Computer Security Resource Center

Computer Security Resource Center

Computer Security
Resource Center

Projects

Showing 6 matching records.
Access Control Policy and Implementation Guides ACP&IG
Adequate security of information and information systems is a fundamental management responsibility. Nearly all applications that deal with financial, privacy, safety, or defense include some form of access (authorization) control. Access control is...
Access Control Policy Testing ACPT
Access control systems are among the most critical security components. Faulty policies, misconfigurations, or flaws in software implementation can result in serious vulnerabilities. The specification of access control policies is often a challenging...
Apple macOS Security Configuration APPLE-OS
CSD’s macOS security configuration team is working to develop secure system configuration baselines supporting different operational environments for Apple macOS version 10.12, “Sierra.” These configuration guidelines will assist organizations with...
Attribute Based Access Control ABAC
The concept of Attribute Based Access Control (ABAC) has existed for many years. It represents a point on the spectrum of logical access control from simple access control lists to more capable role-based access, and finally to a highly flexible method...
Policy Machine PM
A primary objective of enterprise computing (via a data center, cloud, etc.) is the controlled delivery of data services (DSs) to its users. Typical DSs include applications such as email, workflow management, enterprise calendar, and records management...
Role Based Access Control RBAC
One of the most challenging problems in managing large networks is the complexity of security administration. Role based access control (RBAC) (also called "role based security"), as formalized in 1992 by David Ferraiolo and Rick Kuhn, has...