Difference between Right , Permission and Policy

By -

 

Rights, permissions, and policies are fundamental concepts in access control and security management, but they serve distinct purposes and are applied at different levels in computer systems and networks. Here's a breakdown of the differences between them with examples:

1. Rights:

  • Purpose: Rights refer to the specific actions or operations that a user or group of users is allowed to perform on a particular resource. They define what someone can do with a resource.

  • Scope: Rights are typically applied at the resource level and are specific to that resource.

  • Example: In a file system, you can assign rights to a user or group on a specific file or folder. For instance, you can grant User A the "Read" right on a document, allowing them to view its contents but not modify or delete it.

2. Permissions:

  • Purpose: Permissions are a set of rights collectively assigned to a user or group on a resource. They determine the overall access level for a user or group concerning a resource.

  • Scope: Permissions are also applied at the resource level but encompass multiple rights.

  • Example: In a file system, you can set permissions on a shared folder. These permissions might include allowing the "Sales Team" group to have "Read" and "Write" permissions on the folder, which means members of the Sales Team can view and edit the files within that folder.

3. Policies:

  • Purpose: Policies are sets of rules, guidelines, or configurations that define how a system, network, or users should behave or how security measures should be enforced across a broader context.

  • Scope: Policies are applied at a broader level, governing the behavior or security posture of users, systems, or devices across the entire network.

  • Example:

    • Password Policy: A password policy is a set of rules that dictate how user passwords should be created, maintained, and enforced. For example, a policy might require passwords to be at least eight characters long, include a combination of letters and numbers, and expire every 90 days.
    • Group Policy: In a Windows domain environment, Group Policy allows administrators to define and enforce configurations for all computers and users in the domain. This can include security settings, application restrictions, and desktop configurations.

Differences with Examples:

Let's illustrate the differences between rights, permissions, and policies further with examples:

  • File Permissions (Permissions): Assigning "Read" and "Write" permissions to a group on a shared folder (Permissions) determines what actions group members can perform on the files within that folder. It combines individual rights into an overall access level.

  • User Rights (Rights): User rights, such as "Logon Locally" or "Shut Down the System," specify specific actions or privileges that a user or group has on a computer.

  • Password Policy (Policy): A password policy (Policy) sets rules for all user passwords across a domain, defining the minimum length, complexity requirements, and password expiration. It governs password management practices network-wide, rather than specific resource access.

Comments

Post a Comment

Popular posts from this blog

CCNA Router and Catalyst Switch IOS Command Reference

By -
CCNA Router and Catalyst Switch IOS Command Reference By Jamison Schmidt This reference guide provides router and switch commands to help you prepare for Cisco's CCNA certification exam. This guide covers IOS version 11 and higher. We will try to get VLSM and Supernetting commands added for the new 640-801 CCNA exam. Reference Quick Links Router Commands Show Commands Catalyst Commands Router Commands Terminal Controls: ·   Config# terminal editing - allows for enhanced editing commands ·   Config# terminal monitor - shows output on telnet session ·   Config# terminal ip netmask-format hexadecimal|bit-count|decimal - changes the format of subnet masks Host Name: ·   Config# hostname ROUTER_NAME Banner: ·   Config# banner motd # TYPE MESSAGE HERE # - # can be substituted for any character, must start and finish the message Descriptions: ·   Config# description THIS IS THE SOUTH ROUTER - can be entered ...
Read more

Network Technologies

By -
Image
Common Networking Protocols TCP - TCP breaks data into manageable packets and tracks information such as source and destination of packets. It is able to reroute packets and is responsible for guaranteed delivery of the data. IP - This is a connectionless protocol, which means that a session is not created before sending data. IP is responsible for addressing and routing of packets between computers. It does not guarantee delivery and does not give acknowledgement of packets that are lost or sent out of order as this is the responsibility of higher layer protocols such as TCP. UDP - A connectionless, datagram service that provides an unreliable, best-effort delivery. ICMP - Internet Control Message Protocol enables systems on a TCP/IP network to share status and error information such as with the use of PING and TRACERT utilities. SMTP - Used to reliably send and receive mail over the Internet. FTP - ...
Read more

About myself

By -
With a track record of delivering innovative IT solutions and optimizing technology infrastructure, Prashant Shrivastava is the driving force behind the organization's digital transformation journey from 2007. Expertise in ERP Implementation: Prashant Shrivastava brings a wealth of experience in Enterprise Resource Planning (ERP) implementation, having successfully overseen multiple projects. ERP systems are vital for streamlining business processes, enhancing data visibility, and improving decision-making. He possesses a deep understanding of ERP modules, such as finance, human resources, supply chain, and customer relationship management, ensuring seamless integration across all departments. Infrastructure Administration and System Administration: As a Head of IT, Prashant Shrivastava has a strong foundation in both Infrastructure and System Administration. This expertise includes managing servers, networks, databases, and ensuring the overall stability and security of the IT env...
Read more