Access Control

From Rice Wiki
Revision as of 03:49, 6 March 2024 by Rice (talk | contribs)


Sources

Description

Access control is the process of granting or denying specific requests from a user, program, or process. There are many types of access control.

Models

RBAC (role based access control) grants or denies access based on roles assigned to a user. The relationship between roles and users can be many-to-many, and roles can be hierarchical.

Attributes are characteristics represented as name-value pairs. They are assigned to subjects, objects, or the environment. Attributes are very flexible, including things from job roles to time, and ABAC (attribute based access control) controls access with policies that are specified in terms of attributes.

ReBAC (relation based access control) grants access based on relationship between resources. For example, a post can only be edited by the user that created it.

There are many other models, but those are the big ones.

Don't use RBAC

RBAC

Design Principles

  • Design upfront since it can get very complicated, ensure flexibility.
  • Force all requests to go through access control checks
  • Deny by default
  • Principle of least priviledge: grant as little access as possible
  • Don't hardcode roles: typos can be very bad
  • Log access control events to identify malicious users

Tips

  • Use libraries responsibly: check them, make sure to not misconfigure, understand any technology you build autohrization logic upon