Definition: The word, Rights, used in the context of information security relates directly to authorization. Users are granted or authorized to use specific resources. Among the privileges that a user can be granted is to be able to read a file, write to a file, run a file and to delete records. The technical manner in which access is granted to resources would be determined by the information infrastructure’s operating system and the characteristics of the network.

Its Relevance: Information infrastructure owners must address who has access to the resources of the system. The choices should be governed by the security principle, “need to know”. Users would only be allowed to work with resources for which they have been granted access. The policies and procedures should be spelled out in the organization’s information security plan.

Return from "Rights" to Words [P - R]