What is an Access Control, functions & Importance?

Access control function in Kenya is a basic component of physical and data security. It dictates who access/use company information and resources through authorization and authentication.

Access control approach makes sure users are who they say they are and have right to access company data. 

For an effective access control system, it should be able to generate the data behind access. 

This way, administrators can physically dictate who can enter/exit and observe how entries/exits are happening. Allowing them to identify any suspicious activity and maintain security.

Thus, the goal of access control is to minimize the security risk of unauthorized access.

 What are the elements of access control?

Identification: For access control to be effective, it must provide some way to identify an individual.

Authentication: Identification requires authentication.

Authorization: The set of actions that dictates what you identity is allowed to do.

Components include;

1.An access control panel or the controller 

2. An access-controlled entry such a door, turnstile, parking gate elevator or other physical barrier. 

3. A reader installed near the entry.

4. A locking hardware. The strike lock or the electromagnetic lock.

The Main Models of access control include 

Mandatory access control function.

Is a security model in which access rights are regulated by a central authority based on multiple levels of security.

Discretionary access control function

Is a method in which owners or administrators set the policies defining who/ what is authorized to access the resource.

Role based access control function – 

Widely used access control mechanism that restricts access to computer resources with defined business functions.

Rule based access control function

This is a security model in which the system administrator defines the rules that govern access to resource objects.

Attribute -based access control

This is a methodology that manages access rights by evaluating a set of rules, policies and relationships using the attributes of users, systems and environmental conditions.