The Access Control Mechanisms Computer Science Essay
Access control is the traditional center of gravity of computer security. It is where security engineering meets computer science. Its function is to control which principals (persons, processes, machines) have access to which resources in the system-which files they can read, which programs they can execute, how they share data with other principals, and so on.
Access control works at a number of levels, and described in the following:
1. The access control mechanisms, which the user sees at the application level, may express a very rich and complex security policy.
2. The applications may be written on top of middleware, such as a database management system or bookkeeping package, which enforces a number of protection properties.
3. The middleware will use facilities provided by the underlying operating system. As this constructs resources such as files and communications ports from lower-level components, it acquires the responsibility for providing ways to control access to them.
4. Finally, the operating system access controls will usually rely on hardware features provided by the processor or by associated memory management hardware. These control which memory addresses a given process can access.
There are two ways of restricting access to documents: either by the hostname of the browser being used, or by asking for a username and password. The former can be used to, for example, restrict documents to use within a company. However if the people who are allowed to access the documents are widely dispersed, or the server administrator needs to be able to control access on an individual basis, it is possible to require a username and password before being allowed access to a document. This is called user authentication.
Setting up user authentication takes two steps: firstly, you create a file containing the usernames and passwords. Secondly, you tell the server what resources are to be protected and which users are allowed (after entering a valid password) to access them.
A firewall is simply a program or hardware device that filters the information coming through the Internet connection into your private network or computer system. If an incoming packet of information is flagged by the filters, it is not allowed through. . A firewall helps to keep your computer more secure. It restricts information that comes to your computer from other computers, giving you more control over the data on your computer and providing a line of defense against people or programs (including viruses and worms) that try to connect to your computer without invitation.
When someone on the Internet or a network tries to connect to your computer, we call that attempt an "unsolicited request." When your computer gets an unsolicited request, Windows Firewall blocks the connection. If you run a program such as an instant messaging program or a multiplayer network game that needs to receive information from the Internet or a network, the firewall asks if you want to block or unblock (allow) the connection. If you choose to unblock the connection, Windows Firewall creates an exception so that the firewall won't bother you when that program needs to receive information in the future.
A computer virus is a computer program that can copy itself and infect a computer. The term "virus" is also commonly but erroneously used to refer to other types of malware, including but not limited to adware and spyware programs that do not have the reproductive ability. A true virus can spread from one computer to another (in some form of executable code) when its host is taken to the target computer; for instance because a user sent it over a network or the Internet, or carried it on a removable medium such as a floppy disk, CD, DVD, or drive. Viruses can increase their chances of spreading to other computers by infecting files on a network file system or a file system that is accessed by another computer. Viruses and worms can be acquired by using infected files from almost any source when you surf the Internet, swap files with friends, receive and look at email attachments, or use any files from a source outside your computer.
The Internet has become increasingly more popular in the recent years. This is no surprise considering the amount of attention it gets from newspapers, magazines and books. Many people are trying eagerly to join the Internet community.
There are three basic levels of access to the internet.
Mail only: This only allows you to send and receive email to/from other users on the internet. Through special email gateways, you can make use of Archie, FTP, Gopher, World Wide Web (WWW) and possibly other internet services. These gateways, however, are text-based and non-interactive and can be rather cumbersome to use.
Shell account: This lets you login to another remote computer system that is itself connected to the internet. You normally run programs on the remote system to gain access to internet services. Because you typically dial-up from a terminal emulation software, you are restricted to text mode programs only. This means that, for example, you can only use a text-based web browser to explore the WWW.
Direct connect: This is the ultimate form of internet connection where your computer system is itself directly on the internet. It speaks the language of the internet (TCP/IP). Any access to internet services is via programs that run on your own computer system.
Traditionally, computers plug directly into the internet over a LAN, WAN or leased circuit. In addition to the computer itself, such setups often require network routers and gateways. Needless to say, these can add up to a lot of money. As a result, direct internet connections are primarily only within the reach of organizations with high traffic needs.
