Access Control Purpose:Access controls are basically designed to reduce potential exposure from unauthorized use of various kinds of resources, protect confidentiality, integrity, availability of various systems, applications, and networks.Access control policies help to specify how to manage the access and also who may access various kinds of confidential information.In my point of view access control has three core elements stated as below:1)Identification: This is the basic level of unique identification for an individual which can be a badge, username, e-mail signature or it can also be a key to a server port as identification is mandatory for tracking the user behavior and also to provide authentication. 2)Authentication: This is one of the key element for access control.
It can take in various forms based upon the type of security a firm need.Two-factor authentication is widely used nowadays as it is believed to be one of the secured ways of authentication.It also ensures whether the identification is being used by the intended person.It can take various forms such as validating a password which is linked to that username, encrypted keys, sending verification text code for the mobile device that is linked to the user, Fingerprints, smart cards or various combinations of binding the password authentication with the fingerprint scanner.3)Authorization: This is one of the primary key element for access control as the user is restricted to various kinds of authorization such as permissions required to access high confidentiality information.recently it can help us to identify the metadata i.
e, properties associated with the particular user’s account.There are various forms of authorization in social media as well as financial sector such as banks, etc. For example, When you open a bank account, the bank gives credentials to that particular user who is authorized to access his individual account online