Common access control model

Others 2019-07-24 03:44:45 views: null

Access control that is controlling user access to resources or services, popular access control model are the following.

MAC(Mandatory Access Control)

Initially designed and used by the government and the military, it has a very strict access control model.
In the MAC, all privileges predefined by an administrator, and is controlled by the operating system.
MAC achieve a privilege classification of data (such as the important level or security level) and permissions classification of users (departments, projects, etc.), so that when verification can compare authorization level correspondence between the user and the data to know if there access permission.
Only rarely use the MAC, will generally be mixed with other methods, such as UNIX file systems using DAC, but the root account can bypass the access control model is not limited.

DAC(Discretionary Access Control)

And all data and control authority is not the same as the operating system, this allows the user to control access to their own data.
According to the user's identity and group they belong to limit access to the object.
Who or what level the user can define an ACL can access what resources each ACL contains a list of users and groups, and their access rights.
Typically, the system administrator to set a series of common access control permissions.
The key here is that the user can define access to their own resources.

RBAC(Role-Based Access Control)

RBAC company normally used to give access based on the user's position. Here permissions are assigned to roles defined in the above company.
RBAC user is assigned a role, but it contains only have permission roles, methods can not be bypassed.
RBAC separation of duties through the role.

RBAC(Rule-Based Access Control)

Administrators assign permissions based on predefined rules. Each object has its own ACL (access control list), the operating system checks whether the user has that permission.

ABAC(Attribute-Based Access Control)

This model to assign permissions based on specific rules, which combines the user (users), resources (resource) and objects (objects) of properties.
Logic processing is based on the properties of this action, and to determine the role of different properties should meet different requirements.

Refer:
https://www.utilizewindows.com/overview-of-four-main-access-control-models/
https://resources.infosecinstitute.com/access-control-models-and-methods/#gref
https://medium.com/yellow-universe/access-control-models-review-of-types-and-use-cases-1f4c427b0cc2

Guess you like

Origin www.cnblogs.com/helloz/p/11234101.html
Recommended
Rushing to the GitHub hot list——How can open source programming languages and frameworks be so cute?
Beijing Humanoid Robot Innovation Center launches Tiangong, the world's first full-size humanoid robot with purely electric drive for anthropomorphic running
Ranking
8个无需编写代码即可使用 Python 内置库的方法
Java collections interview knowledge Lite
Machine learning algorithms foundation - Introduction a (watermelon materials for the book)
(Easy) Ransom Note - LeetCode
[Five days] Qt from entry to actual combat: the second day
Remember once extremely pit father can not download Maven Jar package of issues: IDEA question
The minimum cost Shortest
OSPF study map (the most complete version)
Network Takeaways
GnuPG
Daily
More
2024-04-27(29)
2024-04-26(22)
2024-04-25(32)
2024-04-24(30)
2024-04-23(30)
2024-04-22(5)
2024-04-21(0)
2024-04-20(6)
2024-04-19(5)
2024-04-18(0)

Code World

© 2018 codetd.com