Identity Management

Alsmadi, Izzat

doi:10.1007/978-3-030-02360-7_12

Izzat Alsmadi²

1450 Accesses
2 Citations

Abstract

Access controls are considered as important security mechanisms. They usually target (authenticated users: Those users who can legally access subject information system or resource). This indicates that they typically come after an initial stage called (authentication). In authentication, the main goal is to decide whether a subject user, traffic, or request can be authenticated to access the information resource or not. As such authentication security control decision or output is a binary of either, yes (authenticated; pass-in), or no (unauthenticated; block). Access control or authorization is then considered the second stage in this layered security control mechanism. For example, it is important to decide whether subject user has a view/read, modify, execute, etc. type of permission or privilege on subject information resource. In this chapter, we will cover issues related to access controls in operating systems, databases, websites, etc.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution

Chapter: USD 29.95; Price excludes VAT (USA)

eBook: USD 79.99; Price excludes VAT (USA)

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Bibliography

Alsmadi I, Xu D (2015) Security of software defined networks: a survey. Comput Secur 53:79–108
Article Google Scholar
Cisco Knowledge Base (2018) Configuration of MAC based access control lists on ESW500 series switches. Article ID: 503. Cisco. https://sbkb.cisco.com/CiscoSB/GetArticle.aspx?docid=cbf8f6291d654ff1a840b0726680815c_MAC_Based_ACL_On_ESW_500_Series_Devices.xml&pid=2&converted=0
Domingo-Ferrer J (2009) Inference control in statistical databases. In: Encyclopedia of database systems. Springer, New York, pp 1472–1476
Google Scholar
Ghiglieri M (2017) Smart TV privacy risks and protection measures. Ph.D. Thesis, Technische Universität, Darmstadt
Google Scholar
NIST 2010. A report on: 2010 economic analysis of role-based access control. http://csrc.nist.gov/groups/SNS/rbac/documents/20101219_RBAC2_Final_Report.pdf
OWASP (2018) https://www.owasp.org/index.php/Access_Control_Cheat_Sheet#tab=Other_Cheatsheets

Download references

Author information

Authors and Affiliations

Texas A&M University, San Antonio, TX, USA
Izzat Alsmadi

Authors

Izzat Alsmadi
View author publications
You can also search for this author in PubMed Google Scholar

Rights and permissions

Reprints and permissions

Copyright information

About this chapter

Cite this chapter

Alsmadi, I. (2019). Identity Management. In: The NICE Cyber Security Framework. Springer, Cham. https://doi.org/10.1007/978-3-030-02360-7_12

Download citation

DOI: https://doi.org/10.1007/978-3-030-02360-7_12
Published: 25 January 2019
Publisher Name: Springer, Cham
Print ISBN: 978-3-030-02359-1
Online ISBN: 978-3-030-02360-7
eBook Packages: EngineeringEngineering (R0)

Publish with us

Policies and ethics