Improvesec » CISSP Concepts

Domain Reference: Access Control

Biometrics Report:
– Type I Errors: Authorized Individuals were incorrectly rejected
– Type II Errors: Unathorized Individuals were incorrectly granted access.

SESAME: Secure European System For Applications In a Multivendors Enviroment

– Technology bult upon the Kerberos foundation.
– SESAME provides different capabilities and uses public key criptography
– SESAME differs from Kerberos in that it uses PACS (Privileged Attribute Certificate) for authentication.
– Instead of the Kerberos Tickets Exchange Methodology.

Access Controls Models

Discretionary Access Control (DAC)
Mandatory Access Control (MAC
Role-Based Access Control (RBAC)

Trusted Computer System Evaluation Criteria (TCSEC): http://en.wikipedia.org/wiki/TCSEC

Information Technology Security Evaluation Criteria (ITSEC): http://en.wikipedia.org/wiki/ITSEC

Common Criteria for Information Technology Security Evaluation (CC): http://en.wikipedia.org/wiki/Common_Criteria

CISSP Concepts

CISSP Concepts

About the Author: nelson.castro@improvesec.com

Related Posts

Elementos de un Proceso de Prueba de Software

CISSP Concepts

Otros Tipos de Pruebas de Software

Auto Evaluación del Control (Control Self Assessment)

Leave a Comment! Cancelar la respuesta