--- tags: 47-SSA --- # 1: Access Control ###### Rizwan <img src='https://i.imgur.com/KKCzFuD.jpg' width='80%'> --- ## 1. Access Control Models ### 1-1 Discrentionary Access Control (DAC) 自主訪問控制 The controls are discretionary in the sense that a subject with a certain access permission is capable of passing that permission (perhaps indirectly) on to any other subject (unless restrained by mandatory access control). ### 1-2 Mandatory Access Control (MAC) 強制訪問控制 With mandatory access control, this security policy is centrally controlled by a security policy administrator; users do not have the ability to override the policy and, for example, grant access to files that would otherwise be restricted. ### 1-3 Role-Based Access Control (RBAC) 角色基礎訪問控制 It is an approach to implement mandatory access control (MAC) or discretionary access control (DAC). Role-based access control is a policy-neutral access-control mechanism defined around roles and privileges. ### 1-4 Usage Control (UCON) ### 1-5 Policy-Based Access Control (PBAC) --- # Lab 1 - UNIX-based Access Control | [rwx] | [rwx] | [rwx] | | ---------- | ----- |:-------------------:| | owner/user | group | others/anyone other |