This lecture will address Authorization and Access Control processes
Download here
Recommended reading
-
Security in Computing, 4th edition, C. P. Pfleeger, S. L. Pfleeger: Secs. 4.3, 5.2, 5.3
-
Segurança em Redes Informáticas, A. Zúquete: Cap. 11
Interesting links
- Access control
- Discritionary access control (DAC)
- Mandatory access control (MAC)
- Access-control list (ACL)
- Capability-based security
- Role-based access control (RBAC)
- NIST RBAC model
- Attribute-based access control (ABAC)
- XACML (eXtensible Access Control Markup Language)
- Separation of duties
- Multilevel security
- Bell-LaPadula model
- Biba model
- Clark-Wilson model