I am a Network Manager in Sylhet Solution Inc. In our company one of my user is faced with some problem including unable to log on to her e-mail and can’t print out from printer. So I have to solve her problem and I’ll ask some of the question to her
What kind of connection did u take in your network?
Did you set your network cables correctly?
Is your account is lost? why
How about your connection speed?
Is there any problem in your computer?
Did you forget your username and password?
Is your username and password match?
Is anyone else having with troubleshoot?
After asking the question above the following, I have to start solving our user problem. I tested the all part of the computer and including network cables. We can’t find any error in this network-pc. So we check the E-mail Server, it doesn’t work correctly and is work totally slow. It may be attack by some virus. This virus make server to slow and block all email account. So we have to upgrade virus protection system and update the fire wall, and scan the virus and clean the infect file. We check, is there any network pc infect virus and clean then. After that user login again.
After solving the problem of unable to log on then I have to solve another problem of unable to print out. Like the first problem, I have to ask the user some of the question about her problem as following
Did you already install your printer?
Did you connect your computer cables and printer cables?
Are you sure printer network cables putted in right place?
Did you check any hardware or software in your computer?
Did you check your network cables?
Did you use any other application or program before printing?
Is ink enough in your printer to print out?
After asking the question to user, I have to solve her problem. We have to check printer and all network devices. So we found the error in network cables which connect with network adapter. After that we check the network cable is work correctly. It doesn’t work correctly because it was unplugged on the network adapter. So we plugged and check printer to print out correctly.
NETGEAR FVS318G Firewall
Manufactured _ NETGEAR
Model number _FVS318G
Features _The NETGEAR ProSafe 8-port Gigabit VPN Firewall provides both secure IPsec site-to-site tunnels and IPsec secure access for remote clients. Employing a true firewall with customizable firewall rules, this VPN router is a high-performance, SNMP-manageable, network solution that furnishes multidimensional security including denial-of-service (DoS) protection, stateful packet inspection (SPI), URL keyword filtering, logging, reporting, and real-time alerts. Eight Gigabit LAN ports keep your data moving at top speed. With Network Address Translation (NAT) routing and classical routing, all the users in your small office can access your broadband connection at the same time.
SonicWall NSA 2400
Manufactured _ SonicWall
Model number _ NSA 2400
Features _ The Network Security Appliance 2400 is a very good appliance and it efficiently does the job as an all-in-one network security solution. It is also a step-up performance- and configuration-wise, from the previously reviewed NSA 3500. Setting up the WAN and LAN interfaces was intuitive and easy to navigate with the management GUI. Network changes, such as changing the device's IP from the vendor's hard-coded one, to one on the test subnet were made instantaneously and without any drama whatsoever from the appliance.
Manufactured _ Cyberoam
Model number _ CR15wi
Features _ It appliance to sport an 802.11n wireless AP, and it's the first look at the latest Version X firmware. It delivers a new web interface common to all Cyberoam appliances which is easier to use and opens with a new dashboard view showing all detected threats, details about the appliance and subscription status. It's more informative than the previous interface, which focused heavily on web activity and user's surfing patterns. It identity-based security makes the CR15wi extremely versatile. We can apply policies to groups or individual users, plus IP addresses or address pools. It also allow you to enforce security at any level. It supports three user types where a normal user logs on to the appliance via the locally installed Corporate Client utility. We can also apply a wide range of security policies including web filtering, internet access and bandwidth usage. It limits to data transfer on uploads and downloads can also be enforced, and you can specify different values for daily, weekly, monthly and yearly limits.
All in one are I think that we must to use the Cyberoam. Cyberoam firewall is one of the most frequently used methods of protecting network communication from harmful elements. Its duty is to monitor network communications and filter out dangerous or suspicious attempts to access the network. All security functions are integrated into a single device. Option of identifying and applying security rules anywhere within your network. Cyberoam have high user identification security levels It can controls the threat in real-time. Cyberoam is easy to install and manage. Option of integrating as a gateway or transparent bridge within the network. All of this reason I think Cyberoam is suitable of my organization.
