ISSAP – Access Control Systems & Methodology

Access Control Concepts

  • DAC
  • DAC Implementation Strategies
  • Non-discretionary Access Control
  • MAC
  • Least Privilege
  • Separation of Duties
  • Architectures

Authentication, Authorization, and Accounting (AAA)

  • Centralized Access Control
  • Common Implementations
    • Design Considerations
  • Decentralized Access Control
    • Design Considerations
  • Federated AC
    • Design Considerations
  • Directories and Access Control
    • Design Considerations
  • Identity Management
  • Accounting

Access Control Administration & Management Concepts

  • Access Control Administration
  • Database Access
  • Inherent Rights
  • Granted Rights
  • Change of Privilege Levels
  • Groups
  • Role Based
  • Task Based
  • Dual Control
  • Location
  • Topology
  • Subnet
  • Geographical Considerations
  • Device Type
  • Authentication
  • Strengths and Weaknesses of Authentication Tools
  • Token-Based Authentication Tools
  • Common Issues with Token Management
  • Biometric Authentication Tools
  • Performance characteristics
  • Implementation Considerations
  • Fingerprints
  • Hand Geometry
  • Iris
  • Retina
  • Facial Recognition
  • Authentication Tool Considerations
  • Design Validation
  • Architecture Effectiveness Assurance
  • Testing Strategies
  • Testing Objectives
  • Testing Paradigms
  • Repeat ability
  • Methodology
  • Developing Test Procedures
  • Risk-Based Considerations

 

Leave Comment

Your email address will not be published. Required fields are marked *

UA-46837009-1