O'Reilly logo

Secure Your Node.js Web Application by Karl Duuna

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

Access Control Methods

The access control system’s job is to figure out if a user should be allowed to run some function or see some data. There are different ways of distributing and then checking those rights; in this section we will discuss three of the most widely used methods in computer systems: mandatory/discretionary access control (MAC/DAC), identity-based access control (IBAC), and role-based access control (RBAC).

MAC and DAC are both focused on the data objects instead of the users. Upon authorization the user is assigned to a group, and the access decisions are based on the settings of the data object in question. The DAC model allows the owner of the data object to determine the access-level requirements at the owner’s discretion—hence ...

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, interactive tutorials, and more.

Start Free Trial

No credit card required