preface
In the computer industry, access control refers to managing the access rights of different people to computers and computer resources. This paper briefly introduces the mainstream access control mechanisms (concepts and models) recognized and widely used in the industry, and briefly analyzes their usage scenarios and limitations. A better understanding of the differences between the various mechanisms will help readers choose models and approaches that best suit their projects.
Access control
Access Control, as its name suggests, is a security measure that regulates user Access to resources by verifying user permissions. Therefore, Identification, authentication and authorization are the three important parts of an access control model.
Readers who have read books or practices related to security or authorization should be familiar with the differences between the three concepts. If they are not familiar with them, they can be understood through ipD-authentication-authorization
Access control mechanisms allow subjects (representing the current “user”, not necessarily a person, but also a crawler or robot) to use their credentials (such as passwords or tokens) to identify themselves as legitimate users and to give subjects access to resources. A simple example is Access Control in Linux, where Access to files is limited by a predefined Access Control List (ACL).
Classification of access control
Access control is sometimes divided into two broad categories, Discretionary and non-discretionary. The most popular and widely used access control models are three types: Mandatory Access Control (MAC), Discretionary Access Control (DAC), Role-based Access Control (RBAC)
Discretionary access control (DAC)
DAC is a policy set by the owner of an Object (file or data in the system), who decides who can access the Object and what Privileges it has.
Some Chinese translate the policy into strategy I think is not very completed, here simply directly in English, the word policy will often appear in and safety related topics en.wikipedia.org/wiki/Comput… .
DAC has two important concepts:
- Ownership of files and Data: All objects in the system have an owner. In most DAC systems, the initial owner of an object is the Subject that causes the object to be created, and the policy for the object is dictated by this Subject.
- Access Rights and Permissions: Owner can set Access rights for other subjects.
Mainstream DAC models often use ACL or Access Control Matrix (ACM) to record policies. For example, policies are represented in Casbin as follows
p alice data1 read
p bob data2 write
Copy the code
Users who have access to an object can assign access to that object to other users, so this is called Discretionary control. The most common use of this design is for file system permissions, such as Microsoft NTFS.
The biggest disadvantage of DAC is the decentralized control of permissions, which is not easy to manage. For example, it is not easy to set uniform permissions for a set of files and open them to a specified group of users. At the same time, the main authority is too large inadvertently may leak information, and can not guard against Trojan attack access control table.
Mandatory Access Control (MAC)
The MAC is a more “strict” system. Such access control rules usually classify data and users according to security levels. The access control mechanism compares security labels to determine whether to grant or deny users access to resources. Users can access objects only according to the permission granted by the security label.
In a mandatory access control system, all subjects (users, processes) and objects (files, data) are assigned security labels, and security labels identify a security level. When the access control is implemented, the security level of the Subject and the object is compared, which is an access mode imposed on the Subject(that is, the system forces the Subject to obey the access control policy). It uses the up-read/down-write to ensure data integrity, and uses the down-read/up-write to ensure data confidentiality.
There are mainly Bell LaPadula (BLP) Model and Lattice Model.
MAC access control way by gradient security labels, one-way flow of information can effectively prevent Trojan attacks, but its implementation larger workload, and management of inconvenience, inflexible, and it is overweight emphasis on confidentiality, authorized by the continuous working ability, the system manageability into consideration, less use in commercial software, It is mainly used in military and organizations with high requirements for information confidentiality.
Role-based Access Control (RBAC)
RBAC is a major alternative to MAC and DAC because it is more suitable for commercial software than BOTH DAC and MAC. Role-based Access Control (RBAC) refers to dividing the permissions of users in the system by roles. For example, in a system, doctors have the permission to create new cases, while ordinary nurses do not. It provides fine-grained control and provides a simple, easy-to-manage approach to access control that is less error-prone than assigning privileges to users individually, such as ACLs.
Afterword.
This article introduces the access control and introduces several relevant mainstream models, some such as ABAC and some variants of the model are not introduced in detail. The details will be discussed in subsequent articles.
The resources
- Computer_access_control wiki
- Role-based Access Control, Second Edition Chapter 1 and 2
- types-access-control-systems in statesystemsinc.com
- Casbin document
- RBAC in Auth0