Demo project for role based access control
Basic Methods
- ACL
- RBAC
ACL or Access Control List is an implementation of access control, usually represented as a table of privileges.
RBAC or Role Based Access Control is an access control method where users are given roles and the roles determine what privileges they have.
In the basic setting ACL is an implementation type. RBAC does not need to have a hierachy in the model. (HRBAC - Hierarchical Role Based Access Control)
Focuses on the data object as the center of access right.
This method focuses on the identity of the user as the basis of the privileges.
Operational privileges are grouped into roles and each user is assigned a role.
Is an evolution of RBAC. ABAC aims to solve this problem by providing a framework for defining access rights based on the various properties of a user.