Moved a directory, changed some filenames
This commit is contained in:
parent
ae27a60bcf
commit
347706835e
195 changed files with 696 additions and 255 deletions
|
|
@ -6,7 +6,7 @@ tags:
|
|||
|
||||
# Authorization vs. Access Control
|
||||
|
||||
[Authorization](../Standards/ISO27x/Authorization.md) defines _what_ a user (or system) is allowed to do, [access control ](Access%20Control.md) is the _system_ or _process_ that enforces those defined permissions.
|
||||
[Authorization](../Standards/ISO27x/about/Authorization.md) defines _what_ a user (or system) is allowed to do, [access control ](Access%20Control.md) is the _system_ or _process_ that enforces those defined permissions.
|
||||
|
||||
## Authorization
|
||||
|
||||
|
|
@ -23,8 +23,8 @@ tags:
|
|||
- **What it is:** Access control is the **mechanism or system that enforces the authorization policies**. It's the technical implementation that actually grants or denies access to a resource based on the authorized permissions.
|
||||
- **The "How":** It answers the question, "How is the 'what' actually applied and managed?"
|
||||
- **Enforcement:** Access control is the act of putting those policies into practice. It involves:
|
||||
- Checking a user's identity ([Authentication](../Standards/ISO27x/Authentication.md)).
|
||||
- Consulting the pre-defined [Authorization](../Standards/ISO27x/Authorization.md)authorization rules.
|
||||
- Checking a user's identity ([Authentication](../Standards/ISO27x/about/Authentication.md)).
|
||||
- Consulting the pre-defined [Authorization](../Standards/ISO27x/about/Authorization.md)authorization rules.
|
||||
- Granting or denying access to specific resources (files, applications, data, network segments, physical locations, etc.) or actions (read, write, delete, execute).
|
||||
- **Examples:**
|
||||
- An Access Control List (ACL) on a file system that specifies which users or groups can read, write, or execute a particular file.
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue