don't use plagiarized sources. Get Your Custom Essay on Unit 3 Information Systems Assignment 1
Just from $13,9/Page

Get Essay

Every attempt should be dedicated towards forestalling user to entree information they should non hold entree to. Non-Discretionary Access Control is defined as controls that are monitored by a security decision maker. While RBAC identifies those with permissions. it is a security decision maker that should farther place the degree of entree to each Role that is created. The security decision maker should besides denominate certain users or workstations entree to the information available within the web.

Rule Based Access Control can besides be linked to the first two theoretical accounts detailed in the paper ( RBAC and Non-Discretionary ) . and is similar to RBAC. Rule Based Access Control is a set of regulations to find which users have entree to what information. Within each Role Based Access Control security can be farther refined by using Rules. These regulations will be defined by the security decision maker as portion of the Non-Discretionary Access Control theoretical account.

Constrained User Interface incorporates similar constructs of two other entree control theoretical accounts that have been detailed. Role Base and Rule Base. Constrained User Interface is defined as a user’s ability to acquire into certain resources based on the user’s rights and privileges. These rights and privileges are restricted and constrained on the plus they are trying to entree. While this requires many degrees of protection it provides restrictions on the petition entree to the resources available within the organisation.

Another illustration of a entree control theoretical account that can be applied in this state of affairs is known as the Clark and Wilson Integrity Model. This theoretical account provides betterments from the Biba Integrity Model of entree control. Developed by David Clark and David Wilson. the manner concentrates on what happens when a user attempts to make things they are non permitted to make. which was one defect of the Biba Integrity Model. The other defect that was addressed was the theoretical account besides reviews internal unity menaces.

There are 3 cardinal elements of the Clark and Wilson unity theoretical account ; the first it stops unauthorised users from doing alterations within the system. The 2nd. it stops authorised users from doing improper alterations. and the 3rd. it maintains consistence both internally and externally. Within the Clark and Wilson model a user’s entree is controlled by permissions. specifically to put to death plans with authorised users holding entree to plans that allow alterations.

While some of these theoretical accounts are similar they work best when working with each other. By supplying multiple theoretical accounts of entree controls within the web it will supply a more robust coverage of entree control. It would non be good to use merely one entree control theoretical account as there can be flaws and exposures for a individual entree control manner. Mentions:

Kim. D. . & A ; Solomon. M. G. ( 2012 ) . Fundamentalss of Information Systems SecuritY. Sudbury: Jones & A ; Bartlett Learning.

How to cite this page

Choose cite format:

Unit 3 Information Systems Assignment 1. (2019, Dec 05). Retrieved from http://paperap.com/paper-on-unit-3-assignment-1-remote-access-control-policy-definition-essay/

Is Your Deadline Too Short?
Let Professionals Help You

Get Help

Our customer support team is available Monday-Friday 9am-5pm EST. If you contact us after hours, we'll get back to you in 24 hours or less.

By clicking "Send Message", you agree to our terms of service and privacy policy. We'll occasionally send you account related and promo emails.
No results found for “ image
Try Our service

Hi, I am Colleen from Paperap.

Hi there, would you like to get such a paper? How about receiving a customized one? Click to learn more https://goo.gl/CYf83b