What is the Purpose of Access Control Matrix?

What is the Purpose of Access Control Matrix?What is the Purpose of Access Control Matrix?
Rebecca KappelRebecca Kappel Staff asked 1 year ago

1 Answers
Rebecca KappelRebecca Kappel Staff answered 1 year ago
An access control matrix is a table that contains both subjects and objects. Subjects usually refer to people who may need to access objects. Objects are typically files, data, or resources that subjects may need to access. They can also be a system process or a piece of hardware. The information contained in the matrix designates permissions and access levels between subjects and objects. Organizations build access control matrices to ensure authorized access and prevent intentional or unintentional unauthorized access to sensitive data.

The purpose for granting any access corresponds to the three pillars of cyber security: availability, integrity, and confidentiality. Availability measures are those that ensure that users can access a system. Issues such as hardware and software failures, network disconnections, and hacking can influence availability. Integrity refers to measures that ensure that information on a system is not altered intentionally or unintentionally. Confidentiality refers to the measures that are put in place to ensure that information is not misused and that those who are unauthorized do not access information. System administrators usually assign right in an access control matrix, avoiding the possibility that others may tamper with it.

Organizations must have two sets of access control policies governing their two major assets. Physical assets include offices, rooms, and buildings. Logical assets include digital files and resources. 

How an Access Control Matrix Works

In a user permissions matrix, permissions are designated using these five commonly used attributes.

  • Read (R) – Read access permits the subject to open and read the file, but not to edit it in any way.
  • Write (W) – Write access allows the subject to not only read the file but to add or write new content in the file.
  • Delete (D) – Delete permissions are higher level than write permissions. Subjects with delete or edit permissions can delete files or content. 
  • Execute (E) – Execute permission allows a user to execute particular programs.

Dash (-) – A dash in an access control matrix indicates that the subject is prohibited from accessing the object.

Looking to learn more about What is the Purpose of Access Control Matrix?

Related Content

Authorization to Operate (ATO)

Authorization to Operate (ATO)

What is an ATO? An ATO is a hallmark of approval that endorses an information system…


What is StateRAMP? In 2011, the Federal Risk and Authorization Management Program (FedRAMP) laid the groundwork…
Segregation of Duties

Segregation of Duties

What is the Segregation of Duties? Segregation of duties (SoD) is like a game of checks…
Skip to content