Computer Security Resource Center

Computer Security Resource Center

Computer Security
Resource Center

Projects

Showing 6 matching records.
Access Control Policy and Implementation Guides ACP&IG
Adequate security of information and information systems is a fundamental management responsibility. Nearly all applications that deal with financial, privacy, safety, or defense include some form of access (authorization) control. Access control is concerned with determining the allowed activities of legitimate users, mediating every attempt by a user to access a resource in the system. In some systems, complete access is granted after s successful authentication of the user, but most...
Access Control Policy Testing ACPT
Access control systems are among the most critical security components. Faulty policies, misconfigurations, or flaws in software implementation can result in serious vulnerabilities. The specification of access control policies is often a challenging problem. Often a system’s privacy and security are compromised due to the misconfiguration of access control policies instead of the failure of cryptographic primitives or protocols. This problem becomes increasingly severe as software systems...
Apple macOS Security Configuration APPLE-OS
CSD’s macOS security configuration team is working to develop secure system configuration baselines supporting different operational environments for Apple macOS version 10.12, “Sierra.” These configuration guidelines will assist organizations with hardening macOS technologies and provide a basis for unified controls and settings for federal macOS workstation and mobile system security configurations. The configurations are based on a collection of resources, including the existing NIST macOS...
Attribute Based Access Control ABAC
The concept of Attribute Based Access Control (ABAC) has existed for many years. It represents a point on the spectrum of logical access control from simple access control lists to more capable role-based access, and finally to a highly flexible method for providing access based on the evaluation of attributes.In November 2009, the Federal Chief Information Officers Council (Federal CIO Council) published the Federal Identity, Credential, and Access Management (FICAM) Roadmap and...
Policy Machine PM
A primary objective of enterprise computing (via a data center, cloud, etc.) is the controlled delivery of data services (DSs) to its users. Typical DSs include applications such as email, workflow management, enterprise calendar, and records management, as well as system level features, such as file, access control and identity management. Although access control (AC) currently plays an important role in securing DSs, if properly designed, AC can be more fundamental to computing than one...
Role Based Access Control RBAC
One of the most challenging problems in managing large networks is the complexity of security administration. Role based access control (RBAC) (also called "role based security"), as formalized in 1992 by David Ferraiolo and Rick Kuhn, has become the predominant model for advanced access control because it reduces this cost.  This project site explains RBAC concepts, costs and benefits, the economic impact of RBAC, design and implementation issues, the RBAC standard, and...