mirror of
https://github.com/The-Art-of-Hacking/h4cker
synced 2024-11-10 05:34:12 +00:00
Create access_control_cheatsheet.md
This commit is contained in:
parent
c40c505f8f
commit
053667cbd2
1 changed files with 9 additions and 0 deletions
9
cheat_sheets/access_control_cheatsheet.md
Normal file
9
cheat_sheets/access_control_cheatsheet.md
Normal file
|
@ -0,0 +1,9 @@
|
||||||
|
# Discretionary Access Control (DAC), Mandatory Access Control (MAC), Role-Based Access Control (RBAC), and Attribute-Based Access Control (ABAC)
|
||||||
|
|
||||||
|
| Feature | DAC | MAC | RBAC | ABAC |
|
||||||
|
|------------------------|------------------------------------------------------|----------------------------------------------------|------------------------------------------------------|------------------------------------------------------------|
|
||||||
|
| Access Control Basis | Based on identity of the requester and the discretion of the owner | Based on classifications and security clearances | Based on roles within an organization | Based on attributes (user, resource, environment) |
|
||||||
|
| Access Decision | Owners of the resource decide who can access it | System-enforced, not changeable by users | Access based on roles and their permissions | Decisions based on a set of policies involving attributes |
|
||||||
|
| Flexibility | Highly flexible with individualized control | Less flexible, focuses on classification levels | Moderately flexible, easy to manage | Highly flexible and granular |
|
||||||
|
| Complexity | Can become complex with many users and permissions | High, due to strict policy enforcement | Medium, depends on roles and permissions setup | High, due to complex policy definitions |
|
||||||
|
|
Loading…
Reference in a new issue