Control de Acceso
Panorama
Imagen tomada de:
InfoSec México
InfoSec México
El Control de Acceso es un servicio de seguridad, aunque propiamente no puede ser garantizado con el uso de Criptografía, pero es tan importante como los otros servicios. El Control de Acceso permite tener la garantía de que sólo las entidades autorizadas obtendrán acceso a los recursos, es decir, todas aquellas personas que tengan los privilegios necesarios podrán tener acceso a los mismos. El Control de Acceso se clasifica en dos tipos: el control de acceso físico y el control de acceso lógico.
Existen diversos esquemas o políticas de control de acceso, éstas se emplean de acuerdo a las necesidades o recursos que se desean proteger. Entre estos modelos se encuentran: BIBA, RBAC, Willson & Clark, Bell y LaPadula, etc. Cada uno tiene diferentes objetivos, así como diferentes reglas.
Publicaciones
Español
- Análisis Formal del Estándar NIST para Modelos RBAC
- Autenticación y control de acceso Seguridad en Redes de Ordenadores
- Estándares de seguridad basados en XML para servicios web y web semántica
- Un modelo de control de acceso basado en la semántica
Inglés
- A Calculus for Access Control in Distributed Systems
- A Contextual Annotation-based Access Control Model for Pervasive Environments
- A Mandatory Access Control Policy Model for Information Security Requeriments
- A Recommendation for the Use of PIV Credentials in Physical Access Control Systems (PACS)
- A Revised Model For Role-Based Access Control
- A Secure Solution for Commercial Digital Libraries
- A Semantic Access Control Model for Grid Services
- A Semantic Context-Aware Access Control Framework for Secure Collaborations in Pervasive Computing Environments
- About Integrity In Security Models
- Access Control
- Access Control and Operating System Security
- Access Control and Operating System Security
- Access Control Infrastructure for Digital Objects
- Access Control Methodologies
- Access Control Methods
- Access Control: Policies, Models, and Mechanisms
- Access Control: Theory and Practice
- An Access Control Model in a Semantic Data Structure: Case Process Modelling of a Bleaching Line
- Application of XML Tools for Enterprise-Wide RBAC Implementation Tasks
- Applying the Semantic Web Layers to Access Control
- Assessment of Access Control Systems
- Authentication Mechanisms for Physical Access Control
- Authentication, Access Control, and Audit
- Bell-LaPadula Model
- Bell-LaPadula Model
- Biba Integrity Model
- Biba Integrity Model
- Biba Security Model Comparison
- Business Process Driven Framework for defining an Access Control Service based on Roles and Rules
- Configuring Role-Based Access Control to Enforce Mandatory and Discretionary Access Control Policies
- Context-Aware Access Control for Collaborative Working Environments Based on Semantic Social Networks
- Context-Dependent Access Control for Contextual Information
- CS 665: Computer System Security
- DAC vs. MAC
- Distributed system for access control to physical resources based on qualifications
- Enforcing Access Control in Social Network Sites
- FIPS 201 and Physical Access Control
- Flexible Access Control for Dynamic Collaborative Environments
- From a Formal Privacy Model to its Implementation
- GUIDELINES ON ACCESS CONTROL, SCREENING & MONITORING
- Hybrid Multi-module Security Policy Verification
- Information Security Architecture-Context Aware Access Control Model for Educational Applications
- Inheritance Properties Of Role Hierarchies
- Integrity Policies
- Introduction to Computer Security - Bell LaPadula
- Mandatory Access Control
- Mandatory Access Control
- Mandatory Flow Control Models
- Methods for Access Control: Advances and Limitations
- Operating System Security - Control Access Models
- Paradigm Regained: Abstraction Mechanisms for Access Control
- Personal Identity Verification (PIV) of Federal Employees and Contractors
- Policies, Models, and Languages for Access Control
- Policy-based Hybrid Management Architecture for IP-based VPN
- Reflective Enforcement of the Clark-Wilson Integrity Model
- Role Based Access Control on MLS System without Kernel Changes
- Role Hierarchies and Constraints for Lattice-Based Access Controls
- Role-Based Access Control Features in Commercial Database Management Systems
- Role-Based Access Control Models
- Role-Based Access Controls
- Rule-Set Modeling of a Trusted Computer System
- Secure Computer Systems: Mathematical Foundations
- Secure Content Distribution for Digital Libraries
- Security Architecture Model Component Overview
- Security Models
- Security Models
- Security Models and Architecture
- Security Policies
- Semantic Access Control
- Semantic Access Control Model: A Formal Specification
- Specification and Validation of Enterprise Access Control Data for Conformance to Model and Policy Constraints
- The Bell-LaPadula Model
- The Complexity of Discretionary Access Control
- The Constitutionality of Mandated Access Control: A Model
- The Economic Impact of Role-Based Access Control
- The Evolution of Access Control Models
- Trusted Computer System Evaluation Criteria
- Usable Access Control for the WorldWideWeb
- Verification of an Integrated Role-Based Access Control Model
- XML-based Distributed Access Control System
Inglés
- CyberCIEGE Scenario Illustrating Secrecy Issues Through Mandatory and Discretionary Access Control Policies in a Multi-Level Security Network, Robert L. LaMore
- Electronic Access Control, Gerard Honey
- Role-based access control, David Ferraiolo, D. Richard Kuhn, Ramaswamy Chandramouli
- Security, ID Systems and Locks, Joel Konicek, Karen Little
