From the course: CISSP Cert Prep (2021): 5 Identity and Access Management
Join today to access over 22,500 courses taught by industry experts or purchase this course individually.
Accountability
From the course: CISSP Cert Prep (2021): 5 Identity and Access Management
Accountability
- [Instructor] Effective access control systems enforce the principle of accountability. Accountability means that every action taken on a system can be clearly traced back to an individual user without any ambiguity. Administrators can clearly tell who performed an action and the individual can't deny responsibility for that action. There are two prerequisites for ensuring accountability and they are two of the fundamental requirements for any access control system. The first is identification. Each user of the system must be identified by unique identifier, such as a username. The system and organizational policies must not allow the use of any shared departmental or generic accounts. If two individuals share an account the system can't distinguish between them and either of the two users can simply blame the other for any action taken under the shared account. Without identification there is no accountability. The…
Download courses and learn on the go
Watch courses on your mobile device without an internet connection. Download courses using your iOS or Android LinkedIn Learning app.