Richman Investments has decided to expand their business. We have been given their new growth projections of 10,000 employees in 20 countries, with 5,000 located within the U.S. Richman has also established eight branch offices located throughout the U.S. and has designated Phoenix, AZ being the main headquarters. With this scenario, I intend to design a remote access control policy for all systems, applications and data access within Richman Investments.
With so many different modes of Access Control to choose from it is my assessment that by choosing only one model would not be appropriate for Richman Investments. My recommendation would be a combination of multiple Access Control Models that overlap to provide maximum coverage and overall security. Here are my suggestions for access controls.
Role Based Access Control or RBAC, this will work well with the Non-Discretionary Access Control model, which will be detailed in the next paragraph. RBAC is defined as setting permissions or granting access to a group of people with the same job roles or responsibilities . With many different locations along with many different users it is important to identify the different users and different workstations within this network.
Every effort should be dedicated towards preventing user to access information they should not have access to. Non-Discretionary Access Control is defined as controls that are monitored by a security administrator. While RBAC identifies those with permissions, it is a security administrator that should further identify the level of access to each Role that is created. The security administrator should also designate certain users or workstations access to the information available within the network.
Rule Based Access Control can also be linked to the first two models detailed in the paper (RBAC and Non-Discretionary), and is similar to RBAC. Rule Based Access Control is a set of rules to determine which users have access to what data. Within each Role Based Access Control security can be further refined by applying Rules. These rules will be defined by the security administrator as part of the Non-Discretionary Access Control model.
Constrained User Interface incorporates similar concepts of two other access control models that have been detailed, Role Base and Rule Base. Constrained User Interface is defined as a user’s ability to get into certain resources based on the user’s rights and privileges. These rights and privileges are restricted and constrained on the asset they are attempting to access. While this requires many levels of protection it provides limitations on the request access to the resources available within the organization.
Another example of a access control model that can be applied in this situation is known as the Clark and Wilson Integrity Model. This model provides improvements from the Biba Integrity Model of access control. Developed by David Clark and David Wilson, the mode concentrates on what happens when a user tries to do things they are not permitted to do, which was one flaw of the Biba Integrity Model . The other flaw that was addressed was the model also reviews internal integrity threats .
There are 3 key elements of the Clark and Wilson integrity model; the first it stops unauthorized users from making changes within the system. The second, it stops authorized users from making improper changes, and the third, it maintains consistency both internally and externally . Within the Clark and Wilson model a user’s access is controlled by permissions, specifically to execute programs with authorized users having access to programs that allow changes.
While some of these models are similar they work best when working with each other. By providing multiple models of access controls within the network it will provide a more robust coverage of access control. It would not be beneficial to utilize only one access control model as there can be flaws and vulnerabilities for a single access control mode. REFERENCES:
Kim, D., & Solomon, M. G. (2012). Fundamentals of Information Systems SecuritY. Sudbury: Jones & Bartlett Learning.
Why Work With StudyAcer
Quality Researched Papers
We always make sure that writers follow all your instructions precisely. You can choose your academic level: high school, college/university or professional, and we will assign a writer who has a respective degree.
We have hired a team of professional writers experienced in academic and business writing. Most of them are native speakers and PhD holders able to take care of any assignment you need help with.
If you think we missed something, send your order for a free revision. You have 10 days to submit the order for review after you have received the final document. You can do this yourself after logging into your personal account.
All papers are always delivered on time. In case we need more time to master your paper, we may contact you regarding the deadline extension. We will always strive to deliver on time.
Original & Confidential
We use several writing tools checks to ensure that all documents you receive are free from plagiarism. Our editors carefully review all quotations in the text.
24/7 Customer Support
Our support agents are available 24 hours a day 7 days a week and committed to providing you with the best customer experience. Get in touch whenever you need any assistance.
Try it now!
How it works?
Follow these simple steps to get your paper done
Place your order
Fill in the order form and provide all details of your assignment.
Proceed with the payment
Choose the payment system that suits you most.
Receive the final file
Once your paper is ready, we will email it to you.
No need to work on your paper at night. Sleep tight, we will cover your back. We offer all kinds of writing services.
No matter what kind of academic paper you need and how urgent you need it, you are welcome to choose your academic level and the type of your paper at an affordable price. We take care of all your paper needs and give a 24/7 customer care support system.
An admission essay is an essay or other written statement by a candidate, often a potential student enrolling in a college, university, or graduate school. You can be rest assurred that through our service we will write the best admission essay for you.
Our academic writers and editors make the necessary changes to your paper so that it is polished. We also format your document by correctly quoting the sources and creating reference lists in the formats APA, Harvard, MLA, Chicago / Turabian.
If you think your paper could be improved, you can request a review. In this case, your paper will be checked by the writer or assigned to an editor. You can use this option as many times as you see fit. This is free because we want you to be completely satisfied.