Manualshelf

Security Solutions

ManualsBrandsHP ManualsSoftwareHP ProCurve Access Control Client Software
11121314151617181920
1-3
Access Control Concepts
Introduction to Access Control
Introduction to Access Control
Over the last several decades, network connectivity has evolved into a
necessary component of nearly every business activity. Users rely on the
network for:
Data—the information stored in the computing environment
Applicationsthe means of manipulating that data
It is a rare user who accesses only the data and applications stored on an
isolated computer system. Instead, a user connects to a network, which allows
his or her endpoint—the device used to connect to the network—to access
data and applications stored on many systems.
Resources stored and delivered over a network are valuable; they might
include medical records, payroll information, customers’ financial records,
corporate strategy, and military operation plans. And because the resources
are valuable, some people may attempt to hijack them for their own purposes.
To protect resources from misuse (whether malicious or not), you must
enforce access controls. Many users associate the words access control with
a username and password, submitted to gain access to a particular piece of
data or application. However, an access control is any mechanism for dictating
which users and devices can access particular resources.
You can control users’ access to resources in three ways:
Data access control (enforced on particular data storage devices)
Application access control (enforced on particular services)
Network access control (enforced at the network edge, where users
connect)
Access control is most effective at protecting resources when the three types
work together. But because the network is the means of distributing all data
and applications to users, network access control is particularly important as
a comprehensive solution. Network access control provides the following
functions:
Blocks access from unauthorized users at each network entry
point—Securing individual resources is not enough. Even when an
attacker cannot reach core resources, he or she can discover much about
your network and potentially implement attacks simply by connecting to
it. A solution for blocking and controlling users at the edge, before they
connect to the network, adds another layer of security to that imple-
mented on individual devices.