Questions tagged [access-control]

Access control is the process of limiting the access of ability of users or services to certain resources.

Historically, there have been several access control models:

discretionary access control (DAC): In computer security, discretionary access control (DAC) is a type of access control defined by the Trusted Computer System Evaluation Criteria "as a means of restricting access to objects based on the identity of subjects and/or groups to which they belong. (source: Wikipedia)
mandatory access control (MAC): The mandatory part of the definition indicates that enforcement of controls is performed by administrators and the operating system. This is in contrast to the default security mechanism of Discretionary Access Control (DAC) where enforcement is left to the discretion of users.(source: wikipedia)
Role-based access control (RBAC): Role-based access control (RBAC) is a method of regulating access to computer or network resources based on the roles of individual users within an enterprise. RBAC was formally defined by NIST, the National Institute of Standards and Technology. More can be found on their website.
Attribute-based access control (ABAC): ABAC extends the way RBAC works. Instead of just focusing on user identities, roles, and groups, ABAC defines attributes (key-value pairs) that can be used to describe users, resources, actions, and context. With ABAC, it is possible to define finer-grained access policies. A common language used to define ABAC is XACML. NIST is currently formalizing ABAC. See their website for more information.

1370 questions

votes

6 answers

Access control for cross site requests in Internet Explorer

I am trying to make an AJAX call from several domains to a single one which will handle the request. Enabling Cross domain in Firefox and Chrome was easy by setting the header on the handling server: header("Access-Control-Allow-Origin: *"); But…

asked Jan 11 '10 at 20:29

Aleksandar Janković

votes

4 answers

Control access to files based on DB values with PHP/Apache

What i want I'm making a system where, when a user uploads an image it goes to the folder images, where there is two copies of the image, a thumb and a bigger one. Now, when a user uploads an image it's done alongside insertion of a row in a MySQL…

php apache file access-control

asked May 17 '11 at 12:26

Kristoffer la Cour

2,591
3
25
36

votes

2 answers

IE CORS - Access-Control-Allow-Headers error even though headers are specified

I'm currently submitting an AJAX request on a web page to an API endpoint which works in Chrome and Firefox but not in IE. The error message I'm getting in IE's dev tools is: SEC7123: Request header x-custom-header was not present in the…

javascript internet-explorer cors cross-domain access-control

asked Aug 15 '18 at 10:43

James B.

votes

6 answers

Building a download area with users and groups taken from an external database

I'm searching for a free and open source document/content management system (web-based) to implement a download area, where some people can upload files, someother can download them, depending on permissions. It must be possible to create folders…

database open-source file-upload access-control dms

asked Feb 07 '11 at 10:23

bluish

26,356
27
122
180

votes

3 answers

private(set) raises 'self' is immutable within struct

I don't know if I am just too tired, but I think there is more to it. (I tried two cups of coffee, but still couldn't solve the problem...) I want to make a variable read-only from the outside, but writable through methods. (So like in that example…

ios swift access-control

asked Feb 12 '18 at 19:46

Tysac

votes

2 answers

Implementing ACL for my PHP application

My RealEstate PHP Application have following user groups, Admins, Moderators Agents i want to specify following permission to the following users. Admins - > Can Create Moderators, Can Create Agents, Can Insert Properties, Can Update…

php acl access-control

asked Dec 11 '10 at 07:10

Ibrahim Azhar Armar

25,288
35
131
207

votes

1 answer

RBAC - How to implement per instance access control? (DDD)

In my DDD application written in javascript (Node.js), I am stumbling on the implementation of the authorization generic subdomain. I checked on the RBAC / ACL authorization models on how to implement this, but they don't seem to have per-instance…

authorization domain-driven-design access-control rbac

asked Nov 04 '15 at 06:55

Ludovic C

2,855
20
40

votes

4 answers

Making default constructor private in Qt custom object

I'm reading this Qt doc page about custom types, and it states the following: The default constructor, copy constructor and destructor are all required, and must be public, if the type is to be integrated into the meta-object system. Suppose I…

c++ qt constructor friend access-control

asked Sep 15 '15 at 14:08

ABCplus

3,981
3
27
43

votes

1 answer

Fine Grained Access Control with Amazon Dynamo DB with Horizontal Information Hiding

I've already gone through the documentation and it closely mirrors my use-case except that I cannot use Google, Facebook or Amazon as my identity provider, but I already have an enterprise level OAuth 2.0 access token for authenticated users. I…

amazon-web-services amazon-dynamodb multi-tenant access-control amazon-iam

asked Jul 20 '15 at 11:15

Agraj

votes

5 answers

Header not being set for OPTIONS Ajax request

I have an ascx page GetToken.ashx. public void ProcessRequest (HttpContext context) { context.Response.ContentType = "text/plain"; context.Response.AppendHeader("Access-Control-Allow-Origin", "*"); …

asp.net ajax iis-7 get access-control

asked Apr 14 '15 at 17:36

Tom Gullen

61,249
84
283
456

votes

6 answers

Pundit Headless Policy

I'm using pundit for access control in the admin section of my app. I have a dashboards controller that looks like this: class Admin::DashboardsController < AdminController def index @total_revenue = Order.total_revenue authorize…

ruby-on-rails ruby-on-rails-4 access-control pundit

asked Aug 05 '14 at 14:32

Edward Loveall

1,983
1
19
34

votes

1 answer

How to do (role-based) access control in Yesod?

I'm wondering what the best approach for adding roles to users / permissions to Handlers or resources in Yesod is. Does anyone have prior art for this kind of thing? Are there any approaches that leverage the type-system to help prevent slip-ups…

haskell authorization yesod access-control rbac

asked Mar 09 '14 at 15:52

Rehno Lindeque

4,236
2
23
31

votes

1 answer

MySQL database schema for user and group access control

I've been trying to find a solution to this problem for a couple of days now and I just can't seem to come up with something that works. The problem is the following: I am currently developing a statistics tool that shows some graphs and data for…

mysql access-control

asked Apr 11 '13 at 15:33

Anpan

1,146
1
10
20

votes

4 answers

XACML implementation

I am novice to XACML policies. Can you specify me how to implement XACML policies. I have tried different API's. But for my project I need to implement XACML evaluation engine. So, can you help me providing the implementation details. Which language…

java authorization access-control xacml

asked Jan 29 '13 at 19:18

user2022887

votes

1 answer

Class friendship - a puzzle

I am an object-oriented programming enthusiast at a beginner level. I have encountered the following puzzle: class A { }; class B { protected: friend class A; }; class C { public: friend class B; }; Referring to the sample code…

c++ class inheritance friend access-control

asked Jan 17 '13 at 12:19

Prz3m3k

Prev 1 2 3

…

91 92 Next