Term
|
Definition
| The mechanism used in an information system for granting or denying approval to use specific resources. |
|
|
Term
| access control list (ACL) |
|
Definition
| A set of permissions that is attached to an object. |
|
|
Term
|
Definition
| A predefined framework found in hardware and software that a custodian can use for controlling access. |
|
|
Term
|
Definition
| The process of setting a user |
|
|
Term
| Discretionary Access Control (DAC) |
|
Definition
| The least restrictive access control model in which the owner of the object has total control over it. |
|
|
Term
| Extended TACACS (XTACACS) |
|
Definition
| The second version of the Terminal Access Control Access Control System (TACACS) authentication service. |
|
|
Term
|
Definition
| A Microsoft Windows feature that provides centralized management and configuration of computers and remote users. |
|
|
Term
|
Definition
| Rejecting access unless a condition is explicitly met. |
|
|
Term
|
Definition
| The act of moving individuals from one job responsibility to another. |
|
|
Term
|
Definition
| An authentication system developed by the Massachusetts Institute of Technology (MIT) and used to verify the identity of networked users. |
|
|
Term
|
Definition
| An attack that constructs LDAP statements based on user input statements, allowing the attacker to retrieve information from the LDAP database or modify its content. |
|
|
Term
|
Definition
| Providing only the minimum amount of privileges necessary to perform a job or function. |
|
|
Term
| Lightweight Directory Access Protocol (LDAP) |
|
Definition
| A protocol for a client application to access an X.500 directory. |
|
|
Term
| Mandatory Access Control (MAC) |
|
Definition
| The most restrictive access control model, typically found in military settings in which security is of supreme importance. |
|
|
Term
|
Definition
| Requiring that all employees take vacations. |
|
|
Term
| Remote Authentication Dial In User Service (RADIUS) |
|
Definition
| An industry standard authentication service with widespread support across nearly all vendors of networking equipment. |
|
|
Term
| Role Based Access Control (RBAC) |
|
Definition
|
|
Term
| Rule Based Access Control (RBAC) |
|
Definition
| An access control model that can dynamically assign roles to subjects based on a set of rules defined by a custodian. |
|
|
Term
|
Definition
| LDAP traffic over Secure Sockets Layer (SSL) or Transport Layer Security (TLS). |
|
|
Term
| Security Assertion Markup Language (SAML) |
|
Definition
| An Extensible Markup Language (XML) standard that allows secure web domains to exchange user authentication and authorization data. |
|
|
Term
|
Definition
| The practice of requiring that processes should be divided between two or more individuals. |
|
|
Term
|
Definition
| The current version of the Terminal Access Control Access Control System (TACACS) authentication service. |
|
|
Term
| Terminal Access Control Access Control System (TACACS) |
|
Definition
| An authentication service commonly used on UNIX devices that communicates by forwarding user authentication information to a centralized server. The current version is TACACS+. |
|
|
Term
|
Definition
| Limitation imposed as to when a user can log in to a system or access resources. |
|
|
