Access Control Methods
The access control system’s job is to figure out if a user should be allowed to run some function or see some data. There are different ways of distributing and then checking those rights; in this section we will discuss three of the most widely used methods in computer systems: mandatory/discretionary access control (MAC/DAC), identity-based access control (IBAC), and role-based access control (RBAC).
MAC and DAC are both focused on the data objects instead of the users. Upon authorization the user is assigned to a group, and the access decisions are based on the settings of the data object in question. The DAC model allows the owner of the data object to determine the access-level requirements at the owner’s discretion—hence ...
Get Secure Your Node.js Web Application now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.