Systems-specific policy (syssp), Computer Network Security

Assignment Help:

Systems-Specific Policy (SysSP)

SysSPs are codified as standards and procedures which are used when configuring or maintaining systems. Systems specific policies fall into 2 groups:-


•Access Control Lists (ACLs) is a list of access rights which is used to determine who may access an object which it controls.
•Configuration rules is a specific codes entered into security systems to guide exection

The Microsoft Windows and Novell Netware 5.x/6.x families translate ACLs into configurations which are used to control access. ACLs allow configuration to restrict access from anyone.

An access control list is the list of permissions which is attached to an object. The list specifies who or what is allowed to access object and what operations are allowed to be performed on object.

Access Control List (ACL)

- Include user access lists, matrices, and capability tables which govern rights and privileges
- Can control access to file storage systems, object brokers or other network communications devices
-ACLs enable administrations to restrict access in accordance to user, computer, time, duration, etc.
-Capability Table: similar method which specifies which  subjects and objects users or groups can access
-Specifications are frequently complex matrices, instead of simple lists or tables
Rule policies are specific to operation of a system than ACLs. Several security systems require specific configuration scripts telling systems what actions to perform on each set of information which they process.

Configuration rules
-Specific configuration codes entered into security systems to guide execution of system when the information is passing through it
-Rule based policies are more specific to system operation than ACLs and can or cannot deal with users directly
-A number of security systems require specific configuration scripts telling systems what actions to perform on each set of information processed


Related Discussions:- Systems-specific policy (syssp)

Mitigate risks in an information security management system, Question: ...

Question: (a) What are the various options to mitigate risks in an Information Security Management System (ISMS)? For each option specify an instance where it can be used.

Cracking the Vigenere Cipher, The following message was enciphered with a V...

The following message was enciphered with a Vigenère cipher. aikiaawgfspxeppvjabjnivulfznzvkrlidamsmyamlvskniyffdpbwtnxsvvbtnamvltsefoeycztkomylmerkwrs deusjgecmzkwvnreeyp

Keystroke-based access control model, Suppose you are working for one of th...

Suppose you are working for one of the leading credit reporting agencies that manages users' credit rating info with different financial institutions.  The company wishes to implem

Draw the waveform for an asynchronous transmission, QUESTION: (a) For ...

QUESTION: (a) For the bit stream 010011, sketch the waveforms for each of the code indicated. Assume that the signal level for a space in NRZ-L is positive; the signal level f

Explain what is software debouncing, Question : (a) How does a 2-key r...

Question : (a) How does a 2-key rollover differ from the N-key rollover? (b) Why is isolation so important in interfacing? (c) Explain what is software debouncing.

Fragmentation format, FRAGMENTATION Fragmentation information is kept...

FRAGMENTATION Fragmentation information is kept in different extension header.  Every fragment has base header and fragmentation header. Whole datagram including original hea

Implement security measures, Problem (a) Give two reasons for companie...

Problem (a) Give two reasons for companies to implement security measures. (b) What is the regulatory expectation regarding i. healthcare information, ii. financial

Fragmentation, FRAGMENTATION One method is to limit datagram size to s...

FRAGMENTATION One method is to limit datagram size to smallest MTU of any server. IP needs fragmentation i.e. datagrams can be divided into pieces to fit in network with small

Ipv6 addressing, IPv6 ADDRESSING IPv6 has 128-bit addresses. A 128-bit...

IPv6 ADDRESSING IPv6 has 128-bit addresses. A 128-bit address adds network prefix and host suffix. An benefit of IPv6 addressing is that there is address classes i.e. prefix/s

Describe how lower bounds on arc flows, QUESTION: (a) Suppose the graph ...

QUESTION: (a) Suppose the graph below, use the Flow Decomposition method to list the cycles and paths produced. (b) Describe how Lower Bounds on Arc Flows are eliminated

Write Your Message!

Captcha
Free Assignment Quote

Assured A++ Grade

Get guaranteed satisfaction & time on delivery in every assignment order you paid with us! We ensure premium quality solution document along with free turntin report!

All rights reserved! Copyrights ©2019-2020 ExpertsMind IT Educational Pvt Ltd