There are many ways to decide who gets access to what. But once you make those decisions, a tougher question comes up: how do I enforce the rules you I created? No idea? Let’s find out!
To be honest, I find access control models quite fascinating. Especially models like the"Brewer and Nash model" that can dynamically modify the access rights based on context.
Role-based access control was the one I learned many years ago as a Motorola (pre-bifurcation) product manager.
To be honest, I find access control models quite fascinating. Especially models like the"Brewer and Nash model" that can dynamically modify the access rights based on context.
Reading this glossary entry now.
https://thorteaches.com/glossary/brewer-nash-bn-model/
Cool! It was a crucial topic for the CISSP exam.