Chapter 39. What Is ACL-Based Security?

Security based on access control lists (ACLs) focuses more on objects than on users (as opposed to role-based security, discussed in Item 38). The idea in an ACL-based system is that each object will have its own access control policy represented by a list of permissions stored in an ACL (Item 43). Whereas a role-based system might control whether a user in a particular role may access a set of objects in a certain way, an ACL-based approach allows each individual object to control which users can touch it and in what ways. An object typically grants permissions to groups (Item 20), and an ACL-based access check requires comparing the requesting user's groups to the permissions granted in the object's ACL. ...

Get The .NET Developer's Guide to Windows Security now with O’Reilly online learning.

O’Reilly members experience live online training, plus books, videos, and digital content from 200+ publishers.