Access Control Methods

The access control system’s job is to figure out if a user should be allowed to run some function or see some data. There are different ways of distributing and then checking those rights; in this section we will discuss three of the most widely used methods in computer systems: mandatory/discretionary access control (MAC/DAC), identity-based access control (IBAC), and role-based access control (RBAC).

MAC and DAC are both focused on the data objects instead of the users. Upon authorization the user is assigned to a group, and the access decisions are based on the settings of the data object in question. The DAC model allows the owner of the data object to determine the access-level requirements at the owner’s discretion—hence ...

Get Secure Your Node.js Web Application now with O’Reilly online learning.

O’Reilly members experience live online training, plus books, videos, and digital content from 200+ publishers.