Overview

Access control technologies ensure that only authorized users or systems can access and use computers, networks, and the information stored on these systems, and these technologies help protect sensitive data and systems. Access control simplifies network security by reducing the number of paths that attackers or masqueraders might use to penetrate system or network defenses. Access control includes three control types: boundary protection, authentication, and authorization.

Boundary protection technologies demark a logical or physical boundary between protected information and systems and unknown users. Boundary protection technologies can be used to protect a network (e.g., firewalls) or a single computer (e.g., personal firewalls). Generally, these technologies prevent access to the network or computer by external unauthorized users. Another type of boundary protection technology, content management, can also be used to restrict the ability of authorized system or network users to access systems or networks beyond the system or network boundary.

Authentication technologies associate a user with a particular identity. People are authenticated by three basic means: by something they know, something they have, or something they are. People and systems regularly use these means to identify people in everyday life. For example, members of a community routinely recognize one another by how they look or how their voices sound by something they are. Automated teller machines recognize customers because they present a bank card something they have and they enter a personal identification number (PIN) something they know. Using a key to enter a locked building is another example of using something you have.