Application model for privileged account access control system in enterprise networks


Sindiren E., CİYLAN B.

COMPUTERS & SECURITY, cilt.83, ss.52-67, 2019 (SCI İndekslerine Giren Dergi) identifier identifier

  • Yayın Türü: Makale / Tam Makale
  • Cilt numarası: 83
  • Basım Tarihi: 2019
  • Doi Numarası: 10.1016/j.cose.2019.01.008
  • Dergi Adı: COMPUTERS & SECURITY
  • Sayfa Sayıları: ss.52-67

Özet

Directory applications are utilized to centrally manage the high number of computers, user accounts, printers, servers, etc. While using the directory service, privileged accounts are used to execute the operation of components and network services within the network infrastructures. These privileged accounts have wide authorizations on all the components within the directory service. One of the objectives of cyber-attacks on such systems is to obtain the passwords of such accounts. Thus, a model is designed and presented in this study in order to enable the privileged accounts to be controlled, managed, and followed at minimum cost. This application model enabled the determination of passwords of privileged user accounts in accordance with the fundamental IT security principles, establishment of stronger passwords, clarification of the limits of duties of IT personnel, a decrease in their work load, and an increase in the awareness of managers about IT security. (C) 2019 Elsevier Ltd. All rights reserved.