Authorization: RBAC, ABAC, ReBAC & PBAC
Control what authenticated users can do using role, attribute, relationship, or policy-based models
7 docs tagged with "access-control"
View all tagsCIA Triad and Zero Trust
Understand the fundamental security goals and the zero trust model
Complete Mediation and Fail Securely
Check every access request and break secure, not open
High-Compliance Systems: Audit and Segregation of Duties
TL;DR
Identity & Access
Manage who can access what, how they prove identity, and how access is controlled
Least Privilege and Separation of Duties
Minimize permissions and distribute authority to limit blast radius
Proxy Pattern
TL;DR