RBAC might be a bit bad for least privilege in the sense that the effective permissions are aligned to roles. You don't give each user a user an exact set of permissions they need but rather a, usually, over-approximation stemming from the roles available. But with 'activating or switching a role', do you mean that the user uses only a subset of the roles they have to authenticate for a request? Because here is again the question how the roles are stored and how the access control mechanism gets to see them in order to map them to the permissions as an authorization decision takes place.
@zacklambert4214
Жыл бұрын
There is Attribute-Based Acess Control. It determines the users attributes and capabilities for a more detailed screening process in assigning acess.
@AWaterKnight
Жыл бұрын
@@zacklambert4214 Yes, attribute-based gives more control by specifying expressions with the individual attributes of not only the user/subject but also of the target and environment like current time. It is more difficult to implement, though, because the attributes would probabl be under access control themselves and need to be collected.
@zacklambert4214
Жыл бұрын
@@AWaterKnight for user privacy the attributes usally remain hidden under encryption, and the access key is only given to an algorithm to detect the desired attributes.
@zacklambert4214
Жыл бұрын
@@AWaterKnight I suspect in the future this will be used to replace our currency system instead of universal income within smart cities. Acess, duration of sessions, objects, will all be limited depending on roles and attributes of the individual and their behavior within the city.
@MrEkg98
6 жыл бұрын
this just unconfused me about selinux. The book I have is horrible on explanations at times.
@farahwaheeda7295
6 жыл бұрын
what software you using to edit this video like this?
@sazyt
4 жыл бұрын
I also like to know this thing. Google firebase also use this software.
@Siobhanjohnson523
Жыл бұрын
🙇💫💛
@k.o6715
2 жыл бұрын
I have picture question how can I send it to u ?
@Sats33
7 жыл бұрын
😊😊👍👍👍👌
@igordeoliveirasa6674
5 жыл бұрын
How to use acl on table rows?
@sandeepsahu1716
2 жыл бұрын
Sir How to set tags for RBAC..
@chatoninja131
6 жыл бұрын
Why your pen is transparent ?!
@zakmah7958
5 жыл бұрын
the pen movement is very distracting and annoying
@VirginiaBaez-s3d
12 күн бұрын
Wilson Patricia Wilson Charles Rodriguez Timothy
@Death_User666
3 жыл бұрын
too expensive
@joyjit_roy
2 жыл бұрын
*THE WORST LECTURE ON KZitem ON RBAC ------ REASON WHY PPL ARE NOT GOING TO UDEMY*
Пікірлер: 22