Access Control Models
Access Control Models
Access control plays an essential role in the security of many businesses by allowing personnel to restrict or grant access to specified locations or resources. Currently, there are four primary types of access control models: mandatory access control (MAC), role-based access control (RBAC), discretionary access control (DAC), and role-based access control (RBAC). Each model outlines different levels of permissions and how they are assigned. To learn more about the four main types of access control for businesses and determine which ones best suit your company’s needs, continue reading.
Background
Consider one of the most crucial assets in a company, and access control systems hold significant value. The term ‘access control’ refers to “the control of access to system resources after a user’s account credentials and identity has been authenticated, and access to the system has been granted.” Access control is used to identify a subject (user/human) and authorize the issue to access an object (data/resource) based on the required task. These controls are used to protect resources from unauthorized access. Three main types of access control systems are Discretionary Access Control (DAC), Role-Based Access Control (RBAC), and Mandatory Access Control (MAC).
Discretionary Access Control (DAC)
Discretionary access control is the least restrictive type of access control. Under this system, individuals are granted complete control over any objects they own and any programs associated with such entities. The individuals can then determine who has access to their things by programming security level settings for other users.
DAC is a type of access control system that assigns access rights based on rules specified by users. The principle behind DAC is that subjects can determine who has access to their objects. The DAC model takes advantage of using access control lists (ACLs) and capability tables. Capability tables contain rows with ‘subject’ and columns containing ‘object.’ The security kernel within the operating system checks the tables to determine if access is allowed. Sometimes a subject/program may only have access to read a file; the security kernel makes sure no unauthorized changes occur.
Implementation
This popular model is utilized by some of the most popular operating systems, like Microsoft Windows file systems.
Role-Based Access Control (RBAC)
RBAC, also known as non-discretionary access control, is used when system administrators assign rights based on organizational roles. It presents an opportunity for the organization to address the principle of ‘least privilege.’ That gives individuals the access needed to do their job since the key connects to their job.
In these systems, predefined roles are associated with specific permissions. Because of its simplicity, this type of access control system is one of the most popular forms used in businesses. However, RBAC does have some drawbacks. For example, RBAC can’t grant one-time permissions when an exception to the standardized licenses is necessary.
Implementation
Windows and Linux environments use something similar by creating ‘Groups.’ Each group has individual file permissions. Each user is assigned to groups based on their work role. RBAC sets access based on roles. That is different from groups since users can belong to multiple groups but only be assigned one role. Example roles are accountants, developers, among others. An accountant would only gain access to resources that an accountant would need on the system. That requires the organization to constantly review the role definitions and have a process to modify roles to segregate duties. If not, role creep can occur. Role creep is when an individual is transferring to another job/group, and their access from their previous job stays with them.
Mandatory Access Control (MAC)
Mandatory access control is widely considered the most restrictive access control model in existence. This type of access control allows only the system’s owner to control and manage access based on the settings laid out by the system’s programmed parameters. Such parameters can’t be altered or bypassed. The end-user doesn’t have control over any of the permissions or privileges. They can only access points that the system owners allow them to access. Because of its high level of restriction, MAC is usually used for facilities or organizations that require maximum security, such as government facilities.
Considered the strictest of all levels of access control systems, the government commonly uses the design and implementation of MAC. It uses a hierarchical approach to control access to files/resources. Under a MAC environment, access to resource objects is held by the settings defined by a system administrator. That means access to resource objects is governed by the operating system based on what the system administrator configured in the settings. Users can’t change access control of a resource. MAC uses “security labels” to assign resource objects to a system. There are two pieces of information connected to these security labels: classification (high, medium, low) and category (specific department or project – provides “need to know”). Each user account is also assigned classification and category properties. This system provides users access to an object if both properties match. Suppose a user has high classification but is not part of the category of the thing. In that case, the user cannot access the object. MAC is the most secure access control system but requires considerable planning and high system management due to constantly updating things and account labels.
Implementation
Other than the government’s implementation of MAC, Windows Vista-8 used a variant of MAC with what they called, Mandatory Integrity Control (MIC). This MAC system added integrity levels (IL) to process/files running in the login session. The IL represented the level of trust the object would have. Subjects were assigned an IL level, which was set to their access token. IL levels in MIC were: low, medium, high, and system. In that system, access to an object was prohibited unless the user had the same level of trust. Windows limited the user not to being able to write or delete files with a higher IL. This system took advantage of the Windows DAC system ACLs. It first compared IL levels, then checked the ACLs to ensure the correct permissions were in place. It combined it with integrity levels to create a MAC environment.
Rule-based access control
The last of the four main types of access control for businesses is rule-based access control. This system assigns or denies user access based on dynamic rules and limitations defined by the owner or system administrator. Such rules may limit access based on several unique situations, such as the individual’s location, the time of day, or the device being used. The ability to customize rules and permissions makes RBAC an ideal form of access control for businesses that require a dynamic security solution.