access-control - Concepts

Explore concepts tagged with "access-control"

Total concepts: 13

Concepts

Zero Trust - Security model that requires strict verification for every user and device, regardless of network location
Multi-Factor Authentication - A security method requiring two or more verification factors to prove identity before granting access.
Need-to-Know Principle - Security principle restricting information access to only those who require it for their specific duties
Role-Based Access Control - Access control method that assigns permissions to roles rather than individuals, simplifying security management
Authorization - The process of determining what actions or resources an authenticated entity is permitted to access
Least Privilege - The principle of giving users and systems only the minimum access rights needed to perform their tasks
Confused Deputy - A security vulnerability where a trusted program is tricked into misusing its authority on behalf of an attacker.
Separation of Duties - Security principle requiring multiple people to complete critical tasks, preventing fraud and errors by one individual
Two-Factor Authentication - A security process requiring exactly two different authentication factors to verify identity before granting access.
Four Eyes Principle - Control mechanism requiring two people to approve critical actions, preventing unilateral decisions
Insider Threat - Security risks originating from people within an organization who misuse their authorized access.
Privilege Escalation - Exploiting vulnerabilities to gain higher access levels than originally authorized.
Authentication - The process of verifying the identity of a user, device, or system before granting access

← Back to all concepts