Access Control - Types

Access Control - Types

José Cruz José Cruz

José Cruz

Experienced Software Architect in Java, .NET, and Python, and a Passion for Crafting Scalable, High-Quality Solutions.

发布日期: 2023年8月8日
+ 关注

Access Control - Types


is a security technique that regulates who or what can view or use resources in a computing environment.


MAC - Mandatory Access Control

- A central authority governs access.

- Common in military and government environments.

DAC - Discretionary Access Control

- The administrator and the owner decide on the access.

- Lack of a central authority.

RBAC - Role-Based Access Control

- The restrictions on resources are based on roles, groups, or individuals.

- Ex: Administrator, Human Resources, Analyst, Sales

RSBAC - Rule Set-Based Access Control

- An administrator uses conditions to define the rules.

- Ex: Days, Time, Locations

ABAC - Attribute-Based Access Control

- The accesses are defined by evaluating rules, policies, and relationships.

- Ex: A user with the role=="sales" can actionId=="read" if user.project==sales.project.?


(to be continued...)

要查看或添加评论,请登录

José Cruz的更多文章

  • SaaS: Software as a Service
    2024年1月8日

    SaaS: Software as a Service

    - A SaaS vendor hosts the service or the software. - The vendor provides a license or subscription model.

  • X-aaS – how many
    2023年12月5日

    X-aaS – how many

    SaaS - Software as a Service PaaS - Platform as a Service IaaS - Infrastructure as a Service AaaS - Analytics as a…

  • What is an Architecture Style
    2023年10月21日

    What is an Architecture Style

    Architecture Style is the same as an Architecture Pattern. It gives a name to the way the components and their…

  • IAST
    2023年9月23日

    IAST

    IAST - Interactive Application Security Testing identifies security vulnerabilities in application code while it’s…

  • Dynamic Application Security Testing (DAST)
    2023年9月17日

    Dynamic Application Security Testing (DAST)

    is a testing process to assess an application's security weaknesses and vulnerabilities. - Performs a black-box testing.

  • SAST
    2023年9月13日

    SAST

    is a method used to review the source code of an application to identify potential vulnerabilities. - It is commonly…

  • BASE Transactions
    2023年9月11日

    BASE Transactions

    is a transaction model often used on databases that rely heavily on horizontal scaling and performance. - BA: Basic…

  • ACID
    2023年9月10日

    ACID

    is an acronym used in databases to describe the properties associated with the input-output operations on the data. -…

  • Coarse-grained vs. fine-grained
    2023年9月9日

    Coarse-grained vs. fine-grained

    In computing, these concepts refer to the level of detail at which a system, configurations, security management, and…

  • RAG - Retrieval Augmentation Generation
    2023年8月27日

    RAG - Retrieval Augmentation Generation

    RAG - Retrieval Augmentation Generation is a combination of Retrieval Augmentation and Generation to improve natural…

    1 条评论

社区洞察

其他会员也浏览了