When we talk about access control we are referring to an electronic security system. Access control is used to identify an individual and authorize it to enter certain areas. The person entering may be an employee, a contractor, or a visitor. Access control systems mostly come in three variations: discretionary access control, mandatory access control, and role-based access control.
How access control works
Access control readers are installed to provide access to the building based on established credentials. These credentials can be key cards, key fobs, biometrics, among others. The card readers are connected to a network that allows individuals to get in with one of the credentials mentioned before and the system recognizes that they are authorized to be in the building. An appropriate access control software that fits your needs is essential. The software will track and keep who enters and exits the building and will allow supervisors, owners, etc. to keep track of it in case of a break-in.
If you’d like to get installed access control for your business and you’re still not sure of what’s the criteria for choosing the right company to take care of it. You can read our Access Control System Installation Considerations and Planning article.
Discretionary access control
Discretionary Access Control is a type of access control system that holds the business owner responsible for deciding which people are allowed in a specific location, physically or digitally. DAC is the least restrictive compared to the other systems, as it essentially allows individual complete control over any objects they own, as well as the programs associated with those objects. The drawback to Discretionary Access Control is the fact that it gives the end-user complete control to set security level settings for other users and the permissions given to the end-user are inherited into other programs they use which could potentially lead to malware being executed without the end-user being aware of it.
Mandatory access control
Mandatory Access Control is more commonly utilized in organizations that require an elevated emphasis on the confidentiality and classification of data (ie. military institutions). MAC doesn’t permit owners to have a say in the entities having access to a unit or facility, instead, only the owner and custodian have the management of the access controls. MAC will typically classify all end-users and provide them with labels that permit them to gain access through security with established security guidelines.
Role-based access control
Also known as Rule-Based Access Control, RBAC is the most demanded in regard to access control systems. Not only is it in high demand among households, RBAC has also become highly sought-after in the business world. In RBAC systems, access is assigned by the system administrator and is stringently based on the subject’s role within the household or organization and most privileges are based on the limitations defined by their job responsibilities. So, rather than assigning an individual as a security manager, the security manager position already has access control permissions assigned to it.