Proper Security Of Information And Information Systems Essay

1087 Words Dec 9th, 2016 5 Pages
Proper security of information and information systems is a basic management responsibility. Nearly all applications that deal with financial, privacy, safety, or defense include some form of access control mechanism. Access control deals with determining the allowed activities of users or denying users from obtaining the use of information. In some systems, complete access is granted after successful authentication of the user, but most systems require more sophisticated and complex control. In addition to the authentication mechanism like a password, or different security measurer’s access control is concerned with how authorizations are structured and formatted. In some situations, authorization, may be based on the sensitivity level of various documents and the clearance level of the user accessing those documents. This function determines who is trusted to access certain documents.

For information technology, access control includes the authorization, authentication and check of a user trying to gain access. Access control samples must have a subject and an object. The subject is the human user that is the one trying to gain access to the object which is usually the software or network. In computer systems, an access control list contains a list of permissions and the individuals that these permissions apply to. This information can be viewed by only certain users and not by other personnel that are not allowed to view the information. This allows a security…

Related Documents