Skip to content

Posts/basic authz #1

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
viktorgt merged 12 commits into from
Aug 25, 2023
Merged

Posts/basic authz #1

viktorgt merged 12 commits into from
Aug 25, 2023

Conversation

@viktorgt
Copy link
Member

@viktorgt viktorgt commented Aug 25, 2023

No description provided.

@viktorgt viktorgt merged commit b681fe3 into main Aug 25, 2023
johannesvollmer
johannesvollmer reviewed Aug 29, 2023
View reviewed changes
_posts/2023-08-22-authz-basics.md
Comment on lines +55 to +59
* ACL (Access Control List): Stemming from its historical roots in the Unix file system, ACLs provide a list of permissions attached to an object. They are inherently a means to define which user have access to specific objects and the operations they can perform on them.

* RBAC (Role-Based Access Control): A more structured approach, RBAC assigns permissions to specific roles rather than individual users. Users are then assigned to roles. This model offers simplicity and scalability, especially in larger systems where defining permissions for each user can become unwieldy.

* ABAC (Attribute-Based Access Control): A more dynamic approach, ABAC bases access decisions on policies derived from various attributes—be it of the user, the resource, or even the surrounding environment. For instance, a document might only be accessible during working hours or if a user is located in a specific country. This approach provides nuanced, context-aware authorization.
Copy link
Member

@johannesvollmer johannesvollmer Aug 29, 2023
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

for each of those, it would be nice to see a very simple one-sentence example. something less abstract. or maybe something like: This would be most appropriate for a Twitter-Like/Multipalyer Game/Finance Administration/Planning Software/... Or maybe a comparison to an analog human equivalent? for example: in medieval times, only the king could do some things, while other things could be done by people with a wax-sealed letter

Copy link
Member Author

@viktorgt viktorgt Aug 29, 2023

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Good point, I will try to find good examples.

Copy link
Member Author

@viktorgt viktorgt Sep 21, 2023

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Added examples together with the new article.

@viktorgt viktorgt deleted the posts/basic_authz branch September 21, 2023 17:35
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@johannesvollmer johannesvollmer johannesvollmer left review comments

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@viktorgt @johannesvollmer