jump to navigation

Access Control Lists September 15, 2013

Posted by brltkd in Security.

The paper we read discusses a number of methods used for protecting information in computer systems. The area I found interesting and most applicable to my experience was the discussion on access control lists.

The paper defines access control lists as “a list of principles that are authorized to have access to some object”. They usually also specify what actions may be performed with the object. Access control lists may have a primary role of either granting or denying access to specific resources. The paper recommends the use of fail-safe defaults in which the default situation is lack of access, meaning access must be specifically allowed for each resource. I agree with this approach because it prevents access to potentially sensitive information if there was an error when assigning the permissions. Additionally, having access to additional information may not be noticed, whereas not having access to necessary information is likely to be reported.

I think the greatest concern surrounding access control lists is determining how the lists are edited. If a user or program has the ability to modify an access control list, they are capable of granting themselves access to resources for which it may not be appropriate. As the paper points out, this is especially true when the access control lists are hierarchical. The people with the ability to make changes at the top of the hierarchy can modify the access control lists for everyone in the system. Often these are system administrators who have this significant authority, even though this does not align with the organizational structure. The paper notes that this has the potential for possible abuse since this if this authority is completely unchecked.

The method we use in my organization to address this issue is to enable auditing of all system permission changes. Then we use regularly scheduled reports which are reviewed by the risk and compliance officers and they investigate any suspicious activity. What other methods have you used to minimize the risks posed by this concentrated authority?


J. H. Saltzer and M. D. Schroeder, “The Protection of Information in Computer Systems“.



No comments yet — be the first.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )


Connecting to %s

%d bloggers like this: