Application model for privileged account access control system in enterprise networks

Sindiren, Erhan; Ciylan, BÜNYAMİN

doi:10.1016/j.cose.2019.01.008

Application model for privileged account access control system in enterprise networks

Atıf İçin Kopyala

Sindiren E., Ciylan B.

COMPUTERS & SECURITY, cilt.83, ss.52-67, 2019 (SCI-Expanded)

Yayın Türü: Makale / Tam Makale
Cilt numarası: 83
Basım Tarihi: 2019
Doi Numarası: 10.1016/j.cose.2019.01.008
Dergi Adı: COMPUTERS & SECURITY
Derginin Tarandığı İndeksler: Science Citation Index Expanded (SCI-EXPANDED), Scopus
Sayfa Sayıları: ss.52-67
Anahtar Kelimeler: Privileged account management, Identity-based access control, Password attacks, Local administrator password control, IT assets security, SECURITY, MANAGEMENT
Gazi Üniversitesi Adresli: Evet

Özet

Directory applications are utilized to centrally manage the high number of computers, user accounts, printers, servers, etc. While using the directory service, privileged accounts are used to execute the operation of components and network services within the network infrastructures. These privileged accounts have wide authorizations on all the components within the directory service. One of the objectives of cyber-attacks on such systems is to obtain the passwords of such accounts. Thus, a model is designed and presented in this study in order to enable the privileged accounts to be controlled, managed, and followed at minimum cost. This application model enabled the determination of passwords of privileged user accounts in accordance with the fundamental IT security principles, establishment of stronger passwords, clarification of the limits of duties of IT personnel, a decrease in their work load, and an increase in the awareness of managers about IT security. (C) 2019 Elsevier Ltd. All rights reserved.