Chapter 10 Flashcards
access control model
Specifies methodologies by which admission to physical
areas and, more importantly, computer systems, is managed and organized.
discretionary access control (DAC)
access control policy generally determined by
the owner.
Trusted Computer System Evaluation Criteria (TCSEC)
A DoD standard that sets basic
requirements for assessing the effectiveness of computer security access policies.
role-based access control (RBAC)
An access model that works with sets of permissions,
instead of individual permissions that are label-based.
least privilege
When a user is given only the amount of privileges needed to do his job.
CAPTCHA
A type of challenge-response mechanism used primarily in websites to tell
whether or not the user is human.