Why is access control important?
- Access control minimizes the risk of authorized access to physical and computer systems, forming a foundational part of information security, data security and network security. source
Describe an application that would need access control.
- Any site that is managing a user base is likely going to require some type of access control.
What is a role used for?
- A role is used to define a set of permissions that a specific group or job function that requires a specific set of access rules. (HR, admin, engineer, sales, etc)
Why is role based access control more scalable than discretionary or mandatory access control?
- RBAC is more scalable than DAC and MAC becuse you are assigning a general group a certain privialge vs individual persons or devices. source
Authorization
- Authroization is the permission granted to a system once authenticated. source
Role Based Access Control
- Role Based Access Control (RBAC) allows you to create and enforce access by assigning a set of permissions to what each specific user or user groupe can and cannot do. source
Capabilities
- Is another name for a key/token in an authentication system. source
Which 3 things had you heard about previously and now have better clarity on?
- Role Based Access Control, Mandatory Access Control, and Discretionary Access Control
Which 3 things are you hoping to learn more about in the upcoming lecture/demo?
- Role Based Access Control, Mandatory Access Control, and Discretionary Access Control
What are you most excited about trying to implement or see how it works?
- Access Control