Users’ environments can be constructed and controlled, which is another approach
to controlling the objects they have access to. An administrator can create
a user profile that will provide a user’s working environment. This profile
allows the administrator to dictate what icons,menus, applications, commands,
and functionality is available within that environment. It is considered a restricted
interface because the user utilizes the provided environment, desktop,
and profile to interface with the operating system, installed applications, and resources.
Another example of a restricted interface is a database view. A database administrator
can implement database views, which will show only the information
within the database that the user has the necessary access rights to view. So
the payroll department may be able to view employee salary and commission
information, but not individual’s employment records and human resource information.
Different department managers may be able to view their employees’
employment records, but not their salary and commission information. Database
views are controls that allowthe database administrator to logically partition
the database and present these specific pieces to different authenticated users.
The last restricted interface access control technique we look at is a physically
constrained interface. The best example of this type of access control is an automated
teller machine (ATM). These systems have operating systems that have
many more capabilities than transferring, depositing, and withdrawing funds,
but users of these machines are presented only with buttons for these specific
functions and no more. Thus, the physically constrained interface provides limited
options and only a few buttons so any other functions that the operating
system can actually perform are not accessible by regular users.
No comments:
Post a Comment