1 / 6

Which Access Control Mechanism is Best for the Cloud?

Choosing the right model is key to cloud security:<br>MAC u2013 Central authority controls access; ideal for high-security sectors.<br>DAC u2013 Data owner controls access; suitable for flexible corporate use.<br>RBAC u2013 Role-based access; great for structured business roles.<br>ABAC u2013 Attribute-based access; best for dynamic, scalable cloud setups.<br>ABAC is often the top choice for cloud flexibility. Whatu2019s your go-to model?

Azpirantz
Download Presentation

Which Access Control Mechanism is Best for the Cloud?

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Exploring Access Control Mechanisms Which Fits Best in the Cloud?

  2. 1. Mandatory Access Control (MAC) Principle: Access rights are enforced by a central authority based on regulations and policies. Components: Security Server, Data Server, Client Process: The client requests access. The Security Server checks access rights according to predefined rules. The Security Server grants or denies access based on these rules. Usage: Typically used in highly secure environments like government and military systems.

  3. 2. Discretionary Access Control (DAC) Principle: The owner of the resource (Data Owner) controls the access permissions. Components: Data Owner, Data Server, User Process: The User requests access. The Data Owner checks access rights. Access is granted or denied based on the owner’s discretion. Usage: Common in systems where data owners need flexibility in managing access rights, such as in corporate environments.

  4. 3. Role-Based Access Control (RBAC) Principle: Access is granted based on the roles assigned to users within an organization. Components: User, Service Application, Roles Process: The User makes an access request. The Service Application checks the user's roles and corresponding permissions. Access is granted or denied based on the roles assigned. Usage: Widely used in business environments where users need access to certain resources based on their job function.

  5. 4. Attribute-Based Access Control (ABAC) Principle: Access is granted based on attributes (e.g., user attributes, resource attributes, environment attributes). Components: User, Policy Enforcement Point, Policy Decision Point, Service Application, Attribute Server Process: The User requests access. The Policy Enforcement Point evaluates the request. The Policy Decision Point makes the access decision based on policies and attributes provided by the Attribute Server. Access is granted or denied based on a combination of these attributes. Usage: Ideal for dynamic environments where access decisions need to consider multiple factors, such as cloud environments.

More Related