5.0 Access Control and Identity Management

5.2 Given a scenario, select the appropriate authentication, authorization or access control.

• Identification vs. authentication vs. authorization
  
  
  
• Authorization
  
  
  • Least privilege
    
    
  • Separation of duties
    
    
  • ACLs
    
    

    In computer security, an access control list (ACL) is a list of permissions attached to an object. The list specifies who or what is allowed to access the object and what operations are allowed to be performed on the object.

    • More From Wikipedia
    
    
    
  • Mandatory access control
    
    
  • Discretionary access control
    
    
  • Rule-based access control
    
    
  • Role-based access control
    
    
  • Time of day restrictions
    
    
  
  
• Authentication
  
  
  • Tokens
    
    
  • Common access card
    
    
  • Smart card
    
    
  • Multifactor authentication
    
    
  • TOTP
    
    
  • HOTP
    
    
  • CHAP
    
    
  • PAP
    
    
  • Single sign-on
    
    
  • Access control
    
    
  • Implicit deny
    
    
  • Trusted OS
    
    
  
  
• Authentication factors
  
  
  • Something you are
    
    
  • Something you have
    
    
  • Something you know
    
    
  • Somewhere you are
    
    
  • Something you do
    
    
  
  
• Identification
  
  
  • Biometrics
    
    

    Biometrics verifies an individuals identity by analyzing a physical trait of the individual.

    • More From Wikipedia
    
    
    
  • Personal identification verification card
    
    
  • Username
    
    
  
  
• Federation
  
  
  
• Transitive trust/authentication