Questions tagged [access-control]

Access control is the process of limiting the access of ability of users or services to certain resources.

Historically, there have been several access control models:

discretionary access control (DAC): In computer security, discretionary access control (DAC) is a type of access control defined by the Trusted Computer System Evaluation Criteria "as a means of restricting access to objects based on the identity of subjects and/or groups to which they belong. (source: Wikipedia)
mandatory access control (MAC): The mandatory part of the definition indicates that enforcement of controls is performed by administrators and the operating system. This is in contrast to the default security mechanism of Discretionary Access Control (DAC) where enforcement is left to the discretion of users.(source: wikipedia)
Role-based access control (RBAC): Role-based access control (RBAC) is a method of regulating access to computer or network resources based on the roles of individual users within an enterprise. RBAC was formally defined by NIST, the National Institute of Standards and Technology. More can be found on their website.
Attribute-based access control (ABAC): ABAC extends the way RBAC works. Instead of just focusing on user identities, roles, and groups, ABAC defines attributes (key-value pairs) that can be used to describe users, resources, actions, and context. With ABAC, it is possible to define finer-grained access policies. A common language used to define ABAC is XACML. NIST is currently formalizing ABAC. See their website for more information.

1370 questions

255

votes

8 answers

Prevent pushing to master on GitHub?

GitHub allows you to configure your repository so that users can't force push to master, but is there a way to prevent pushing to master entirely? I'm hoping to make it so that the only way of adding to commits to master is through the GitHub pull…

asked Sep 10 '17 at 23:34

joshlf

21,822
11
69
96

210

votes

12 answers

Role-based access control (RBAC) vs. Claims-based access control (CBAC) in ASP.NET MVC

What are the main benefits of using CBAC vs. RBAC? When is it better to use CBAC and when is it better to use RBAC? I'm trying to understand the general concepts of the CBAC model but the general idea is still not clear for me.

asp.net-mvc claims-based-identity access-control role-base-authorization role-based

asked Apr 02 '14 at 14:05

Mr. Pumpkin

6,212
6
44
60

157

votes

10 answers

What is a good example to differentiate between fileprivate and private in Swift3

This article has been helpful in understanding the new access specifiers in Swift 3. It also gives some examples of different usages of fileprivate and private. My question is - isn't using fileprivate on a function that is going to be used only…

swift swift3 private access-control access-specifier

asked Aug 18 '16 at 20:49

Nikita P

4,226
5
31
55

votes

2 answers

Access Control in Domain Driven Design

I read about DDD and Access Control, and I found some contradiction between the following two opinions: "security concerns should be handled outside the domain" "access control requirements are domain specific" I am looking for a best practice…

security domain-driven-design access-control

asked May 05 '14 at 04:16

inf3rno

24,976
11
115
197

votes

9 answers

How to create a user in Oracle 11g and grant permissions

Can someone advise me on how to create a user in Oracle 11g and only grant that user the ability only to execute one particular stored procedure and the tables in that procedure. I am not really sure how to do this!

oracle oracle11g access-control

asked Feb 25 '12 at 19:50

Andy5

2,319
11
45
91

votes

7 answers

Overriding public virtual functions with private functions in C++

Is there is any reason to make the permissions on an overridden C++ virtual function different from the base class? Is there any danger in doing so? For example: class base { public: virtual int foo(double) = 0; } class child : public…

c++ overriding access-control virtual-functions

asked Jan 27 '09 at 18:24

Ben Martin

1,470
2
13
16

votes

4 answers

Is this key-oriented access-protection pattern a known idiom?

Matthieu M. brought up a pattern for access-protection in this answer that i'd seen before, but never conciously considered a pattern: class SomeKey { friend class Foo; SomeKey() {} // possibly make it non-copyable too }; class Bar…

c++ design-patterns friend access-control

asked Jul 10 '10 at 16:43

Georg Fritzsche

97,545
26
194
236

votes

3 answers

How to implement Permission Based Access Control with Asp.Net Core

I am trying to implement permission based access control with aspnet core. For dynamically managing user roles and permissions(create_product, delete_product etc.), they are stored in the database. Data Model is like…

c# asp.net-mvc asp.net-core access-control

asked Apr 06 '16 at 08:38

adem caglin

22,700
10
58
78

votes

3 answers

How to make an instance property only visible to subclass?

I'm trying to declare an instance property in Swift so that it is only visible to its class and subclasses. I believe this would be referred to as a protected property in other languages. Is there a way to achieve this in Swift?

swift access-control

asked Jan 14 '15 at 16:39

nwales

3,521
2
25
47

votes

10 answers

Best Role-Based Access Control (RBAC) database model

What is the best database schema to track role-based access controls for a web application? I am using Rails, but the RBAC plugin linked by Google looks unmaintained (only 300 commits to SVN; latest was almost a year ago). The concept is simple…

ruby-on-rails permissions roles access-control rbac

asked Oct 10 '08 at 05:42

JasonSmith

72,674
22
123
149

votes

3 answers

public struct in framework init is inaccessible due to 'internal' protection level in compiler

I have a struct in a framework called "MyFramework" public struct ShipmentPackage:Encodable { let package_code:String let weight:Float } Then when I try to create a ShipmentPackage in another project/framework import MyFramework let onePackage…

swift access-control swift-custom-framework

asked Feb 13 '19 at 15:01

Qiquan Lu

votes

7 answers

Font Awesome icons not showing in Chrome, a MaxCDN related Cross-Origin Resource Sharing policy issue

just noticed on several websites that the font awesome icons aren's showing in Google Chrome. The console shows the following error: Font from origin 'http://cdn.keywest.life' has been blocked from loading by Cross-Origin Resource Sharing…

google-chrome cdn font-awesome access-control cross-domain-policy

asked Sep 30 '14 at 15:51

Yatko

8,715
9
40
46

votes

6 answers

How to Block an IP address range using the .htaccess file

I have detected that a range of IP addresses may be used in a malicious way and I don't know how to block it. I would like to block the range 66.249.74.* from accessing my website by using the .htaccess file.

.htaccess ip-address access-control

asked Aug 28 '13 at 08:35

Msy Marina

votes

3 answers

PHP: How can I block direct URL access to a file, but still allow it to be downloaded by logged in users?

I have a website where users should be able to log in and listen to a song (a self-created mp3). I want to make it so the logged in user can listen/download/whatever, and the file should reside on the server (not be stored in the MySQL database),…

php .htaccess access-control hotlinking

asked Aug 19 '11 at 20:39

Bing

3,071
6
42
81

votes

2 answers

jQuery.getJSON - Access-Control-Allow-Origin Issue

I'm jusing jQuery's $.getJSON() function to return a short set of JSON data. I've got the JSON data sitting on a url such as example.com. I didn't realize it, but as I was accessing that same url, the JSON data couldn't be loaded. I followed…

javascript jquery json xmlhttprequest access-control

asked Jun 18 '11 at 14:19

Mike

2 3

…

91 92 Next