This lecture will address Authorization and Access Control processes
Download here
Mandatory Reading
One of
- Segurança em Redes Informáticas, A. Zúquete, Chap. 11
- Security in Computing, 6th edition, Charles Pfleeger, Shari Lawrence Pfleeger, Lizzie Coles-Kemp, Chap. 2.2
- Ross Anderson, Security engineering, Third Edition Chap. 6.
Relevant References
- Access control
- Discritionary access control (DAC)
- Mandatory access control (MAC)
- Access-control list (ACL)
- Capability-based security
- Role-based access control (RBAC)
- NIST RBAC model
- Attribute-based access control (ABAC)
- XACML (eXtensible Access Control Markup Language)
- Separation of duties
- Multilevel security
- Bell-LaPadula model
- Biba model
- Clark-Wilson model