Access control is the policy-driven limitation of access to systems, data and dialogs. It is all about controlling the access to systems and to identify authorize and unauthorized users (Who should have access) and the operations done on the systems if authentication is done.
Access Control mainly includes User Authorization and User Authentication. Authentication is all about access of system to individual .Whereas Authorization includes access permissions to users once they logged into the system.
Access Control Tools includes Physical access control and Logical access control.
Physical access control includes Building Security Basics and Access cards using Locks, Monitoring tools. To implement Security basics we can follow single point of entry to building, Providing Security centers Provide Training to security personnel and employees, and have Data wiring security. Regarding the access cards the pin can be short, should provide two factor authentication and a central system in case of Card Cancellation.
Logical access control includes User profiles, Firewalls, Biometrics. User profiles which includes IDs and Passwords, where cracking of Passwords is difficult whereas hacking of user accounts is done commonly than hacking root. Password attacks can be Dictionary attacks and Hybrid attacks Common word with single digit at end, etc. Logical control biometrics includes Biometric authentications and Biometric systems. Biometric authentications use Biometric Methods such as Face recognition, Voice recognition, Keystroke recognition, Rhythm of typing etc.
Wireless LAN (WAN) operations uses spread spectrum transmission for data transmission which are hard to detect but 802.11 does not provide security but helps easily to detect so devices can find each other and prevents frequency dependent propagation problems than security. Whereas Wired Equivalent Privacy (WEP) is not enabled by default which uses 40-bit or 128-bit encryption key with shared passwords which are difficult to change so rarely changed and uses Flawed security algorithm.This concludes the different access control methods used for controlling user authorization and authentication.