Question 1
Access controls are security devices which only allow authorized users to have entrance to the certain devices such computers. There are different types of access controls.
Mandatory Access Control (MAC) is a type of access control where the target is protected from operations from the initiator since the system guarantee security from various labels. (Mohammed & Said, 2014).
Discretionary Access Control (DAC) is a means of authorizing access to sources by regulating accessibility to objects relying on the group or the subject identity. The operation of this method is reinforced by the ACL (Mammass & Ghadi, 2015).
Question 2
The process of system control consists of four primary activities which include identification, authentication, authorization and accountability (Mohammed & Said, 2014). Identification takes place when the system tries to identify the subject is the user it claims to be such as an account or the username that is used by the subject (Mammass & Ghadi, 2015). Authentication is the second step that happens after identification process, the operating system figures out and proves that the subject is the one it claims to be, it is done through the passwords, PIN, and passphrase. The third stage is authorization is a way of control of the subject by the object such instances may include the user being unable to delete a particular file after logging into his or her account (Mammass & Ghadi, 2015). The final step is accountability where the user activities and operation of the system can be accounted for step by step up to the last activity of the subject.
References
Mohammed, E. & Said, E. (2014). SWOT analysis of access control models. IJSIA, 8(3), 407-424. http://dx.doi.org/10.14257/ijsia.2014.8.3.39
Mammass, M. & Ghadi, F. (2015). An Overview on Access Control Models. International Journal Of Applied Evolutionary Computation, 6(4), 28-38. http://dx.doi.org/10.4018/ijaec.2015100103
