Page 502 - StudyBook.pdf
P. 502
486 Chapter 8 • Infrastructure Security: System Hardening
Figure 8.1 File Security Steps
Evaluate the
Risk Authorization
Requirements
Decision on
Access
Method
DACL/ACL
creation
Document
Results
Notice it starts with the process of evaluating risk.That’s one of the key steps in
the hardening process, as the question will often arise as to what is secure enough?
That’s the role of the risk assessment in this process.As an example, your child’s
piggy bank may be protected by no more than a small lock hidden on the bottom.
While that’s suitable for your child’s change, you have probably noticed that your
bank has many more controls protecting you and their other customer’s assets. Risk
assessment works the same way in that the value of the asset will drive the process
of access control and what type of authorization will be needed to access the pro-
tected resource.
How Should We Work with File System Access?
Head of the Class… assigning access permissions. Administratively, however, it is difficult to
Despite the emphasis on group-based access permissions, a much higher
level of security can be attained in all operating platforms by individually
justify the expense and time involved in tracking, creating, and verifying
individual access permissions for thousands of users trying to access thou-
sands of individual resources. RBAC is a method that can be used to
accomplish the goal of achieving the status of least privileged access. It
requires more design and effort to start the implementation, but
develops a much higher level of control than does the use of groups.
Continued
www.syngress.com
