Data Portal @ linkeddatafragments.org

Matches in DBpedia 2014 for { <http://dbpedia.org/resource/Computer_access_control> ?p ?o. }

• Computer_access_control abstract "In computer security, general access control includes authorization, authentication, access approval, and audit. A more narrow definition of access control would cover only access approval, whereby the system makes a decision to grant or reject an access request from an already authenticated subject, based on what the subject is authorized to access. Authentication and access control are often combined into a single operation, so that access is approved based on successful authentication, or based on an anonymous access token. Authentication methods and tokens include passwords, biometric scans, physical keys, electronic keys and devices, hidden paths, social barriers, and monitoring by humans and automated systems.[citation needed]In any access-control model, the entities that can perform actions on the system are called subjects, and the entities representing resources to which access may need to be controlled are called objects (see also Access Control Matrix). Subjects and objects should both be considered as software entities, rather than as human users: any human users can only have an effect on the system via the software entities that they control.[citation needed]Although some systems equate subjects with user IDs, so that all processes started by a user by default have the same authority, this level of control is not fine-grained enough to satisfy the principle of least privilege, and arguably is responsible for the prevalence of malware in such systems (see computer insecurity).[citation needed]In some models, for example the object-capability model, any software entity can potentially act as both subject and object.[citation needed]As of 2014, access-control models tend to fall into one of two classes: those based on capabilities and those based on access control lists (ACLs). In a capability-based model, holding an unforgettable reference or capability to an object provides access to the object (roughly analogous to how possession of one's house key grants one access to one's house); access is conveyed to another party by transmitting such a capability over a secure channel In an ACL-based model, a subject's access to an object depends on whether its identity appears on a list associated with the object (roughly analogous to how a bouncer at a private party would check an ID to see if a name appears on the guest list); access is conveyed by editing the list. (Different ACL systems have a variety of different conventions regarding who or what is responsible for editing the list and how it is edited.)[citation needed]Both capability-based and ACL-based models have mechanisms to allow access rights to be granted to all members of a group of subjects (often the group is itself modeled as a subject).[citation needed]Access control systems provide the essential services of authorization, identification and authentication (I&A), access approval, and accountability where:[citation needed] authorization specifies what a subject can do identification and authentication ensure that only legitimate subjects can log on to a system access approval grants access during operations, by association of users with the resources that they are allowed to access, based on the authorization policy accountability identifies what a subject (or all subjects associated with a user) did".
• Computer_access_control wikiPageID "41263993".
• Computer_access_control wikiPageRevisionID "600556374".
• Computer_access_control subject Category:Access_control.
• Computer_access_control comment "In computer security, general access control includes authorization, authentication, access approval, and audit. A more narrow definition of access control would cover only access approval, whereby the system makes a decision to grant or reject an access request from an already authenticated subject, based on what the subject is authorized to access.".
• Computer_access_control label "Computer access control".
• Computer_access_control sameAs m.0_fpvnp.
• Computer_access_control sameAs Q17008721.
• Computer_access_control sameAs Q17008721.
• Computer_access_control wasDerivedFrom Computer_access_control?oldid=600556374.
• Computer_access_control isPrimaryTopicOf Computer_access_control.