π Access control methods
RBAC
Role based access control
This works by restricting system access to only authorised users. Itβs an approach to implement mandatory access control or discretionary access control. It could be used to allow access to certain folders within a workspace.
Pros
Allows you to create hierarchies where managers automatically get all the permissions of their direct staff.
Cons
In the event of role explosion, translating use requirements to roles can be complicated.
ABAC
Attribute-Based access controls
An authorisation model that evaluates the characteristics, rather than roles, to determine access.
Pros
Administrators have the luxury of choosing from a large set of attributes, which helps them formulate highly specific rules.
Cons
Can be hard to implement, especially in time-constrained situations
MAC
Mandatory access control
A method of limiting access to recourse based on the sensitivity of the information that the resource contains.
Pros
- High level data protection
- Centralised information
Cons
Careful set-up process β MAC must be set up with good care otherwise it will make working chaotic.
DAC
Discretionary access control
Restricting access to object based on the identity of the subject. (the user or group which the user belongs)
Pros
Easy to maintain
