Logical access control
Logical access controls are tools used for identification, authentication, authorization, and accountability in computer information systems. They are components that enforce access control measures for systems, programs, processes, and information. Logical access controls can be embedded within operating systems, applications, add-on security packages, or database and telecommunication management systems.
Logical access control can be contrasted with physical access control (an example of which is a mechanical lock and key controlling access to a room), but the line between the two can be blurred when physical access is controlled by software. For example, entry to a room may be controlled by a chip and PIN card and an electronic lock controlled by software. Only those in possession of an appropriate card, with an appropriate security level and with knowledge of the PIN are permitted entry to the room. On swiping the card into a card reader and entering the correct PIN, the user's security level is checked against a security database and compared to the security level required to enter the room. If the user meets the security requirements, entry is permitted. Having logical access controlled centrally in software allows a user's physical access permissions to be rapidly amended or revoked.
Logical Controls, also called logical access controls and technical controls, protect data and the systems, networks, and environments that protect them. In order to authenticate, authorize, or maintain accountability a variety of methodologies are used such as password protocols, devices coupled with protocols and software, encryption, firewalls, or other systems that can detect intruders and maintain security, reduce vulnerabilities and protect the data and systems from threats.
The Basics of Information Security. Andress, Jason. 2011