Access Control System In Bangladesh

By Author: abdullahcr7
Total Articles: 1
Comment this article

Security Access Control System
In-house systems used in today's enterprises allow multiple users to receive services simultaneously via a computer network. Therefore, even if you are not in the company, you can access the in-house system used in your company, and many people enjoy the convenience.
Of course, there are various threats on the Internet, so many companies will say that they are taking security measures against external access. However, that alone is not a perfect security measure for enterprise systems.
Therefore, it is essential to understand the common sense of internal system security, which is also the theme of this time. This time, after explaining the concept of security and access control, we will explain the security function of Virdi using a sample.
Security threats to internal systems
When thinking about the security of an in-house system, the first thing that comes to mind is an external attack by a third party. Therefore, it can be said that most in-house systems take measures to prevent attacks from the outside.
However, that alone is not a perfect security measure. ...
... The reason is that external attacks are not the only security threat to internal systems. What is it?
As you can see from Figure 1, threats other than external attacks are information leaks from the inside for the security of internal systems.
The Consumer Affairs Agency released "Summary of Enforcement Status of the Law Concerning the Protection of Personal Information in 2008" in November 2009. It says 79.6% of the causes of information leakage by companies in 2008 were information leakage from the inside.
There is data that there is. Therefore, it is essential to take measures against information leakage from the inside and attacks from the outside when considering security threats to internal systems.
Why is there so much information leakage from the inside? The reasons are [1] negligence by employees and [2] unauthorized access from inside.
[1] Access control system decreases negligence by employees
Employee negligence includes loss of PCs and business materials and incorrect email transmission. Therefore, it seems that recent companies have taken measures such as prohibiting the taking out of personal computers and encrypting necessary data so that you cannot view the data of lost personal computers.
[2] Access control system prevents unauthorized access from inside
It means that the information in the in-house system is illegally viewed and taken out by the company's employees. Unauthorized access from the inside is not as tricky as unauthorized access from the outside, so if a malicious employee is inside the company, information will be quickly taken out.
Employee education is not enough:
If internal security management is not tight, critical company information will be leaked even if security against external attacks is perfect. Therefore, recently, an increasing number of companies are taking measures against information leakage from the inside by raising the ethical sense of employees by conducting employee education.
However, there is no guarantee that this alone will prevent information leakage from the inside. Therefore, it is necessary to take internal security measures for the in-house system itself. One of the countermeasures is the following access control.
"Access control" in the in-house system
How is access control used in in-house systems? I want to explain in detail with an example.
What is access control?
What is access control in computer security?
The access control system is a security function that protects assets such as systems, networks, and information by controlling who can access them to what extent.
Organizations protect their information assets by controlling, restricting, and monitoring access rights. It is considered as the first line of defense to protect assets from unauthorized access by unauthorized users.
The term access control is a broad term that includes several different mechanisms for protecting assets from unauthorized access. The terms include "identification" and "authentication" as well as "authorization" and "accountability" that give users access.
There are two key types of access control for in-house systems. [1] access control uses authentication and [2] access control that controls functions and screens using authority.
[1] Access control using authentication
Authentication is the judgment of validity by the application side. See Figure 2 below, as this alone may be difficult to understand. For example, in Figure 2 below, Mr. A and Mr. B are using the in-house system.
Mr. A has a username and password to use the in-house system, and Mr. B does not. Both Mr. A and Mr. Enter their username and password on the login screen and press the login button. Here, the in-house system determines whether the user is a legitimate user based on the user name and password. The judgment on the in-house system side is authentication. This authentication allows access control so that only specific users can use the internal system.
As you can see from this example, it is not enough from access control to authenticate a specific screen only with a username and password. Therefore, to perform access control in more detail, it is necessary to control each function and screen.
[2] Access control that controls functions and screens using authority
In the access control in the in-house system, the functions and screens that you can access are restricted in advance according to the authority of the application user. For example, figure 3 shows that Mr. A, Mr. B, and Mr. C have different privileges, accessible screens, and various available functions.
As shown in Fig. 3, even if Mr. C illegally tries to take out highly confidential company information, he cannot access screen Y containing the highly personal information. Also, even if Mr. C attempts to tamper with the on-screen information X, he cannot change it because he is only authorized to view screen X.
In this way, in-house systems can prevent information leakage and falsification from the inside by controlling access.
The above is an overview of access control in the in-house system. Next, we will explain how to realize the above two access control functions with security management with an access control system.

I'm a little SEO marketing executive. I just want to publishing my articles regularly hear.