The main difference between access control list and access control matrix is that access control list defines a set of permissions attached to a system object while access control matrix defines a subject’s access rights on an object which is a set of access control lists.
In automated online systems, the security of information is vital. Therefore, there are various steps to secure a system. The first step in this is to authenticate the users. Here, the process requires the user’s personal details. For example, the system requests the user to enter a valid username and password to access the information in the system. After completing the authentication, the next step is authorization, which grants permissions to authorized users. Access control is a process that allows users to grant access and certain privileges to systems, resources, or information. Access control list and access control matrix are two terms associated with the access control process.
Key Areas Covered
1. What is Access Control List
– Definition, Functionality
2. What is Access Control Matrix
– Definition, Functionality
3. What is the Difference Between Access Control List and Access Control Matrix
– Comparison of Key Differences
Key Terms
Access Control List (ACL), Access Control Matrix, Authentication, Authorization
What is Access Control List
Access Control List (ACL) refers to the permissions attached to an object that specifies which users are granted access to that object. Furthermore, it also specifies the operations the users can perform using that object.
A file system ACL contains entries that specify individual user or group rights to specific system objects such as programs, processes, files, and programs. These entries are called access control entries (ACEs) in the Microsoft Windows NT, OpenVMS, UNIX, and Mac OS X operating systems. Moreover, each system object has a security attribute to recognize its ACL.
Networking ACLs provide rules that apply to port numbers or IP addresses available on a host. The list consists of hosts that have permission to use the services. Furthermore, individual servers and routers can have network ACLs. It is possible to configure ACL to control both inbound and outbound traffic. Therefore, it works similar to a firewall. Furthermore, SQL based systems such as ERP (Enterprise Resource Planning) and Content Management Systems contain ACL models in their administration modules.
What is Access Control Matrix
Access control Matrix allows implementing protection model. This matrix contains rows and columns. Rows represent the domain. It can be a user, process or a procedure domain. Columns, on the other hand, represent the objects or resources. An expel Access Control Matrix is as follows.
Each entry in the matrix represents access right information. In the entry access (Di, Oj), Di represents a process in the domain while Oj represents an object or the resource. According to the above matrix, a process in domain 1 can read File 1. A process in domain 2 can take printouts, and a process in domain 3 can execute File 3. Moreover, a process in domain 4 can write to File 2. This is how the Access Control Matrix operates.
Difference Between Access Control List and Access Control Matrix
Definition
Access control list is a list of permissions attached to an object in a computer file system, database or a network. Whereas, access control matrix is an abstract, formal security model for protection state in computer systems that characterize the rights of each subject with respect to every object in the system. Thus, this is the main difference between access control list and access control matrix.
Functionality
Access control list defines the access rights each user has to a particular system object such as a file directory or individual files while access control matrix defines a subject’s access rights such as read, write, and execute on an object. Hence, this is another difference between access control list and access control matrix.
Conclusion
The main difference between access control list and access control matrix is that the access control list defines a set of permissions attached to a system object while the access control matrix defines a subject’s access rights on an object which is a set of access control lists.
Reference:
1. “Access Control List.” Wikipedia, Wikimedia Foundation, 12 Nov. 2018, Available here.
2. “What Is an Access Control List (ACL)? – Definition from Techopedia.” Techopedia.com, Available here.
3. “Access Matrix to Implement Protection Model in Operating System”, Easy Engineering Classes, 4 Apr. 2017, Available here.
4. “The Access Control Matrix.” Cybrary, Available here.
Image Courtesy:
1. “Internet Security Padlock for VPN & Online Privacy” (CC BY 2.0) via www.vpnsrus.com
Leave a Reply