Logical access control
Encyclopedia
Logical access controls are tools used for identification
, authentication
, authorization
, and accountability
in computer
information system
s. They are components that enforce access control
measures for systems, programs, processes, and information. Logical access controls can be embedded within operating system
s, application
s, add-on
security packages, or database and telecommunication management systems.
Logical access control can be contrasted with physical access control (an example of which is a mechanical lock and key
controlling access to a room), but the line between the two can be blurred when physical access
is controlled by software. For example, entry to a room may be controlled by a chip and PIN
card and an electronic lock
controlled by software. Only those in possession of an appropriate card, with an appropriate security level and with knowledge of the PIN
are permitted entry to the room. On swiping the card into a card reader
and entering the correct PIN, the user's security level is checked against a security database and compared to the security level required to enter the room. If the user meets the security requirements, entry is permitted. Having logical access controlled centrally in software allows a user's physical access permissions to be rapidly amended or revoked.
Identification
Identification or Identify may refer to:* Body identification* Combat Identification* Eyewitness identification* Forensic identification* Gender identity* Hazard Identification...
, authentication
Authentication
Authentication is the act of confirming the truth of an attribute of a datum or entity...
, authorization
Authorization
Authorization is the function of specifying access rights to resources, which is related to information security and computer security in general and to access control in particular. More formally, "to authorize" is to define access policy...
, and accountability
Accountability
Accountability is a concept in ethics and governance with several meanings. It is often used synonymously with such concepts as responsibility, answerability, blameworthiness, liability, and other terms associated with the expectation of account-giving...
in computer
Computer
A computer is a programmable machine designed to sequentially and automatically carry out a sequence of arithmetic or logical operations. The particular sequence of operations can be changed readily, allowing the computer to solve more than one kind of problem...
information system
Information system
An information system - or application landscape - is any combination of information technology and people's activities that support operations, management, and decision making. In a very broad sense, the term information system is frequently used to refer to the interaction between people,...
s. They are components that enforce access control
Access control
Access control refers to exerting control over who can interact with a resource. Often but not always, this involves an authority, who does the controlling. The resource can be a given building, group of buildings, or computer-based information system...
measures for systems, programs, processes, and information. Logical access controls can be embedded within operating system
Operating system
An operating system is a set of programs that manage computer hardware resources and provide common services for application software. The operating system is the most important type of system software in a computer system...
s, application
Application
Application may refer to:* Application for employment* Application software* Function application in mathematics and computer science...
s, add-on
Add-on
Add-on might mean:* Plug-in , a piece of software which enhances another software application and usually cannot be run independently** Browser extension, which modifies the interface and/or behavior of web browsers...
security packages, or database and telecommunication management systems.
Logical access control can be contrasted with physical access control (an example of which is a mechanical lock and key
Lock and Key
Lock and Key is a novel written by author Sarah Dessen. It is her 8th published novel. It was published by Viking's Children's Books in 2008.-Plot:...
controlling access to a room), but the line between the two can be blurred when physical access
Physical access
Physical access is a term in computer security that refers to the ability of people to physically gain access to a computer system. According to Gregory White, "Given physical access to an office, the knowledgeable attacker will quickly be able to find the information needed to gain access to the...
is controlled by software. For example, entry to a room may be controlled by a chip and PIN
Chip and PIN
Chip and PIN is the brandname adopted by the banking industries in the United Kingdom and Ireland for the rollout of the EMV smartcard payment system for credit, debit and ATM cards.- History :...
card and an electronic lock
Electronic lock
An electronic lock is a locking device which operates by means of electric current. Electric locks are sometimes stand-alone with an electronic control assembly mounted directly to the lock. More often electric locks are connected to an access control system...
controlled by software. Only those in possession of an appropriate card, with an appropriate security level and with knowledge of the PIN
PIN
PIN may be an abbreviation for:* Personal identification number, a password used to access an automated teller machine or other secured system** Blackberry PIN, an eight character hexadecimal identification number assigned to a BlackBerry device...
are permitted entry to the room. On swiping the card into a card reader
Card reader
A card reader is a data input device that reads data from a card-shaped storage medium. Historically, paper or cardboard punched cards were used throughout the first several decades of the computer industry to store information and programs for computer system, and were read by punched card readers...
and entering the correct PIN, the user's security level is checked against a security database and compared to the security level required to enter the room. If the user meets the security requirements, entry is permitted. Having logical access controlled centrally in software allows a user's physical access permissions to be rapidly amended or revoked.
External links
- http://www.totse.com/en/privacy/encryption/hk_acces.html
- http://www.rsa.com/glossary/default.asp?id=1069