The present invention, in general, relates to access control in a computer network. In particular, the invention relates to a method and system for providing access control using an advanced command interface (ACI) server present in the computer network.
In a computer network, user access to stored data needs to be controlled to prevent security breaches in any organization. Security is an important factor for access control systems that grant access to multiple users, especially when access can be obtained from outside a restricted area, for example, by hacking the login identity and password of a user. As systems become more complicated and access to data needs to be more widely distributed, security systems become more complex. The demand for secure and efficient computer systems is increasing with time. Access control is usually performed by providing controlled access rights to the users of a computer system. Also, these access rights define the extent of privileges assigned to the users of the computer system. Various security systems are integrated in an operating system of the computer system to provide access control to the users.
Various access control systems are available which are designed to provide restricted and monitored access rights to users of the computer network. An example of such an access control system is Cisco System Inc's Cisco Secure Access Control System (ACS). ACS provides controlled access to the users of the computer network in three stages—authentication, authorization, and accounting (AAA)—through a centralized server. During the authentication stage, the access rights of each user in the computer network are identified based on the users' login identity and password. In the authorization stage, the access control policy is implemented, and the users are provided with one-time or temporary authorization. Lastly, in the accounting stage, security server information is collected and used for auditing and reporting. In another example, Fox Technologies provides an access control system in which a central server defines the users and the corresponding applications they can access. Additionally, the central server authenticates the users to access the data stored on a remote machine on the basis of the roles assigned to the users.
In yet another example, Sun Microsystems developed Application Server 7 Access Control to deal with security issues. Application Server 7 Access Control has two main functions—authentication and authorization, which are performed at separate stages and are independent of each other. Since the two distinct operations are performed at separate stages, the overall computing requirement and complexity of the system increases with Application Server 7.
To maintain data security and integrity, the access control systems described above use a role-based access control (RBAC). A role is mainly based on a set of jobs assigned to each user of an organization corresponding to a particular job position or job description of the user. In such a scenario, typically, the system administrator grants permission to different roles, and groups various users under specific roles that exist in the organization. The access control system includes an access control list (ACL) stored in a centralized server which includes the list of users and their corresponding access rights based on the roles and job descriptions. To access a particular server, a user needs to send a request to the centralized server, which authorizes the request based on the ACL.
Using only the RBAC system is disadvantageous in several ways. Once the roles have been assigned to a group of users, a new user from the group of users may execute commands at various servers according to the access rights, and due to lack of proficiency in executing commands, the user may execute high-impact commands. The execution of the high-impact commands may result in an unwanted change in the data stored on the servers.
Since the access control systems are based only on the roles assigned to the users, the systems are unable to perform mistake proofing at different servers on which data is stored. Mistake proofing is a procedure in which the access control system is able to control the execution of intentional as well as unintentional commands provided to the computer network by the users. There may be few commands that may cause an unwanted change at the servers on which the command is executed. For example, a reboot command executed at the server may cause complete shutdown of the server for some time. Therefore, such commands should be executed only by a system/network expert in the organization, and every engineer should not have the rights to run such critical and high-impact commands. As explained above, commands may be intentionally or unintentionally executed by the user; for example, a hacker may execute commands from outside the organization to obtain confidential information about the organization or an engineer may unintentionally execute a critical command without knowing the consequences. Also, these commands have to be executed manually by the users, and manual execution may cause errors in the system due to lack of expertise of the user or other factors.
In light of the foregoing, there is a need for a method and system for providing an access control system for controlled access to remote servers in such a way that mistake proofing can be implemented. This will protect the system from both intentional and unintentional mistakes. Further, the access control system should minimize human intervention involved in the execution of commands, and thus, reduce errors to make the system more robust.