Access Control Methods
Unit: 10
Lesson: 2
now how exactly should i go about ensuring that employee's can't see the 15 terabytes of data i've collected from them over the years
Authenticated users can be granted rights and permissions to access resources on a network. This is called authorization. How do we manage authorization?
Discretionary Access Control (DAC)
Based on primacy, or "I was here first." The owner of a file or service has complete authority over it. The owner grants rights to the file to others, often through the use of an ACL.
Role-based Access Control (RBAC)
The organization defines its authorizations in terms of the tasks that an employee or a service needs to complete. Each set of permissions is a role, and each principle (user or service account) is granted one or more roles. The right to modify the permissions of each role is reserved for the system owner. Like Discord.
Privileged Access Management
How do I make sure that my very powerful accounts on my network don't get abused?
Principle-of-Least-Principle of Least PrivilegeSeparation-of-Separation of Duties
#Netplus