Rule-Based Versus Role-Based Access Control Systems
Computer access control systems can be defined according to the way that they are used. The two most often specified access control systems are rule-based access control and role-based access control. Rule-based access control requires that specific rules be written that determine who can access what. An example of rule-based access control is the Access Control Lists (ACLs) written for firewall and router configurations that allow or deny access to networks. A rule-based system for users would include a multitude of rules or statements that would indicate which files, printers, or other resources a specific user could use. Rules might state things such as “JohnP can read the chapter_5.txt file, ...
Get Windows Server 2003 Security: A Technical Reference now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.