Security Access Control¶
A security access control defines the permissions to perform specific operations on a particular digital resource.
Common Access Control Models¶
The security profession defines a number of approaches to managing access to digital resources:
- Role-Based Access Control (RBAC): Assigns permissions based on user roles, simplifying management and following the principle of least privilege.
- Attribute-Based Access Control (ABAC): Uses user attributes such as location, job title, or time of access to dynamically determine permissions.
- Discretionary Access Control (DAC): Allows resource owners to decide who can access their resources.
- Mandatory Access Control (MAC): Enforces strict policies set by administrators, often used in high-security environments.
Each of these are possible in Egeria using metadata security and governance zones.
Further information
- The SecurityAccessControl open metadata type is described in Model 0423 Security Definitions.
- Security access controls are stored in a secrets store collection.
- The Security Officer API is used to maintain security access controls.
Raise an issue or comment below