Accession Number : ADA236275


Title :   Management of Information Technology Access Controls


Descriptive Note : Master's thesis,


Corporate Author : COLORADO UNIV AT COLORADO SPRINGS


Personal Author(s) : Pollack, Michael R.


Full Text : http://www.dtic.mil/get-tr-doc/pdf?AD=ADA236275


Report Date : 1991


Pagination or Media Count : 118


Abstract : System access control directs, regulates, and coordinates the logical, physical, and administrative protection capabilities pertaining to interactions with an information system (IS). System access control, a subset of information technology (IT) and general business controls, are IS security's critical first line of defense. It has traditionally progressed by increasing the speed and memory, and decreasing the size of centralized IS. However, recent movements toward distributed IS and the accompanying architectural changes present new management challenges, especially in the area of controlling system access. Distributed IS magnifies potential control problems because it relies upon inherently less secure hardware and software, and increases potential system access points through local and telecommunication interconnection. However, the biggest threat to system access control is found within the organization's own workforce. These issues motivated the development of an Access Control Management Model.


Descriptors :   *COMPUTER PROGRAMS , COMMERCE , MANAGEMENT PLANNING AND CONTROL , MANAGEMENT , INFORMATION SYSTEMS , MODELS , SECURITY , PROTECTION , CIRCUIT INTERCONNECTIONS , ACCESS , PERSONNEL , TELECOMMUNICATIONS , WORK , ARCHITECTURE , CONTROL


Subject Categories : COMPUTER SYSTEMS


Distribution Statement : APPROVED FOR PUBLIC RELEASE