Access control in relation to risk, threat and vulnerability:-
Risk is defined to be an activity of finding threat full methods and weakness getting access to destroy assets.
It is defined to be a space or weakness in system’s security that helps to find threats and obtain access to unintended people. It can be useful for cyber hackers to get access for content into a system of an organization even though they are unauthorized to do so.
Threats can be anything which is present interior to the system or exterior, whether happens coincidentally or in an accident manner and may destroy security of organization.
Access control and its relation to the above defined factors:-
Access control to any organization is helpful to minimize the potential risks to the organization by prevention of ways possible vulnerabilities attacking the system.
Risk is nothing but function of threats exploiting vulnerabilities to destroy assets, thus threats might exist but if the vulnerabilities are less then there a chance of very less risk .In a similar manner if there is vulnerability and we have no or little threat, we have little risk.
Access control eliminates Vulnerabilities by the following ways:
• Encrypting URL content , data
• Maintenance and creating time out sessions
• Encrypting data in the database itself so that no one can fetch the data by using simple SQL injection queries
Access control eliminates threats by following methods:
• Verifying digital signatures in the web pages
• Parsing each HTTPS requests in order to verify the previously logged in user.
• Using the IP address or location of person who is trying to authenticate.