Remote Access Control Policy Definition Assignment

Remote Access Control Policy Definition Assignment

Richman Investments has decided to expand their business. We have been given their new growth projections of 10,000 employees in 20 countries, with 5,000 located within the U.S. Richman has also established eight branch offices located throughout the U.S. and has designated Phoenix, AZ being the main headquarters. With this scenario, I intend to design a remote access control policy for all systems, applications and data access within Richman Investments.

With so many different modes of Access Control to choose from it is my assessment that by choosing only one model would not be appropriate for Richman Investments. My recommendation would be a combination of multiple Access Control Models that overlap to provide maximum coverage and overall security. Here are my suggestions for access controls.

Role Based Access Control or RBAC, this will work well with the Non-Discretionary Access Control model, which will be detailed in the next paragraph. RBAC is defined as setting permissions or granting access to a group of people with the same job roles or responsibilities . With many different locations along with many different users it is important to identify the different users and different workstations within this network.

Every effort should be dedicated towards preventing user to access information they should not have access to. Non-Discretionary Access Control is defined as controls that are monitored by a security administrator. While RBAC identifies those with permissions, it is a security administrator that should further identify the level of access to each Role that is created. The security administrator should also designate certain users or workstations access to the information available within the network.

Rule Based Access Control can also be linked to the first two models detailed in the paper (RBAC and Non-Discretionary), and is similar to RBAC. Rule Based Access Control is a set of rules to determine which users have access to what data. Within each Role Based Access Control security can be further refined by applying Rules. These rules will be defined by the security administrator as part of the Non-Discretionary Access Control model.

Constrained User Interface incorporates similar concepts of two other access control models that have been detailed, Role Base and Rule Base. Constrained User Interface is defined as a user’s ability to get into certain resources based on the user’s rights and privileges. These rights and privileges are restricted and constrained on the asset they are attempting to access. While this requires many levels of protection it provides limitations on the request access to the resources available within the organization.

Another example of a access control model that can be applied in this situation is known as the Clark and Wilson Integrity Model. This model provides improvements from the Biba Integrity Model of access control. Developed by David Clark and David Wilson, the mode concentrates on what happens when a user tries to do things they are not permitted to do, which was one flaw of the Biba Integrity Model . The other flaw that was addressed was the model also reviews internal integrity threats .

There are 3 key elements of the Clark and Wilson integrity model; the first it stops unauthorized users from making changes within the system. The second, it stops authorized users from making improper changes, and the third, it maintains consistency both internally and externally . Within the Clark and Wilson model a user’s access is controlled by permissions, specifically to execute programs with authorized users having access to programs that allow changes.

While some of these models are similar they work best when working with each other. By providing multiple models of access controls within the network it will provide a more robust coverage of access control. It would not be beneficial to utilize only one access control model as there can be flaws and vulnerabilities for a single access control mode. REFERENCES:

Kim, D., & Solomon, M. G. (2012). Fundamentals of Information Systems SecuritY. Sudbury: Jones & Bartlett Learning.

Get Assignment Help Services with StudyAcer.

StudyAcer
Calculate your paper price
Pages (550 words)
Approximate price: -

Why Work With StudyAcer

StudyAcer

Quality Researched Papers

We always make sure that writers follow all your instructions precisely. You can choose your academic level: high school, college/university or professional, and we will assign a writer who has a respective degree.

StudyAcer

Qualified Writers

We have hired a team of professional writers experienced in academic and business writing. Most of them are native speakers and PhD holders able to take care of any assignment you need help with.

StudyAcer

Unlimited Revisions

If you think we missed something, send your order for a free revision. You have 10 days to submit the order for review after you have received the final document. You can do this yourself after logging into your personal account.

StudyAcer

Prompt Delivery

All papers are always delivered on time. In case we need more time to master your paper, we may contact you regarding the deadline extension. We will always strive to deliver on time.

StudyAcer

Original & Confidential

We use several writing tools checks to ensure that all documents you receive are free from plagiarism. Our editors carefully review all quotations in the text.

StudyAcer

24/7 Customer Support

Our support agents are available 24 hours a day 7 days a week and committed to providing you with the best customer experience. Get in touch whenever you need any assistance.

Try it now!

Calculate the price of your order

Total price:
$0.00

How it works?

Follow these simple steps to get your paper done

StudyAcer

Place your order

Fill in the order form and provide all details of your assignment.

StudyAcer

Proceed with the payment

Choose the payment system that suits you most.

StudyAcer

Receive the final file

Once your paper is ready, we will email it to you.

StudyAcer Services

No need to work on your paper at night. Sleep tight, we will cover your back. We offer all kinds of writing services.

StudyAcer StudyAcer

Essays

Essay Writing Service

No matter what kind of academic paper you need and how urgent you need it, you are welcome to choose your academic level and the type of your paper at an affordable price. We take care of all your paper needs and give a 24/7 customer care support system.

StudyAcer StudyAcer

Admissions

Admission Essays

An admission essay is an essay or other written statement by a candidate, often a potential student enrolling in a college, university, or graduate school. You can be rest assurred that through our service we will write the best admission essay for you.

StudyAcer StudyAcer

Reviews

Editing Support

Our academic writers and editors make the necessary changes to your paper so that it is polished. We also format your document by correctly quoting the sources and creating reference lists in the formats APA, Harvard, MLA, Chicago / Turabian.

StudyAcer StudyAcer

Reviews

Revision Support

If you think your paper could be improved, you can request a review. In this case, your paper will be checked by the writer or assigned to an editor. You can use this option as many times as you see fit. This is free because we want you to be completely satisfied.