Information Security – Cybersecurity Notes
UoPX Advanced Cybersecurity Certification
Access Control Models
Permissions
o Refer to the access granted for an object and determine what you can do with it
Rights
o Refers to the ability to take an action on an object - can I modify said object
Privileges
o Combination of rights and permissions
Understanding Authorization Mechanisms - different types of authorization mechanisms
or methods to control who can access specific objects
o Implicit Deny
Basic principle of access control that ensures that access to an object is denied
unless access has been explicitly granted to a subject
o Access Control Matrix
A table that includes subjects, objects, and assigned privileges
o Capability Tables
Like ACL, but another way to identify privileges assigned to subjects
User groups, roles, users
o Constrained Interface
Restricted interfaces of applications to restrict what users can do or see based on
privileges
o Content-Dependent Control
Restrict access to data based on the content within an object - like porn sites and a
parent’s ability to block access based on content
o Context-Dependent Control
Require specific activity before granting access
Like a shopping cart on Amazon - contains your address, contact info,
credit card, etc.
o Need to Know
1
UoPX Advanced Cybersecurity Certification
Access Control Models
Permissions
o Refer to the access granted for an object and determine what you can do with it
Rights
o Refers to the ability to take an action on an object - can I modify said object
Privileges
o Combination of rights and permissions
Understanding Authorization Mechanisms - different types of authorization mechanisms
or methods to control who can access specific objects
o Implicit Deny
Basic principle of access control that ensures that access to an object is denied
unless access has been explicitly granted to a subject
o Access Control Matrix
A table that includes subjects, objects, and assigned privileges
o Capability Tables
Like ACL, but another way to identify privileges assigned to subjects
User groups, roles, users
o Constrained Interface
Restricted interfaces of applications to restrict what users can do or see based on
privileges
o Content-Dependent Control
Restrict access to data based on the content within an object - like porn sites and a
parent’s ability to block access based on content
o Context-Dependent Control
Require specific activity before granting access
Like a shopping cart on Amazon - contains your address, contact info,
credit card, etc.
o Need to Know
1
