Intrusion detection systems and firewalls
Responsible for monitoring audit information and communication data flows and network server systems on the network, capture suspicious network and server system activity and found safety problems which exist when the network and host unauthorized use or damage, real-time response and alarm, generating a notification message and log. The system not only detect intrusions from outside, internal users can also detect unauthorized activity.
Analogy: If a firewall is a door of a building, then the intrusion detection system is in this building monitoring systems. Once the thief entered the building, there are cross-border or internal staff behavior, only real-time monitoring system to find a situation and issue a warning, intrusion detection systems is another line of defense behind the firewall, intrusion detection systems can be found intrusions firewall is not found.
Firewall can allow some internal hosts to be accessed externally, intrusion detection systems do not have these features, just to monitor and analyze user and system activity.
Firewalls and intrusion detection system is an independent system.
Access Control authorization scheme
(1) discretionary access control (Discretionary Access Control, DAC)
By the owner of the object of their object of management by the owner to decide whether or not to own guest access or partial access granted to other subjects, this control is autonomous. In other words, under the discretionary access control, users can according to their wishes, selectively share his files with other users.
(2) Mandatory Access Control (Mandatory Access Control, MAC)
Information system for the security classification and sub-class management, to ensure that each user can access only to the constraint mechanism for accessing that information is marked can be accessed by him. Popular for under the mandatory access control, the user (or other subject) file (or other objects) are marked fixed security attributes (e.g., level of security, access rights, etc.), each time access occurs, the system detect security attributes in order to determine whether a user is authorized to access the file.
(3) Role-Based Access Control (RBAC)
Role-based access control, roles defined by the system administrator applications, and license requirements are imposed on the user, the user can only passively accept, can not make independent decisions, which is a non-discretionary access control. The basic idea is, various permissions for system operation not directly granted to a specific user, but to create a character set for each character corresponding to a respective set of rights between a set of user permissions set. Once the user is assigned an appropriate role, that user has all the authority to operate this role.