I need the following assignment done pertaining to Information System Security. Assignment requirements must be based on background information provided below, examples scenarios must be provided. Work has to be 100% original and will be checked against plaigarism checker before final payment is made. I need at least 2 references. Assignment must be done in APA format.
Please prepare a response (200- to 300-words) to the following on this question:
How is access to your company’s information resources controlled and is the principle of “Protection Domains” implemented? Discuss, but do not give away the ‘keys to the kingdom’. If you are not currently working in a situation where access controls are used, or you wish not to discuss your company’s methods (which is fine, and we all understand), pick an access control and discuss in light of its use in a protection domain (with examples of its use.)
Background infomration (Assignment Must be based off this information):
The following is based on the information in Chapter 4, “Access Control”, of our e-text, Computer Security Principles and Practice. In summary:
In discretionary control, users are allowed to access resources at the discretion of the information owner. Each user is given a specific set of rights to the system.
In mandatory access control, the information owner assigns attributes (labels) to users and systems (subjects), and to resources (objects). Based on these attributes, each user can access only those resources to which he or she is linked.
In role-based access control, users are assigned to groups based on common needs. Each group is given a specific set of access rights. If a user’s needs change, he or she is simply moved to a different group.
In any case, each user is given access only to the resources he or she needs. Thus, the principal of least privilege is applied.