Access Control – Types
is a security technique that regulates who or what can view or use resources in a computing environment.
- MAC – Mandatory Access Control
- A central authority governs access.
- Common in military and government environments.
DAC – Discretionary Access Control
- The administrator and the owner decide on the access.
- Lack of a central authority.
RBAC – Role-Based Access Control
- The restrictions on resources are based on roles, groups, or individuals.
- Ex: Administrator, Human Resources, Analyst, Sales
RSBAC – Rule Set-Based Access Control
- An administrator uses conditions to define the rules.
- Ex: Days, Time, Locations
ABAC – Attribute-Based Access Control
- The accesses are defined by evaluating rules, policies, and relationships.
- Ex: A user with the role==”sales” can actionId==”read” if user.project==sales.project.
(to be continued…)