Chapter 5 - Corporate Computer
Security- solution guide
access control - ANS-the policy driven control of access to systems, data, and
dialogues.
policy - ANS-central to access control
authentication, authorizations, and auditing - ANS-three functions of access control
authentication - ANS-the process of assessing the identity of each individual claiming to
have permission to use a resource
supplicant - ANS-person or process requesting access
verifier - ANS-person or process providing admission
credentials - ANS-the supplicant authenticates himself, herself, or itself to the verifier by
sending:
authorizations - ANS-Specific permissions that a particular authenticated user should
have, given his or her authenticated identity.
auditing - ANS-collecting information about an individual's activities log files
what you know (a password or private key
what you have (a physical key or smart card)