Sandhu and Samarati, 1996
Authentication, access control, and audit
Type
Article
Year
1996
Authors
Sandhu, R., Samarati, P.
Identifiers
DOI: 10/dc3f9p
Abstract
Authentication establishes the identity of one party to another. Most commonly authentication establishes the identity of a user to some part of the system, typically by means of a password. More generally, authentication can be computer-to-computer or process-toprocess and mutual in both directions. —Access control determines what one party will allow another to do with respect to resources and objects mediated by the former. Access control usually requires authentication as a prerequisite. —The audit process gathers data about activity in the system and analyzes it to discover security violations or diagnose their cause. Analysis can occur offline after the fact or online in real time. In the latter case, the process is usually called intrusion detection.
(Semantic Scholar, accessed 13 Feb 2021)
Links
Citation
Sandhu, R., Samarati, P., 1996. Authentication, access control, and audit. ACM Comput. Surv. 28, 241–243. https://doi.org/10/dc3f9p
Follow us on LinkedIn | Discuss on Slack | Support us with Patreon | Sign-up for a free membership.
This wiki is owned by Open Measure, a non-profit association. The original content we publish is licensed under a Creative Commons Attribution 4.0 International License.