Data access control
Who needs access to what data?
There are lots of different types of data contained in a school network. There might be:
- Teaching materials and files
- Student academic records
- Staff employment records and financial information
- Personal and medical information
Can you think of any others?
Now, consider all of the people who have access to your school network: teaching and administrative staff, students, guests, and potentially even attackers. Not all of the people in the network should have equal access to the data it stores, so a system is needed that can decide which people can access which data in which capacity.
What are the different kinds of access?
There are lots of different ways in which you can access data on a system. The type of access granted is often called a permission. Broadly, permissions can be split into four categories:
- Read — the ability to see data
- Write — the ability to change data
- Execute — the ability to run a program
- Delete — the ability to remove data
Having these four types of permission allows you to share data in different ways with different people. For example:
- Distinguishing between reading and writing allows you to share data with users who need to see it but should not be able to modify it
- Restricting who can execute files allows new software to be downloaded or updated in a controlled manner
- Defining who does and does not have delete permissions can help to prevent attacks that are aiming to destroy data
Data access control systems
A data access control system is a method of deciding who gets what permissions. There are several different approaches to designing a data access control system. The traditional method is for a single entity to assign classification levels to data, and levels of clearance to network users. The user can then only access data if they have the relevant clearance. This approach is called mandatory access control.
Alternatively, the data owners can define the access permissions for their data. This means that if you produce a file, you can choose who can access it. This is called discretionary access control.
Permissions can be assigned to individuals in a network or to groups of individuals. This is often called role-based access control. The permissions might also be condition-specific, for example, some data may only be accessible at certain times of day to make it harder for attackers to access the data outside of working hours. This is known as rule-based access control. Role- and rule-based access control systems can be used in conjunction with a mandatory or discretionary access control system.
To enforce a data access control system, the methods of authentication discussed previously (such as passwords and biometrics systems) can be employed. When you sign into your account on a device, the network can grant you certain permissions to interact with data. As an added layer of security, you may be asked to re-enter your password before performing certain actions, to verify your identity.
Combining data and network access control
Any data and network access control systems used in a network have to be compatible with each other. These two systems can work together to optimise the safety of data on the system.
The access permissions granted to certain users can also be applied to machines. For example, it may only be possible to access very sensitive data on particular computers that have certain software and hardware restrictions.
The data that a user can access in a particular network is determined by what the user as an individual is authorised to access, and what the machine that they are using is authorised to access.
If the two systems are designed without consultation between the parties involved, users might find that they have permission to access certain data, but not the device needed to access the data.
In the next step, you will learn about internal threats to data and network access control systems.
- Can you give an example of data in your network to which you have read access but not write access?
- Which data access control system do you think is most appropriate for a school and why?
- Can you think of a scenario in which the data and network access control systems for a network are incompatible?
Share your answers in the comments