LOGBOOK

HELP

Quiz Entry - updated: 2026.07.14

What's the difference between Zutrittskontrolle, Zugangskontrolle, and Zugriffskontrolle in German information-security terminology?

Three nested layers: Zutritt = physical (room/building), Zugang = logical system (login), Zugriff = data/operations (RWED on files).

The three German terms map to different layers of defence:

Term Layer Example English (rough)
Zutrittskontrolle Physical access Server room, badge readers, locks Physical access control
Zugangskontrolle Logical-system access Logging in to an OS or application Authentication / system access
Zugriffskontrolle Data/operation access Read/Write/Execute/Delete on a file Authorisation / data access

Why three distinct words exist: German information-security law and standards (e.g. older BDSG, BSI Grundschutz) historically distinguished these three because they need different controls — a guard at the data-centre door is a different control category than file ACLs. English collapses all three into "access control" and relies on context.

The bigger nesting: physical contains logical contains data — Zugriff can only happen if Zugang worked, Zugang only if Zutritt worked.

Tip: The three As of access control map straight onto the inner two layers plus oversight: Authentication (the Zugang/login check), Authorisation (the Zugriff/rights check), and Auditing/Logging (recording what was actually done).

From Quiz: ISF / Access Control | Updated: Jul 14, 2026