RBAC grants access based on a user’s role and implements key security principles such as “least privilege” and “separation of privilege.” Thus, someone attempting to access information can only access data necessary for their role. MAC is a policy in which access rights are assigned based on central authority regulations. MAC was developed using a nondiscretionary model, in which people are granted access based on an information clearance. DAC is a means of assigning access rights based on user-specified rules. With DAC models, the data owner allows access. Role Based Access Control (RBAC) is the most common method today, and the most recent model is Attribute Based Access Control (ABAC). Obsolete access models include Discretionary Access Control (DAC) and Mandatory Access Control (MAC). Without authentication and authorization, there is no data security.Īny company whose employees connect to the Internet, thus, every company today, needs some level of access control implemented. An additional layer of security is required, authorization, which determines whether a user should be allowed to access the data or make the transaction he’s attempting.
Note that authentication isn’t enough to protect data. It includes two main components: authentication and authorization.Īuthentication is a method of verifying the identity of a person who is accessing your database. Database access control is a method of allowing access to company’s sensitive data only to those people (database users) who are allowed to access such data and to restrict access to unauthorized persons.
0 kommentar(er)
