Assignment Name: Access Controls Procedure Guide
Student Name: Hema Bolagani
Student Number: 002836201
Course Name and Section:
ISOL 534 – Application Security 30_31_32
Dr. Jimmie Flores
Date: May 27, 2018
Ken 7 Windows Limited Personnel should have an access control list which contains a list of permissions, and the users to whom these permissions apply. Only authorized admins can modify this data.
The steps to satisfy each of the requirements in the assignment’s instructions:
1. Status or setting prior to change: go to Start menu and open form for Access Control, log in with required credentials of admin and select manage the access control list or manage users. This will allow the Ken 7 Windows Limited admins to see what is the current status of the access control list: the list of permissions, and the users to whom these permissions apply. It will also bring the admins to the place where they need to be to make any changes.
2. Reason For Change: The reason for change could be.
1. a new user needs to be added to a particular access control list to allow them access to certain information so that they can do their job
2.) edit/modify the list of permissions given to an existing user due to various reasons like promotions etc
3.) delete a user from the control group due to various reasons like fired/death etc
3. Change to implement: Start, Open form and log in as Admin, select manage the access control list or manage users. To add a user to the control group, add a user, follow prompts to add a user,
right-click on the group, click add users, follow prompts to add a user to the group. To modify the list of permissions of the user, select edit/modify the list of permissions for the existing users, follow prompts to modify user, right-click the user, follow prompts to modify the list of permissions needed to be changed to the existing user by selecting/deselecting the list of permissions available. To delete a user from the control group, follow prompts to delete a user, right-click the existing
user and click delete from the control group.
4. The scope of the change: Log out from an admin and Log into the user and test access to group information and add and change capabilities. The list of modifications done to the users in the access control group are logged in a read-only log file along with the time stamps and the admin who applied the changes which can be accessed only by the admin
5. Impact of change: Impact of change either adds access or modifies that access or denies access to user.
6. Status or setting after the change: You back through the same way you access information as the admin and check the information you entered.
7. The process to evaluate the change: Again Ken 7 Windows Limited Personnel can view through admin or they can log out and view by going through the user’s credentials to check and make sure that access and denies was implemented correctly.
8. Undo a change: click on Start, Open form, log in as admin, click undo a previous change. The form accesses the read-only log file (which stores the time stamps and list of modifications on corresponding users) and displays the list of changes done and the corresponding users by descending order of timestamps. The admin can select the modifications one by one or by selecting the user on whom the modifications were done by selecting an entire list of modifications on that user. After the selection is done, the admin can undo the modifications by pressing undo button on the form. These undo modifications will be written into the read-only log file as well. For security purposes, this log file can be encrypted as well.