What is the Purpose of Access Control Matrix?

What is the Purpose of Access Control Matrix?What is the Purpose of Access Control Matrix?
Rivky Kappel Staff asked 6 months ago

1 Answers
Rivky Kappel Staff answered 6 months ago
An access control matrix is a table that contains both subjects and objects. Subjects usually refer to people who may need to access objects. Objects are typically files, data, or resources that subjects may need to access. They can also be a system process or a piece of hardware. The information contained in the matrix designates permissions and access levels between subjects and objects. Organizations build access control matrices to ensure authorized access and prevent intentional or unintentional unauthorized access to sensitive data.

The purpose for granting any access corresponds to the three pillars of cyber security: availability, integrity, and confidentiality. Availability measures are those that ensure that users can access a system. Issues such as hardware and software failures, network disconnections, and hacking can influence availability. Integrity refers to measures that ensure that information on a system is not altered intentionally or unintentionally. Confidentiality refers to the measures that are put in place to ensure that information is not misused and that those who are unauthorized do not access information. System administrators usually assign right in an access control matrix, avoiding the possibility that others may tamper with it.

Organizations must have two sets of access control policies governing their two major assets. Physical assets include offices, rooms, and buildings. Logical assets include digital files and resources. 

How an Access Control Matrix Works

In a user permissions matrix, permissions are designated using these five commonly used attributes.

  • Read (R) – Read access permits the subject to open and read the file, but not to edit it in any way.
  • Write (W) – Write access allows the subject to not only read the file but to add or write new content in the file.
  • Delete (D) – Delete permissions are higher level than write permissions. Subjects with delete or edit permissions can delete files or content. 
  • Execute (E) – Execute permission allows a user to execute particular programs.

Dash (-) – A dash in an access control matrix indicates that the subject is prohibited from accessing the object.

Related Content

Penetration Testing

Penetration Testing

What is Penetration Testing? Cyber penetration testing is an effective way to show that your security…
Complimentary User Entity Controls

Complimentary User Entity Controls

What Are Complimentary User Entity Controls? When you think of third-party risk management, what usually comes…
Network Security Test

Network Security Test

What is a Network Security Test? Network security tests help to discover vulnerabilities in a company’s…
Skip to content