Chapter 3: Access Control - Access Control Techniques and Technologies

After determining the framework that will be used for access control, it is then appropriate to decide appropriate techniques, along with the technology, to support the chosen framework. The first technique is called rule-based access. It is kind of like an if statement in object oriented programming. If a certain condition is true, then the subject can access objects within the predefined rules. Another technique would be a restricted interface, which limits a user's access to objects as the name implies. Access that is context based looks at situations rather than being only based on identity. Content based access makes decisions based on data. One that is really straightforward is the compatibility table. The subject shows what objects and operations the subject can access. The same is true for an access control list. Another technique that is related to the latter but not completely the same is the matrix. It is a table that shows subject object relationships.