ABSTRACT
Access control consists of permitting or denying the use of a particular resource. Within networking environments, particularly at the network perimeter, enterprises have used blacklisting. Blacklisting consists of banning a list of resources from access. As the unauthorized and invalid access attempts increased, the blacklist continued to grow. is method allowed everything unless explicitly denied, i.e., default allow. Enterprises are now doing the reverse, only allowing authorized access, i.e., whitelisting, the “known good.” Whitelisting turns blacklisting upside down, categorizing everything as bad except for a small group. Whitelisting is listing entities that are granted a set of privileges (access, services, validity, etc.) within an environment. A whitelist is solely used to define what is allowed to be executed, whereas anything that is not included on the whitelist cannot be executed.
