{ "@context": "https://schema.org", "@type": "Organization", "name": "Brainscape", "url": "https://www.brainscape.com/", "logo": "https://www.brainscape.com/pks/images/cms/public-views/shared/Brainscape-logo-c4e172b280b4616f7fda.svg", "sameAs": [ "https://www.facebook.com/Brainscape", "https://x.com/brainscape", "https://www.linkedin.com/company/brainscape", "https://www.instagram.com/brainscape/", "https://www.tiktok.com/@brainscapeu", "https://www.pinterest.com/brainscape/", "https://www.youtube.com/@BrainscapeNY" ], "contactPoint": { "@type": "ContactPoint", "telephone": "(929) 334-4005", "contactType": "customer service", "availableLanguage": ["English"] }, "founder": { "@type": "Person", "name": "Andrew Cohen" }, "description": "Brainscape’s spaced repetition system is proven to DOUBLE learning results! Find, make, and study flashcards online or in our mobile app. Serious learners only.", "address": { "@type": "PostalAddress", "streetAddress": "159 W 25th St, Ste 517", "addressLocality": "New York", "addressRegion": "NY", "postalCode": "10001", "addressCountry": "USA" } }

Q4 Access Control Models Flashcards

(6 cards)

1
Q

Discuss the pros of DAC

A

▪ Flexibility: Users have significant control over the permissions of resources they own, making it easy for individuals or small groups to manage their own data sharing.
▪ Ease of Use: DAC models, like Unix permissions, are relatively simple to understand and manage at a basic level for resource owners.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Discuss the cons of DAC

A

▪ Less Secure: Users can grant excessive permissions, potentially accidentally or maliciously, leading to unauthorized access or propagation of malware (“Trojan Horse” problem). The security depends heavily on the vigilance and correctness of individual users.
▪ No Strict Information Flow Control: It’s difficult to guarantee strict policies about how information flows through the system based on sensitivity.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Discuss the pros of MAC

A

▪ Higher Security Assurance: Provides stronger guarantees about security policies and information flow because access is controlled by system-wide rules based on labels and clearances, not user discretion. This helps prevent unauthorized information disclosure or modification.
▪ Stronger Policy Enforcement: Policies are centrally defined and enforced by the system, preventing users from making mistakes or deliberately undermining security.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Discuss the cons of MAC

A

▪ Less Flexible: Can be very rigid and difficult to adapt to dynamic or varied access needs compared to DAC.
▪ Complexity: Implementing and managing MAC systems is significantly more complex, requiring careful labeling of all objects and subjects, and defining system-wide policies. This often requires expert administrators.
▪ User Burden: Users might find MAC systems cumbersome if their workflows are restricted by the strict policies, and they cannot easily share resources outside predefined rules.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

What is Discretionary Access Control?

A

Access based on identity of user
Users can often pass permissions on to others.
Subject-centered.
Unix/Linux (Example).

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

What is Mandatory Access Control?

A

Access based on sensitivity labels assigned to objects
Formal auth assigned to subjects.
System enforces the policy, and users cannot override it or pass on access.
Object-centered.
SELinux (example).

How well did you know this?
1
Not at all
2
3
4
5
Perfectly