Do not browse the limited website.
Do not access other’s person blog, website and other.
Should avoid any unnecessary network loading.
It is not allowed to use copyrighted material like e.g. logos, maps etc. without explicit written permission.
Personal information about other people must not be published or distributed without their permission.
The information published in the WWW is checked on a regular basis and updated or removed as appropriate.
User who access and that use the Site is subject to all applicable U.S. and State of Florida laws and regulations, adopted as of the date the User accesses the Site.
Users could post messages originating from Users.
Do not look any unlawful, harmful, threatening, abusive, harassing, defamatory, vulgar, obscene, profane, hateful, racially, ethnically or otherwise objectionable material.
Do not give out personal information to anyone.
Do not post phone numbers, street addresses, town names and big cities.
Do not use all capital letters when posting messages.
Do not try to get around this rule by typing in a combination of lower and upper case characters.
Do not engage or participate in any activities directly or indirectly which harass, threaten, abuse or intimidate other users.
Do not rapidly enter text/or images that tend to occupy multiple lines of the message screen.
Do not post, or attempt to post by disguise (represent swear words with symbols or numbers), any words which are "foul", "obscene", or "cuss" words.
Please do not engage in a conversation with chatters, staff member which is disrespectful or argumentative to the Chatters, staff member.
Do not post web site addresses (URL) to the chat room which have content for adults or are inappropriate for viewing by children 14 years of age or younger.
Share the time in the Chat Room with everyone, don’t be the only one taking all the available time.
If you wish to exchange personal information in the chat room you may do so.
User must understand the difference between business and personal email.
Do not post business emails are considered confidential (unless otherwise noted).
Must not be shared emails outside the other.
Does not viewing pornography or pornographic jokes is grounds for sexual harassment.
Not to snoop on user.
No use of the business email account for personal mail.
Do not make an e-mail longer than it needs to be.
This is not only important because improper spelling, grammar and punctuation give a bad impression of you.
Answer swiftly, e-mail should be replied to within at least 24 hours, and preferably within the same working day.
Do not overuse the high priority option.
Read the email before you send it.
Take care with abbreviations and emoticons.
Take care with rich text and HTML messages.
Do not use email to discuss confidential information.
Don't send or forward emails containing libelous, defamatory, offensive, racist or obscene remarks.
Keep your language gender neutral.
Press the “Right click”, choose Open to open the IP Sec.
After opening IPSec folder and then choose Install with right-click from Microsoft IPsec Diagnostic tool-1.0.msi
You can see Microsoft IPsec Diagnostic Tool Setup box and then put the right sign in the checkbox of “I accept the terms in the license Agreement”.
Click the Install button.
After finished the installation you will see the box of Completed the Microsoft IPsec Diagnostic Tool Setup Wizard and then click the Finish button to exit.
We show the box of Microsoft IPsec Diagnostic Tool box and then choose the Local Mode(Debug the system)
And then click Next to continue.
Type the other IP address of the computer “126.96.36.199”.
And then click Start Diagnosis button.
At this stage Diagnostic is starting and then if the process is right the box is invisible one by one.
You will see the message box of Oakley-Live Troubleshooting when your diagnosis is wrong at some step and then click OK button.
Click Generate Report button.
And then the report will show in the notepad.
Click Output Logs Button.
And then you will see the Local Mode folder and all of the report will exit.
Select ipconfig folder and choose Open with right-click
And then ipconfig will show in the notepad
And then select ipconfig.all and choose Open with right-click
And then all of the IP address will show in the notepad.
Select pingLocalhost and choose Open with right-click.
And then we will show pinglocalhost-Notepad.
Select pingRemote and choose Open with right-click.
And then we will show pingRemote-Notepad.
Select SystemInfo and choose Open with right-click.
And then we will show SystemInfo-Notepad
If you want to refresh your report then click Clear button to clear it
Need an essay? You can buy essay help from us today!