Today we continue discussing RBAC model. We discussed that it could implement both DAC and MAC. It is based on the premise of roles. User migrations are therefore easier to handle. Further, a user has to be assigned a role, the role has to be active and authorized. Permission for the object must also be authorized.
RBAC supports three security principles i.e the minimum authority principle, the responsibility separation principle, and the data abstraction principle. The minimum authority principle means that the system only assigns minimum running authority to the role, and the responsibility separation principle means that mutually exclusive roles can be activated simultaneously to complete one task. The data abstraction principle means that authority is abstracted so that it does not specify explicit operations such as read, write, create, delete etc.
RBAC became popular in the enterprise world for its ease of deployment and the controls it gave. For example, the user, role, access authority, role class, mutual exclusion, and restriction of roles simplified deployment and management. RBAC provides flexibility, convenience and security.
Access Control in the grid computing environment differs from the enterprise access control in that the there is no more a centralized entity that can support a unified and central access control mechanism. Grid computing might involve peer to peer networks or other distributed technologies where decentralized multi domain management mode may be better suited. Therefore the access control strategy should be studied based on the traditional access control model.
#codingexercise
Double GetAlternateEvenNumberRangeSqRtProductSquares()(Double [] A)
{
if (A == null) return 0;
Return A.AlternateEvenNumberRangeSqRtProductSquares();
}
RBAC supports three security principles i.e the minimum authority principle, the responsibility separation principle, and the data abstraction principle. The minimum authority principle means that the system only assigns minimum running authority to the role, and the responsibility separation principle means that mutually exclusive roles can be activated simultaneously to complete one task. The data abstraction principle means that authority is abstracted so that it does not specify explicit operations such as read, write, create, delete etc.
RBAC became popular in the enterprise world for its ease of deployment and the controls it gave. For example, the user, role, access authority, role class, mutual exclusion, and restriction of roles simplified deployment and management. RBAC provides flexibility, convenience and security.
Access Control in the grid computing environment differs from the enterprise access control in that the there is no more a centralized entity that can support a unified and central access control mechanism. Grid computing might involve peer to peer networks or other distributed technologies where decentralized multi domain management mode may be better suited. Therefore the access control strategy should be studied based on the traditional access control model.
#codingexercise
Double GetAlternateEvenNumberRangeSqRtProductSquares()(Double [] A)
{
if (A == null) return 0;
Return A.AlternateEvenNumberRangeSqRtProductSquares();
}
No comments:
Post a Comment