Chapter 11. Access Control Systems and Identification Badges. 

Access control systems (ACS) is a security system designed to regulates user and group of authorized users name and password to organization secured data center, specific buildings, specific workstation, keys and badges to enter only assigned rooms and buildings relative to allotted duties. Access control systems tend to allow keyless entry to organization high-sensitivity areas, indicating that a special identification (ID) card is required to gain entry. Access control cards operates in conjunction with card readers situated by entrances to facility and high-security data center units within organization facility. Every now and then, the card is swiped or waved in front of the reader, which processes and verify the information on the card prior to allowing authorized user’s access. It must be underscored that ACS is more secure than traditional keyed entry; recognizing the fact that if access control card is misplaced, lost, and makes its way into the wrong hands, it can easily be deactivated for the same personnel. 

Access control systems is categorized into three variations: discretionary access control (DAC), mandatory access control (MAC), and role-based access control (RBAC). discretionary 

35 

access control (DAC) is designated to hold leaders of organization accountable of why individual should be allowed access to secured control locations. DAC is the least restrictive unit compared to the other systems that often allow individual or group of individuals complete access to organization network data center. The downside of discretionary access control is allowing authorized users opportunity to upgrade access level, privileges and permissions even to nonmembers of the organization; mandatory access control (MAC) and mandatory access control is utilized in organizations that require an elevated emphasis on the confidentiality, sorting and identification of vital data. Unlike DAC, MAC have an established mechanism to control authorized and unauthorized users’ access to secured data center. Role-Based Access Control (RBAC) appears somewhat challenging and demanding but susceptible in most facet of access control systems. 

Per Fennelly, (2017:256), effective access control system is designated to prevent espionage devices, dangerous materials, assets, records, vital data, and intellectual properties out of the organization facility. Furthermore, access control systems and identification badges often reinforce the recognition of employee activities including Identification (ID) cards, badge exchange, escort of temporary consultant and visitors in and out of the facility. 

1. You have been retained as a Lead Information Technology (IT) Director in University  registrar unit. Student and personnel records are especially important to the institution. Recognizing three essential components of access control systems and identification badges, which of these components; discretionary access control (DAC), mandatory access control (MAC), and role-based access control (RBAC) will you implement to support the institution registrar unit. 

2. Professional inquiry: which of these three types of can be used to protect and defend access rights to the records, data information of students and personnel embedded in the university registrar unit? 

1. Role-based access control
    
2. Discretionary access control
    
3. Mandatory access control
    
4. Relational access control
    

3. Provide comprehensive narrative on how your plan of action will postulate offensive and defensive measures for the university registrar unit.

400-500 words. APA formatting with at least 4 references(sorted).