The InfoSec Handbook

CHAPTER 4

Access Controls

Introduction

In general terms, providing security means “freedom from risk and danger”. In the context of information security, it is securing against:

Access to information by unauthorized persons
Modification to information by unauthorized persons
Destruction of information by unauthorized persons

This means basically, any type of access to information needs to be protected. Whether the access is physical such as accessing CPUs, hard disks, or logical, as in accessing the system directly or remotely, access needs to be restricted and thus, information needs to be protected.

Access control is considered the most important ...

Get The InfoSec Handbook now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

The InfoSec Handbook by Umesh Hodeghatta Rao, Umesha Nayak

Don’t leave empty-handed

It’s yours, free.

Check it out now on O’Reilly