Systems-specific policy (syssp), Computer Network Security

Assignment Help:

Systems-Specific Policy (SysSP)

SysSPs are codified as standards and procedures which are used when configuring or maintaining systems. Systems specific policies fall into 2 groups:-


•Access Control Lists (ACLs) is a list of access rights which is used to determine who may access an object which it controls.
•Configuration rules is a specific codes entered into security systems to guide exection

The Microsoft Windows and Novell Netware 5.x/6.x families translate ACLs into configurations which are used to control access. ACLs allow configuration to restrict access from anyone.

An access control list is the list of permissions which is attached to an object. The list specifies who or what is allowed to access object and what operations are allowed to be performed on object.

Access Control List (ACL)

- Include user access lists, matrices, and capability tables which govern rights and privileges
- Can control access to file storage systems, object brokers or other network communications devices
-ACLs enable administrations to restrict access in accordance to user, computer, time, duration, etc.
-Capability Table: similar method which specifies which  subjects and objects users or groups can access
-Specifications are frequently complex matrices, instead of simple lists or tables
Rule policies are specific to operation of a system than ACLs. Several security systems require specific configuration scripts telling systems what actions to perform on each set of information which they process.

Configuration rules
-Specific configuration codes entered into security systems to guide execution of system when the information is passing through it
-Rule based policies are more specific to system operation than ACLs and can or cannot deal with users directly
-A number of security systems require specific configuration scripts telling systems what actions to perform on each set of information processed


Related Discussions:- Systems-specific policy (syssp)

Analysis phase in the building-block approach, QUESTION: a) Explain fou...

QUESTION: a) Explain four issues that are generally addressed in the Needs Analysis phase in the building-block approach to network design. b) Sketch a typical hybrid star-b

Explain the dimension of service quality, Problem 1: Discuss how TWO of...

Problem 1: Discuss how TWO of the following gurus have contributed to the Quality Movement, highlighting the major points of their philosophies: (a) Edward Deming (b) Jose

Fragmentation, FRAGMENTATION One method is to limit datagram size to s...

FRAGMENTATION One method is to limit datagram size to smallest MTU of any server. IP needs fragmentation i.e. datagrams can be divided into pieces to fit in network with small

Pseudonymous remailers and cypherpunk remailers, Problem (a) As a fore...

Problem (a) As a forensic investigator, you are needed to trace the source of an email. It is suspected that the email header has been forged. Show how you would proceed to

Topology, What is the concept of topology?

What is the concept of topology?

Implement security measures, Problem (a) Give two reasons for companie...

Problem (a) Give two reasons for companies to implement security measures. (b) What is the regulatory expectation regarding i. healthcare information, ii. financial

Computer adaptive test, Project Name : Computer Adaptive Test Role ...

Project Name : Computer Adaptive Test Role : Day to Day interaction with Client. Involved in Requirement Gathering, Estimation.Involved with Stellent design and architectur

Ring topology, RING topology all computers are connected in loop. A ring ...

RING topology all computers are connected in loop. A ring topology is a network topology in which every node connects to exactly two other devices, forming a single continuous pa

Hashing, Hashing is the transformation of a string of characters into a g...

Hashing is the transformation of a string of characters into a generally shorter fixed-length key or a value that presents the original string. Hashing is used to index and retri

Encapsulation, ENCAPSULATION Network interface layer adds IP datagram ...

ENCAPSULATION Network interface layer adds IP datagram as data area in hardware frame. Hardware ignores IP datagram message format. Standards for encapsulation defines details

Write Your Message!

Captcha
Free Assignment Quote

Assured A++ Grade

Get guaranteed satisfaction & time on delivery in every assignment order you paid with us! We ensure premium quality solution document along with free turntin report!

All rights reserved! Copyrights ©2019-2020 ExpertsMind IT Educational Pvt Ltd